Tag Archives: VPN

The CIA Dark Triad – Windows, macOS & Linux

According to the WikiLeaks Vault 7 dump the CIA deploys malware that includes the capability to hack, remotely view and/or clone devices running the Windows, macOS, and Linux operating systems.

This seems to suggest that the agency has no problem bypassing encryption, proxies, VPN and that Tor anonymity is a myth.

This does not mean that each of the point solutions offering a product under each of the above headings have been compromised. Rather it means that the OS level hack capability of the CIA – as seen on iOS and Android – means that they can gain full control of the device and render any point solution counter measures moot.

Therefore they subvert the platform which by extension means that anything that is running on the platform is subverted.

Tablet, laptop, smart-phone, AV device – it seems they are all fair game and in that case so is everything that you do on them.

You have been warned.

You are being watched.


Surveillance Self Defense Advice from the Electronic Frontier Foundation

Choosing the VPN That’s Right for You What’s a VPN? VPN stands for “Virtual Private Network.” It enables a computer to send and receive data across shared or public networks as if it is directly connected to the private network—benefiting from the functionality, security, and management policies of the private network.

What is a VPN Good For?

You can use a VPN to connect to the corporate intranet at your office while you’re traveling abroad, while you are at home, or any other time you are out of the office.

You can also use a commercial VPN to encrypt your data as it travels over a public network, such as the Wi-Fi in an Internet café or a hotel. You can use a commercial VPN to circumvent Internet censorship on a network that blocks certain sites or services.

For example, some Chinese users use commercial VPNs to access websites blocked by the Great Firewall. You can also connect to your home network by running your own VPN service, using open source software such as OpenVPN.

What Doesn’t a VPN Do?

A VPN protects your Internet traffic from surveillance on the public network, but it does not protect your data from people on the private network you’re using. If you are using a corporate VPN, then whoever runs the corporate network will see your traffic. If you are using a commercial VPN, whoever runs the service will be able to see your traffic.

A disreputable VPN service might do this deliberately, to collect personal information or other valuable data.

The manager of your corporate or commercial VPN may also be subject to pressure from governments or law enforcement to turn over information about the data you have sent over the network.

You should review your VPN provider’s privacy policy for information about the circumstances under which your VPN provider may turn your data over to governments or law enforcement. You should also take note of the countries in which the VPN provider does business. The provider will be subject to the laws in those countries, which may include both legal requests for your information from that government, and other countries with whom it has a legal assistance treaty.

In some cases, the laws will allow for requests without notice to you or an opportunity to contest the request.

Most commercial VPNs will require you to pay using a credit card, which includes information about you that you may not want to divulge to your VPN provider. If you would like to keep your credit card number from your commercial VPN provider, you may wish to use a VPN provider that accepts Bitcoin, or use temporary or disposable credit card numbers.

Also, please note that the VPN provider may still collect your IP address when you use their service, which can be used to identify you, even if you use an alternative payment method. If you would like to hide your IP address from your VPN provider, you may wish to use Tor when connecting to your VPN.

Republished without editing from the article Choosing the VPN That’s Right for You published and last updated on 2016-06-09 by The Electronic Frontier Foundation.


Anonymizing Your Identity Draws the Attention of Who?

Some companies that you have a registered relationship with, who detect your use of VPN / Proxy Services –  will impose another authentication process on you – which is highly inconvenient, in some cases downright intrusive and often requires you to submit much more personal information than you were required to provide when you originally registered with the service.

The point is this – if you intend to use VPN / Proxy services then get ready to re-authenticate many of the services that you regularly use as a registered customer.

Appropriate Protection 

Very few people want or need Tor, Tails, PGP, Whonix or the host of other helpful TSCM tools to confuse that NSA bogey man or the spook in the corner who is stalking you because of your political views 🙂 – most people just want their traffic protected and avoid having their passwords and emails hacked while using Starbucks wifi.

Enter VPN’s (Virtual Private Network) and proxy servers, both of which are handy tools to protect your privacy and security while using the internet. At home, at work or on public Wi-Fi a good VPN will offer you security features and privacy guarantees that make them worth your while using. Not all VPN’s are created equal though and many do not deserve your trust, so do your research. For the uninitiated VPNs create an encrypted ‘tunnel’ between your computer and the host server, with the internet traffic going in and out of the host server. An open proxy server is a computer that acts as an intermediary between your computer and the internet. Any traffic routed through a proxy server will appear to come from its IP address, not your computer’s.

