{I've done some merging and moving of posts and threads to keep common topics together topologically - nothing's been edited, deleted, or modified in any way in terms of post contents, etc. - as always, if this seems like it could be done better, tell us how & we'll most likely stick a 'moderator' title on you and ask you to do it yourself! -fausty}

------------------------------

This EU directive is something we are following closely at Baneki - though it doesn't apply to our business structure as we do not qualify as an ISP, it is certainly a reason why some of our customers are choosing 24/7 VPN protection rather than just running plantext data through their EU-based ISPs.


Internet Users Communication to Be Followed by EU
April 6, 2009, Monday


Internet Users Communication to Be Followed by EU: Internet Users Communication to Be Followed by EU
The data stored does not include the content of e-mails and websites, nor a recording of a net phone call, but is used to determine connections between individuals. File photo

Details of user e-mails, website visits and net phone calls will be stored by Internet service providers (ISPs) starting Monday under an EU directive.

All ISPs in the EU will have to store the records for a year, the BBC reported. An EU directive which requires telecoms firms to hold on to telephone records for twelve months is already in force. The data stored does not include the content of e-mails and websites, nor a recording of a net phone call, but is used to determine connections between individuals.

Authorities can get access to the stored records with a warrant only.

"That is a crazy directive with potentially dangerous repercussions for citizens... The EU passed it by saying it was a commercial matter and not a police matter... Because of that they got it through on a simple vote, rather than needing unanimity, which is required for policing matters... Hopefully, we can see some sort of challenge to this directive", Executive Director of the Open Rights Group, Jim Killock, said.

The plans were drawn up in the wake of the London bombings in 2005. ISPs and telecoms firms have resisted the proposals while some countries in the EU are contesting the directive.

Governments across the EU have now started to implement the directive into their own national legislation. Sweden has decided to ignore the directive completely while there is a challenge going through the German courts at present.

This is pretty simple, actually. We don't do any monitoring, don't keep logs, and don't have any desire or intent to monitor who is doing what. Period.

Therefore, we only open a review if we get some report of this sort of thing from an outside entity. For spam, that'd generally come from the NOC of an ISP that has noticed spam-ish stuff coming out of our IP blocks. For child porn, it would come from law enforcement.

Thus far, I can't recall us ever having a complaint about spam being sent via our network. That's pretty good, and kind of not a surprise - nowadays spam mostly gets served by botnets and stuff. I just don't see our security network being the kind of thing that commercial spammers are going to use - and thus far, no problems (knock wood).

As for child porn, yeah we're pretty serious about this. Do NOT use our network to tangle with that stuff - please. This is the ONLY form of content that, I assure you, we will actually act proactively to hunt down if we find out it's being sent through our network (and by this I mean genuine child porn, not stuff that's ambiguous - such as anime, which is NOT child porn, sorry). We, as a company, have no tolerance for this stuff - that's just how it goes. We're not saying we have some right to force the world to agree with us - but don't use OUR network to send this stuff, that's all.

I am glad to say that, thus far, we have NOT had any child porn reports either. That's a very good thing - the best outcome here, for everyone, is nobody uses our network for this, there's no reports, and no problems for anyone. Spam is just a commercial issue, if we have to deal with that stuff it's not the end of the world. Child porn is far, far more serious - don't fuck with it, not on our network.

In any event, we have neither the ability nor the desire to proactively monitor our customers' use of our network. As we say in our Terms of Service, if somebody shows up at our office someday with a gun and says "either monitor this customer's activity and don't tell them, or shut your company down" - we shut the company down. Period.

Fausty

Quite frankly, your statements are self-contradicting, and I hope you don't mind me pointing this out. If...

Fausty wrote:


... then how does that not extend to all of your customers? Now, I completely understand that your company doesn't want to be creating a haven for child porn, but this is a slippery slope. You are saying that you can monitor your network to find one type of undesirable traffic, so why would anyone trust your network with any information that you would want privacy for?

I don't pretend to know how your network works specifically, and I'm not a network administrator. However, I have a pretty good idea how the internets work. Let's say, hypothetically, that you do receive a complaint from law enforcement about child porn. Since you will "act proactively to hunt down" this content - incidentally, proactively means that you're reacting to a problem before it happens - you are presumably talking about pulling the logs (that you don't keep... supposedly) to link an IP address to a subscriber. If you don't keep logs, you would have no way to tell which subscriber was linked to whichever IP address your VPN gave them. To act proactively, in that case, would mean that you are monitoring the internet activities of every subscriber to check that they're not accessing child porn. Now, you pretty obviously aren't doing this - it would require an enormous effort for virtually no gain on your part.

