OpenSourcerer 1435 Posted ... We've got a new subforum for rants about other VPN providers. Let's start with something delicious (~@sheivoko). I once posted a thread in the Off-Topic forums about honeypots, copied from the cryptostorm forums. Instead of a discussion about honeypots, it escalated to a discussion about cryptostorm. I stopped it because it got off-topic itself. Mr. sheivoko and Mr. Khariz (and anyone else as well), you may continue your discussion in this specialized thread. Cryptostorm is/was affiliated with a certain Mr. Douglas Spink. The name Spink is connected to drugs and animal brothels/bestiality. You can read the whole conversation following the link above.If you want to discuss, continue here. You may quote from the thread above. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Khariz 109 Posted ... Okay, well I will kick it off, especially because you called me out. I make no secret of the fact the I am an avid supporter of CryptoStorm. I hold an "aleph token" with them, which makes me a lifetime member, but I also buy a new standard token every year to continue to support the entity as much as I can. I truly think that Cryptostorm is as perfect as you can get with a VPN. Before I elaborate, let's get this out of he way: I couldn't care less what Mr. Spink does/did in his personal life. I bet half the people who use this forum have been involved in some way or another with "drugs" at some point or another in their life. Granted, I figure a much lesser percentage will have been involved with bestiality, but to each their own (and I have no proof that he has been, nor do I care). Whether or not I've let a dog lick some peanut butter off my wang, or screwed a goat, doesn't make me any less of a privacy activist or amazing VPN service organizer and staff member. If anyone here wants to automatically disregard all of the awesome points there are about CryptoStorm because ONE of the staff members might have committed bestiality, then so be it. I think the technological achievements speak for themselves though. For those of you who don't know, CryptoStorm is designed from the ground-up for the service to not know who you are, even before and during your "subscribing" to the service. This is accomplished through their token system. You can buy a token from anyone you want. I can sell you mine, you can buy one from a token seller, or from CS itself if you don't care about that extra layer of privacy. You log in with your (hashed) token and nothing else. No e-mail, no password, nothing. All they know is when a token is set to expire. They don't know who you are and don't care. Tokens are freely transferable. If I buy 10 tokens, I can sell them to 10 different people and CS has no clue who any of those ten people are. It's brilliant. They log nothing. They log even less than AirVPN, and they don't keep any active session data either. There's really no way to track the users at all. They null route all of the logging functions that are inherent in the system. You can read more about that here: https://cryptostorm.org/viewtopic.php?f=47&t=6332&p=10139 Contrary to popular belief, CS is just as open source as AirVPN is. You can get the code for whatever you want on their github, and if anything is missing, just ask for it on the forum and you'll get it forthwith. They encourage the use of OpenVPN rather than their proprietary client, which the call the "widget". df will supply you the source code for the widget if you want it. It's just an OpenVPN wrapper though, so that less tech saavy users can just use it out of the box. See the github for details on how stuff works: https://github.com/cryptostorm Another innovation of theirs that I feel the need to highlight is their DNS system, which they have dubbed "deepDNS". I personally find this to be the best DNS option out there, especially with the newest addition to the DNS, which they are calling TrackerSmacker. DNS is run on each server, just as it is here at AirVPN. Unlike AirVPN though, when you are using the CS DNS, you are able to natively resolve .onion and .i2p extentions without even being on TOR or the Invisible Internet Project. You are just happily browsing away in your browser, going to .com to .onion at will, with no need for TOR. You can, of course, use TOR over the VPN if you want, but it's just not necessary. DeepDNS has no logging of course, and as of about a week ago, it no protects you from malicious trackers and ad-based malware automatically (you can opt out and be tracked by malicious crap if you want to, due to your overly-libertarian beliefs or whatever). See here for some information on the deepDNS: https://github.com/cryptostorm/cstorm_deepDNS and see here for details on the TrackerSmacker: https://cryptostorm.org/viewtopic.php?f=46&t=8981&p=15603 I could speak ad naseum over all the reasons that I think CS is the best VPN out there, but I'll stop here for now. Maybe I'll expound more later. There's so many awesome things to talk about, but I'm done geeking out for the present moment. TL;DR? There's only two VPN Services that I trust with my data, and those VPN Services are AirVPN and CryptoStorm. There is no VPN service out there that is better than either one of these. CS is technically my primary VPN. I just feel ever so slighly more comfortable on their network. But I use AirVPN on a daily basis too. If you can get over the fact that some dude might like animals, you may think CS is pretty awesome too! Quote Share this post Link to post