You want “plug and play”, low to zero learning curve and hands-off ops in your VPN if you are not a power user. Typically you want log free services, zero knowledge (In cryptography, a zero-knowledge proof or zero-knowledge protocol is a method by which one party (the prover) can prove to another party (the verifier) that a given statement is true, without conveying any information apart from the fact that the statement is indeed true), no discrimination based on traffic type or protocols being used, anonymity protection, exit servers to help you get around location-restricted content blocks and trustworthy encryption.

Private Internet Access 

One of the best ones IMHO is Private Internet Access who protect both your privacy and security by encrypting all of the traffic between your device (laptop, PC, cell phone) and their servers. In addition the traffic is anonymized. PIA does not log data about your session or connection details, they don’t discriminate against protocols or IP addresses, and they don’t host any data about their users’ activities at all, anywhere.  They support a number of different authentication and encryption methods, support virtually every mobile and desktop operating system. They also provide connectivity options for your home router so you can stay constantly connected, connect to your home network when you’re away, or customize your solution. They also offer a choice of close to 1000 exit servers in 10 different countries.

But be aware many commercial outfits dislike VPNs and proxy services. In particular, some companies actively discourage and block methods of geolock circumvention. These companies are normally concerned with copyright infringement and the illegal reproduction or distribution of music files, videos, movies, e-books or any other copyrighted digital file.

Hulu and Amazon have actively combated people trying to use their services from other countries and failed miserably. Many other outfits have also been spectacularly unsuccessful in their efforts but there is also a shift occurring in the attitude of companies with whom you have a stated relationship and where your use of a VPN is not to facilitate illegal activity or breach the stated terms and conditions of a service.

Intrusive Requests

In these cases, some companies who you have a registered relationship with, who detect your use of VPN / Proxy Services –  will impose another authentication process on you – which is highly inconvenient, in some cases downright intrusive and in a number of cases required much more personal information that you were required to provide when you originally registered with the services. The point is this – if you intend to use these VPN services then get ready to re-authenticate many of the services that you regularly use as a registered customer.

Here are some examples of my experiences with this in the last few weeks:


Dear Sir,

Thank you for providing as much information to help you with your enquiry. Before continuing, I would like to assure you that any difficulties you have had is acknowledged and your patience is appreciated.

Sir, you need to have a UK phone number so you can verify your account. Ensure that you are making your payment from your country of residence.

If possible attempt to complete the payment from your home computer or the computer you most frequently use to access your PayPal account. To help you in completing a transfer, please call our customer service department. Please call us on 0800 358 7911 (freephone from a UK landline. Rates from overseas landlines and mobiles may vary).

We’re open from 8am to 10pm Monday to Friday, from 8am to 9pm on Saturday and from 9am to 9pm on Sunday. If you’re calling from outside the UK, call 00353 1 436 9004 (international call charges may apply). We appreciate your utmost patience and understanding on this matter.

Thank you for choosing PayPal.

Full Tilt Poker


We are writing to inform you that your Full Tilt account has been temporarily suspended. To protect the integrity of our games, we routinely review accounts and complete player verification. In order to verify your Full Tilt account, please send scanned, clear copies of the following documents to verification@fulltilt.com:

1) Photo ID: One of the following: valid driver’s license, passport, or other government-issued ID that clearly shows your birth date and the ID’s issue or expiry date.

2) Address verification (less than 90 days old): Bank or credit card statement, utility bill, home or auto insurance papers.

3) Digital photo: A digital photograph of you holding your ID document, so that we can compare you to your ID document.

4) Scan of the Card ending 3287.

5) Digital photo with Credit Card: A digital photograph of you holding your Credit Card(s) listed above.


Dear Sir,

Your PokerStars account has been temporarily suspended as part of a routine review.

It has come to our attention that you are connecting to PokerStars via a VPN, proxy, or similar service. Whilst we do not prohibit the use of such services, we have reason to believe that you may be hiding your true location through them.

All players are required to provide accurate account information as per our Terms of Service:

17.5. The User must provide full and truthful information in respect of all details and information requested by PokerStars in connection with the User’s use of the Service subject at all time to the terms of the Privacy Policy. The complete Terms of Service are available here:http://www.pokerstars.com/poker/room/tos/ Please be advised that, on occasion, we may be required to amend the Terms of Service. It is your responsibility to keep up to date with any changes made to the Terms of Service.

Subscribe to New Posts

To be notified as each post is published please FOLLOW THIS BLOG – over there on the right – yes over there in the right column at the top where it says “FOLLOW BLOG VIA EMAIL”.

No new content, no email for you – ever – and we won’t sell your email details either.