So, let's assume that you're using "proactively" as an empty buzzword. If that's the case (which I assume it is) then to "catch the predator" you'd have to begin monitoring the activities of your users - which, incidentally, would involve logging. Telling your customer(s) in advance that you plan to begin monitoring them would hardly serve to help the investigation that you would be then aiding. So, in this circumstance you would be monitoring the activity of your customers without telling them. That sort of contradicts your previous statement. Spamming is a pretty minor offense (at least compared to child pornography), but you're clearly willing and able to track down those customers too. It hardly beggars the imagination that, if you're willing to track down customers who are spamming, you'd be more than willing to co-operate with law enforcement on any number of other issues. (Including, possibly, criminal copyright infringement? Or what if a whistleblower decides to promulgate sensitive government documents using your service - sure, you're going to say you wouldn't, but if you're willing to track down spammers, why not a person the police tells you is a "terrorist"? Incidentally - "anime" porn that depicts minors is just as illegal under canadian law as the real stuff. So basically, you're willing to go to bat for one criminal, but not another? Last time I checked, you weren't responsible for determining the application of the laws.)

If this is an accurate representation of your willingness to monitor your customers, then I, for one, have no intention of purchasing your services. I'm not expecting you to advertise that you want pedophiles (I would prefer you don't have any either), but I do expect that your network will be neutral, and never log anything. (As you advertise) Saying that you only log people that you don't dislike (for very good reasons, even) is not the same thing as never logging at all. I don't want pedophiles on your network. What I would want, if I was a customer of yours, is the assurance that my anonymity would never be compromised, for any reason. Monitoring of any kind cannot be on the table for an 'anonymity' service. Ever.

Let me just finish with two sentences from your previous response:

Fausty wrote:


Fausty wrote:


Which Fausty is telling the truth here?

{fyi I managed to mangle this post, which was made by a guest/non-registered account, while trying to quote it in my response - I've recreated it here but to do so had to create a nonexistent registered account with the same userID ('Paranoid') for which I borrowed an old, deactivated spammer account: just wanted to clarify why it's suddenly turned into a "cultureghost member" account instead of a guest post}

I'm not the chief bit slinger around here, but as I see it, yes, if we get CIA/FBI/KGB/Who-freakin-ever here waving letters saying the "either shut down or add a bunch of back doors and stuff to your VPN so that we can start the slippery slope of logging whatever we think we need to know" -- we're getting out of the business for the safety of ALL our customers.

I don't think any of the employees want to be a part of THAT sort of operation once that first hole has been added to the dike.

LH

Someone seeking to create drama can create drama in a white padded room, and it seems clear to me that you're intentionally evading the absolutely clear explanations I've posted here in order to grab at straws. Perhaps the subtleties are a bit too much for you to unpack yourself, so let me boil all the "big words" down to something you can handle:

1. We don't log traffic, monitor traffic, or have any technical mechanism to "track" our customers in the first place. Creating such a mechanism would be expensive, time-consuming, and utterly contrary to why all of us have invested our blood, sweat, and tears in building this company from nothing over the past three years.

2. If some idiot decides to use our system to spread child porn, we will work actively with law enforcement to hunt them down. Just in case the logical connection here isn't entirely clear, I'll go ahead and boldface this so you can follow along: there are more ways to "proactively" assist law enforcement in hunting down a child abusing piece of shit than simply going to our magical (nonexistent) ability to magically track everything they do online. There's things like, ooooh, all the standard procedures that people use to catch child abusing pieces of shit and have used for many years in online investigations. We'll help with those, without hesitation, on our own dime.

Does that help you "understand" or do you want to type a few more pages in desperate search for some bit of drama that you can hang a hat on and feel important? I'm completely supportive of genuine debate about genuine disagreements or philosophical schisms - and I'm just as zero-tolerance of griefer-style non-discourse, non-debate, non-adult "wheeeee look at me I can type on the internets!!" vacuity.