OpenSourcerer 1435 Posted ... I've read about the token system, and honestly, this is something revolutionary. Really like the idea. I find my choice of servers a bit too thin there, they've got less than AirVPN. If Cryptostorm is your primary VPN service, why use AirVPN? (Sent via Tapatalk - this generally means I'm not sitting in front of my PC) Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Staff 9973 Posted ... Hello! This is accomplished through their token system. You can buy a token from anyone you want. I can sell you mine, you can buy one from a token seller, or from CS itself if you don't care about that extra layer of privacy. You log in with your (hashed) token and nothing else. No e-mail, no password, nothing. All they know is when a token is set to expire. They don't know who you are and don't care. Tokens are freely transferable. If I buy 10 tokens, I can sell them to 10 different people and CS has no clue who any of those ten people are. It's brilliant. I've read about the token system, and honestly, this is something revolutionary. Frankly it does not seem revolutionary. It's a viable method that could and has been used since the birth of OpenVPN, with different names. How does it differ from buying and selling certificates and keys, or even coupon codes, with AirVPN or any other VPN supporting a proper OpenVPN implementation? It's not that if you find a new name for a procedure you make it "revolutionary"... and just like with CS, you can connect to any AirVPN server without logging any account in anywhere. They log nothing. They log even less than AirVPN, and they don't keep any active session data either. There's really no way to track the users at all. They null route all of the logging functions that are inherent in the system. You can read more about that here: https://cryptostorm.org/viewtopic.php?f=47&t=6332&p=10139 Well, from the link you provided, they log more than AirVPN. See here: You can set the main and status logs to /dev/null to truly disable logging, but that will mean the provider won't have access to useful stats such as how many users are currently connected to an instance (and thus, to each physical server). Most of them (including us) need that information to keep track of how busy a particular server is.Since we don't like the idea of real IPs showing up anywhere in the status logs - temporarily, permanently, or anywhere in between - but we still need in operational terms to know how many people are connected to each server, we modified the OpenVPN source so that the number of connected users can still be viewed So: we send OpenVPN logs to /dev/null and we keep the same stats with a different method in RAM (while they keep them in HDD?), losing them when the session is over. They modified OpenVPN source (has this source code modification been peer reviewed properly?) to NOT send OpenVPN logs to /dev/null. Honestly, who logs more? Both approaches are interesting in our opinion, but don't say that we log more than Cryptostom. Another innovation of theirs that I feel the need to highlight is their DNS system, which they have dubbed "deepDNS". I personally find this to be the best DNS option out there, especially with the newest addition to the DNS, which they are calling TrackerSmacker. DNS is run on each server, just as it is here at AirVPN. Unlike AirVPN though, when you are using the CS DNS, you are able to natively resolve .onion and .i2p extentions without even being on TOR or the Invisible Internet Project. Just like with tor2web service and similar services. However: is it really a good idea to access onion sites from outside Tor? Think about it, we'll do the same. Kind regards 1 OmniNegro reacted to this Quote Share this post Link to post
OpenSourcerer 1435 Posted ... How does it differ from buying and selling certificates and keys, or even coupon codes, with AirVPN or any other VPN supporting a proper OpenVPN implementation? They're bound to user accounts while network tokens are not. You require registering a username with an email address (even if it doesn't need to be valid), this account is able to buy premium and connect to the servers. Private keys are bound to an account. Coupon codes need to be activated with an account. You know the account status of an account, and things like purchase history and even which ports were forwarded. The only thing Cryptostorm knows is when a token expires. Sounds pretty new and shiny to me. Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
Khariz 109 Posted ... If Cryptostorm is your primary VPN service, why use AirVPN? That's a fair question. Remember, though, I'm the dude that is subscribed to 15 different VPN services at the moment. I love to compare, contrast, fiddle around with, and just generally come to understand the various competition VPN services out there, for nothing other than my personal gratification. But with AirVPN in particular, I consider it an integral part of my redundancy system. I can't just assume that any one VPN network will always be up and ready when I want to use it (even though none of my preferred providers have ever gone down). I think everyone having two or more companies they trust with their data is a good thing. It makes me feel better knowing that I have two entities that aren't uber-logging everything I do on the internet. Honestly, who logs more? Both approaches are interesting in our opinion, but don't say that we log more than Cryptostom. Unfortunately, it's an easy assumption to make. Whereas CS has continuously been very specific about how exactly they prevent logging on their servers, up to and including the commands they execute on their end to prevent logging, we just sort of "take your word for it" over here. You have to understand that I believe you, AirVPN, otherwise I wouldn't be here, but I like the very specific language provided over there. But I'll concede that it was only an assumption on my part, and that perhaps AirVPN does log less than CS. There's no way for me to know for sure, obviously. I find it heartwarming that Staff bothered to comment on this thread at all. The fact that you wanted to prove me wrong in the first place, and that you provided technical knowledge in doing so tells me that you want to keep the trust of your customers, and I like that. Quote Share this post Link to post