We all know that 1% of people online invest their emotional energies in finding anything useful and smearing it with shit - we've all seen the same pathetic people do the same pathetic things, for decades (well, those of us who have been around for decades online). Like everyone else, I've tried reasoning with trolls, I've tried arguing with trolls, I've tried ignoring trolls. . . none of which has really had much success. Nowadays, I just call them what they are - griefer trolls - and kick them in the ass on the way out the door. The other 99% of people who aren't in it purely for the destructive "good times" of painting life with shit have better things to do than deal with trolls. Not only do I believe in "not feeding the trolls" - I believe in locking them in a box, publicly shaming them, and starving them to death where everyone can watch them wither away and die.

Our "no logging" policy was the first explicit, clear, precise statement by any network security company of its type to be announced, in 2007 (if there's an earlier example, I'd genuinely like to know about it as it's an historical trend I am following as part of an academic project as well). We're proud of it, in no small part because at the time it was first announced, it was deeply controversial and the trolls assured everyone that it was "illegal" not to spy on customers and so on and so forth. We drew a line in the sand, we told everyone where the line is, and we've never hesitated to stick to our guns.

Since then, it's become all but de rigeur to announce "no logging" policies. Not only do other (vaporware) network privacy companies say it, but nowadays even some forward-thinking ISPs have followed our lead. We're really glad to see that - not because we can "brag" about the role we played in blazing that path, but rather because it helps make the world a better place, not just for our customers but for many other folks as well. Imitation is the sincerest form of flatter.

In parallel, we've not once hesitated to make our rejection of (in particular) child-exploitation content clear and specific and publicly-known. We do that not only here, but in the tracker we support. In much the same was as our "no logging" stance has sometimes been ridiculed by trolls as "impossible" or "unreasonable," this rejection of child abusive content has been subject to troll-ish snickering. I don't give a fuck about trolls and their snickering; I care about making good decisions and doing good works, personally and on behalf of the company we've built from nothing. Rather than just taking the easy approach of mumbling the usual "well gee I guess we really hope people don't do that on our network" neutered blather, we've made it 100% clear that we'll actively help hunt down any asshole that abuses our system in that way. In case you're wondering, dear troll, I've a long personal history of doing exactly that in parallel situations - and no I didn't need any "magic network logging superpowers" to do so. It's called "hard work" - look it up.

We've never set out to build a "reasonable" company, in partnership with our customers and the larger community. Instead, we're proudly unreasonable about some things: we're unreasonably dedicated to genuinely free intellectual expression, we're unreasonably committed to a diversity of opinions and viewpoints, we're unreasonably against all flavors of hegemonic censorship - be they driven by economic ends or otherwise. We hold ourselves to unreasonably high standards - and we're unreasonably disappointed when we don't hit those standards 100%, no matter how "understandable" those misses may be. Finally, we're unreasonably convinced that technological tools have the power to shape the fundamental trajectory of social institutions in our ever-more-internetworked world of today and the future. Our tools are absolutely designed to "tip the scales" in the direction of freedom of cultural expression - a goal that supersedes any other tactical milestones to which we hold ourselves on a daily basis.

We're willing and eager to put our "unreasonable" standards to the test in the real world of action, not just as backseat drivers or critics. We're out doing things to help make things better - however small or insignificant or tenuous our company's contribution may be in the context of the global social world we share. Personally I'd rather put words to action - even though that invariably removes me from the potential to declare myself "perfect" from the safe confines of pure theory and opens my actions up to criticism publicly - than sit back and wait for "someone" to do it for me. That's what our company is built on, from the very beginning: actions matter.



Now, if you want to pull up a chair and debate something substantive, I'll gladly do so - and I'll gladly defend my conclusions up until the point they're show to be faulty, at which point I'll concede my error, lean from the experience, and move forward wiser and more fully aware. What I won't do is "argue" about whether water is wet, or whether gravity works, or whether the moon is made of cheese. Not only are such "arguments" an utter waste of time and a rebuke to objective reality and intellectual substance, they tend to serve the purpose of muddying the waters of legitimate discourse and making every factual question seem like "a matter of opinion." Facts, as Churchill quipped, are stubborn things - pretending they are no different from troll-ish opinions isn't a rhetorical trick we accept in our community.

Fausty

Look, I'm not trying to start drama here. The point is, your statements entirely contradict each other. At the very least, it would be nice if you specifically outlined to your users what method(s) you intend to use to track them if they're accused of spamming or sending child pornography across your network. So you don't log. That wasn't what I was questioning. I would, however, like to have your users know how you intend to use your "more ways to "proactively" assist law enforcement". Clearly, if you are acting "proactively" these measures are implemented now. Whatever these are, they should be disclosed to your users.

This isn't a big-picture, ethical debate. I'm happy that you provide this service. I understand that there is always a tradeoff between speed and anonymity. I use the TOR network when I want anonymity, and it may be slow, but I know that no individual or company can compromise me. Your network mainly provides protection against corporate copyright-holders, so you don't need that level of security. The point is, you say that you can and will assist law enforcement in the case of a (specific) crime. How? If your users can be tracked down by you, even if it requires significant effort, they deserve to know how their privacy can be compromised. You've already indicated why it may be compromised, which is very positive, and which I commend you for.

Finally, let me point out the fallacy of saying that there is no slippery slope here. Let's say that you cooperate with law enforcement on tracking down a child molester. Ok. Now, the same agency comes back next month with a request for you to track down someone who has violated another law, which you don't like. Do you really think that law enforcement agencies are going to appreciate it when you tell them that you could track down a person on your network last month, but not this month, because they're breaking a different law? If you are willing to enforce laws, then you must be willing to enforce all the laws. If you are providing anonymity, then every customer must be anonymous. No matter what.

I, personally, am highly unlikely to ever become a paying customer of your network, because if one person can be compromised, no matter how much I and everyone else may hate that one person, then we can all be compromised. And that is not true anonymity.

So as not to muddy the issue, I will restate the question that I was interested in in the first place: You say that you don't monitor your users, yet you can track down individuals who act in an undesirable way on your network. How? And are your users informed that this method may be used against them? Please try to respond without personal attacks or empty platitudes this time.

Really?



You must not be very aware of things outside of some small box that I cannot quite define, but what he said is clearly about OTHER METHODS NOT RELATED TO VPN. Like how criminals always get caught: You talk to thier buddies, etc. Hang out in IRC. Geez. Go watch a cop show or something, buddy. Sheesh.

Well, regardless, it makes for an interesting discussion, and a forum for Fausty to expand on his position, so as always, the trolls are welcome!

LH

Believe it on not, I don't think that many people go to cryptocloud looking for private investigation services. Of course I look at this in a box. Whatever you do outside your VPN network has no bearing on this. If what Fausty's trying to say is that your service is bulletproof and unmonitorable, and seriously nontrivial to compromise, but that it is highly inadvisable to use it for illegal purposes because you can still be tracked using means which do not involve using information unique to your network, then fine, say that. It's pretty obvious that that can happen anyway.

What was said, though, is:


To me, that strongly implies that you will use information from your network to "hunt down" these undesirables. Additionally, not to play the pedant, but "proactively" means acting before this happens, or at least having safeguards in place to prevent said action. That, to me, means that you are engaging in some form of network monitoring, as it is difficult to "talk to their buddies" before you know who they are. Or you may have meant something other than "proactive", and not bothered to clarify that yet.

Well, whatever. You can read "implications" from our dotted "i"s and crossed "t"s until the cows come home. We don't do that, we don't have a way to do that, we don't care if you really want us to do that -- we don't. I'm really starting to question your motives, as they seem no longer interested in reading answers, but more about creating them.

Fausty is AFK for a few, so I'm going to lock this thread just long enough so he can come in and reply as there are a few posts now begging for response.

Feel free to delete this when you get it, Fausty, and fire away!

LH

Believe it or not, I find a gorgeous irony in your "assumption" of this "fact." Had you clicked on any of the links I helpfully supplied in my response already (the are the ones that are underlined, by the way) you'd perhaps see why I - and anyone else with some familiarity with my life history - are chucking at this particular line of argument.

Everyone in the room who has had a federal law enforcement agency offer them a full-time position in electronic surveillance assistance, raise your hand: <raises hand> hmmm, I seem to be the only hand raised. . .

(note I turned that offer down, respectfully, and have continued in recent years to be a virtual Switzerland in regards to which "side" I work for in that great game of intrigue: I work for neither side - except insofar as someone makes the mistake of using a company our team has built from nothing in a way that we find abhorrent, ethically unacceptable, and disrespectful to the entire community}



Look, it could strongly "imply" that the moon is made of cheese and there's nothing I can do - or have any desire to do - to de-imply this cheesed-based misconsrual of the world in which you live. Many criticisms can be leveled at my writing: verbose, pedantic, detail-heavy, etc. I don't recall anyone offering as a critique an inability on my part to say what I mean. As is the case in any troll-based interaction, no effort to "clarify" nor effort to pinch off misreadings will accomplish anything. If the goal is to obfuscate already-elucidated discussion points, then obfuscation will occur - the inevitable argument about whether water is wet ("define wet," "what if it's frozen?," etc.).

To you, the "slippery slope" is merely a rhetorical crutch to use in fostering a penumbra of uncertainty - I live with the consequences of that "slippery slope" each and every day of my life. In fact, it's entirely fair to suggest that the impact that a hypocritical willingness to "bend the rules" has had on my personal and family life is perhaps the central reason why our company takes such a clear-cut, precise, and unambiguous position with regards to the personal privacy of our customers. Heck, I've even published multi-page articles in national print editions decrying the failure of most companies to speak clearly about what the do, and don't do (not to mention substantial detail on data retention, from a statutory and regulatory perspective).

Security - real security in the real world, where the consequences of breaches are significant - is intrinsically dependent on relationships of trust. I've written extensively on this topic in parallel threads, in addition to living the life-and-death consequences of security and security breaches in my own life (including time in prison). We choose who we trust based on our own personal analysis of known facts, areas of uncertainty, and past behavior - our goal in sharing much of the "raw data" of how our company is run, in this forum and elsewhere, is to provide a substantial "fact pattern" with which folks can make their informed judgments. Some will find a use for us in their own security procedures, some undoubtedly won't (such as child abuse proponents). It is neither my job - nor is it of any interest to me whatsoever - to "convince" anyone of anything. My role is to clearly state what we do and don't do - and to ensure that our daily operational procedures are congruent with those synopses.

In short, insofar as you've already indicated you don't have any interest in using a VPN service because it introduces a "single point of failure" in network privacy (and ignoring the fact that the TOR network not only does exactly that, but has been subject to explicit, published, detailed example exploits demonstrating it is entirely vulnerable to single point of failure trust breakdowns - something the Tor project itself is also quite clear to state), then there's nothing further you can learn from me. I can't even tell you where to go to find "network security" that doesn't rely on many points of trust in judging how "secure" it is. Unless you write every line of code, design every IC and hardware component, and personally have sole physical access to every network element and end-user hardware device, it is theoretically impossible not to trust someone in ensuring network security for a given transmission. Even the Unabomber was eventually caught - and he neither used the interwebs, trusted other people, nor relied on outside parties to construct his "tools."

Fausty

What you're saying, in a nutshell, is that your network is a black box, to you and anyone else. You cannot get information about users out of it if you wanted to. What you can do, however, is use methods which do not involve compromising the anonymity of your network for any user. That is, you will not "tap" or in any way modify your network's operations to catch this hypothetical person.

Is that correct? That is the answer that I was looking for, though I (obviously) had no idea that you had any expertise in electronic surveillance when I found your site. What you sell is anonymity on your network. If your network is set up to be anonymous (or as close as you can get), and you aren't going to change that, for any reason, then you are giving your users what you are selling them. That's all I care about.

Let me just say that while I certainly like your service, you may want to work on your sales. Frankly, when you say in the same post that you're unwilling to monitor your users, then that you'll "act proactively to hunt down" certain people on your network, this is an obvious contradiction, and one that you should clarify. Also, proactively is a bad word to use in this context. Furthermore, your extended screeds on who you are or are not have no bearing on what is a pretty simple technical question to answer. A reply like "No, we would nor compromise the anonymity of our network, but I have significant expertise in electronic surveillance and I am confident that I could hunt down these people without compromising our network in any way." ... would have been much more constructive than what you posted, frankly. Also, stop the ad hominems, they get you nowhere. Ooh, I can't understand large words! I'm a troll! And a child abuse proponent now! What's next, comparing me with Hitler?

I am sure your users are well-served by your company. The really obnoxious treatment that I've received here when looking for an answer to a fairly simple question means that I won't be one of them.

I believe that's been said, more than once. In fact, it is said quite clearly in our Terms of Service, and in the first post in this thread. (Technically, the network is not a "black box" and that's not how we achieve a non-logging outcome - our approach is to decouple identifying information from network sessions, to cycle network session identifiers on a rolling basis, and to create structural 'one to many' logic junctions in the Shannon-level information propagation of potentially personally identifiable data - a "black box" is merely an unexplained and non-understood 'magic' system that is purported to achieve a desired output given certain input conditions.)



Unfortunately, you're misapplying the term ad hominem - calling a troll a troll is not an "ad hominem" attack, rather it is a description of a specific behavior. I know exactly nothing about you as a person nor do I pretend to (though you are of course more informed about me, by my choice to make those data available) - by definition, an ad hominem attack involves unsupported assumptions about a person, not their behavior. It's a common error, but still worth correcting.

Rather odd that you'd assume my use of "large words" (which ones are really larger than the others, honestly?) implies you can't understand them. C'mon! That's rather silly. Likewise an attempt to impute some sort of child porn support accusation against you - neither have I suggested that, nor did I think it's the case. Rest assured that if I felt it were true, I'd not hesitate in the least to say it - no imputation required. As to Hitler, well, he's pretty much dead.



Err, you said you weren't going to be a customer in your first response - if I was interested in wooing your custom (which I'm not), I'd have just let your baiting, accusatory response go unanswered. Q.E.D.

I tend to respond to dialog with a "tit for tat" rule: those who initiate discussions with snarky, troll-ish, accusatory posts don't get "the nice Fausty" - while I generally don't resort to full-scale flamethrower invective (very often, at least), I have not the least problem in giving back what is given to me. Read your first (obnoxious) post, and then read my response. What goes around, comes around.

It's a bit assumed nowadays that anyone speaking "on behalf of" a for-profit company isn't allowed to say anything that is passionate or emotional or - heaven forbid - "angry." Fuck that. Our company team is unashamedly composed of actual living beings - we have emotions, and sometimes we're passionate about stuff. That is not something for which we generally offer apologies - though we do try to be respectful, professional participants in discussions we also understand that a genuinely open, unfiltered, uncensored forum will inevitably attract a small percentage of folks looking only to stir up shit. While the rest of our team (generally) tends to avoid such shitstorms, I'm strangely attracted to them. Call it a personal flaw (which it is).



There's plenty of companies out there that communicate only using corporate mumblespeak. We're not one of them. If that makes you loathe to do business with us, so be it. Speaking personally, I'd much rather work with someone who is genuinely passionate (as well as knowledgeable and competent) about what they "do for a living" than with someone just going through the motions. But not everyone feels that way - and we're not the right company for "everyone" nor would we claim to be. You might remember that in this discussion not one word has been edited, removed, or altered - that is perhaps the more substantive issue here. While it's a lot easier to hide behind one-sentence "answers" than it is to engage in real dialog, we choose the harder path. If, at some point, you find yourself in the position of leading a company such as ours, I encourage you to follow your own path - be that what it will.

My role here is not to win the "most popular" contest, nor to present a smarmy, saccharine niceless to anyone who swings through. Indeed I can be rather abrasive - however there are few if any examples of me being abrasive in situations where my interlocutor hasn't already initiated a similar tone. I'd probably make a really bad real estate agent or life insurance salesman - fortunately our company provides neither of those services. We provide network security protection of a sort that places is in the crosshairs of a great deal of exogenous pressure to take the "easy way" and compromise the high standards we place on our service. In this context, I don't see a big disconnect between having at least one person on the team (i.e. me) who is rather a hard ass about such questions. Indeed it seems an essential ingredient to success.

ὅπερ ἔδει δεῖξαι. . .

Regards,

Fausty

Could someone explain how the customer's payment (PayPal, Bank transfer and so forth.) is decoupled from VPN login.


I cannot point to any specific post because I've read so many. I've understood that given my VPN login account, one cannot get to the information I give you after I register. Is this correct?

I've been trying to think of ways it's done but I always end up with some identical data on both sides, that is the paying customer's side (PayPal transaction for example) and customer's VPN login account.


I cannot force my brains to just ignore this tidbit of information, so I'll just ask.
Please correct me when (if?) I've understood something incorrectly.