Staff 9973 Posted ... Hello giganerd, it's identical. Replace "token" with "certificate" and "key" and you get the same outcome. The buyer does not even need to know any username. If you want to be a reseller, registering a username does not make any difference. Why it would be needed is a totally different matter: when you get your token, then you need OpenVPN certificates and keys anyway, so why not getting certificate and key directly without any additional procedure? It's nice anyway that they have resellers. However, when we wanted to see their resellers in https://resellers.cryptostorm.org we got a certificate warning, they made a mistake which is quite disturbing because it is a symptom of a certain negligence in what they do. Kind regards 1 OmniNegro reacted to this Quote Share this post Link to post
Staff 9973 Posted ... Honestly, who logs more? Both approaches are interesting in our opinion, but don't say that we log more than Cryptostom. Unfortunately, it's an easy assumption to make. Whereas CS has continuously been very specific about how exactly they prevent logging on their servers, up to and including the commands they execute on their end to prevent logging, we just sort of "take your word for it" over here. You have to understand that I believe you, AirVPN, otherwise I wouldn't be here, but I like the very specific language provided over there. Hello! Ok! This is our line of thought (for the readers in general: we see that you already agree, so it's not meant to you specifically): since when declaring to run a modified and recompiled version of OpenVPN is more credible or more technically accurate than declaring to send OpenVPN logs to /dev/null? Both declarations are identical in credibility and accuracy. If one believes them both, then one must conclude that we don't log more than Cryptostorm. If one doesn't believe one of them, one must not believe the other as well. To see things more in perspective, however, and above all to remain honest, it must be said (as we have done clearly since years ago) that both methods and in general all no logging methods are ineffective to prevent external wiretapping and correlations with "black boxes" connected to servers. We faced this problem even before starting the AirVPN project and we wrote some articles about what we call "partition of trust" to show how some powerful adversaries can be defeated and also in order to put into clear terms which adversaries can NOT be defeated by any VPN alone, without the help of partition of trust. Incidentally, partition of trust allows you to use a service without having to blindly believe in what the service administrators claim. For example in 2012 we wrote:https://airvpn.org/topic/5149-whats-the-point-of-vpn-over-tor/?do=findComment&comment=5377 Kind regards 1 Khariz reacted to this Quote Share this post Link to post
zhang888 1066 Posted ... They change servers without warning, currently most of their servers are in 5 eyes countries,navigating on forums is impossible because of the wierd fonts and tons of markov chainpseudo-technical talks which are either known facts or some far fetched theories. There is no real company behind it, and that's a bad thing since it means you don't knowwho you actually trust. And generally it looks like the average age of their Staff is about 18. 1 User of AirVPN reacted to this Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
Khariz 109 Posted ... This seems to fit in this thread. I think it's worth reading. Here is AirVPN's response to a user's support ticket regarding logging: Hello!We use ram disks and we send OpenVPN logs to /dev/nullIt is totally unnecessary to keep logs to show you the data you can see in your control panel while a connection to a VPN server is still active.About the 5 GB limit to obtain a refund, that's a non-enforceable clause, that anyway you are bound (as a gentleman) to respect if you ask for a refund. We have no way to discover this, if you cheat, so in practice refunds are always guaranteed regardless of the amount of exchanged data.On the contrary, we DO log the starting date of an account subscription. That's obviously mandatory for fiscal reasons and to determine when a subscription will end. Keeping the starting date of a subscription can not be considered a privacy breach, not even with the most fantastic arguments.It's not unusual to see non-enforceable clauses in various contracts, including VPN services. For example, just like any other VPN service, we forbid certain usage of our services, but since we don't monitor clients traffic it is not always possible to determine the author of a violation "ex-post", and it is impossible to determine it "ex-ante".However, it's important that we put such restrictions on the contract you accept, because a contract breach gives us the rights to perform any investigation we deem appropriate if a proper authority warns us about such violations (think about the prohibition to use our service in any way that infringes - or aid the infringement - of human rights as enshrined in the ECHR).Additionally, and perhaps more importantly, the contract aids to preserve our rights under the EU legal framework. Mere conduit status and liability exemption for users behavior are rights of providers of services in the Information Society that are valid only if precise conditions in articles 12, 13, 14 and 15 of the 2000/31/EC Directive are met.It is critical that we operate correctly in this legal framework if we ("we" all as persons, not only "we" as business operators in a specific field) wish to maintain viability of services that effectively enhance privacy in a world in which some sectors even of western democracies are progressively becoming hostile toward privacy, encryption and anonymity layers. Therefore, the Terms of Service of AirVPN are useful in the end not only to us, but also to all the users and customers of the service.Kind regardsAirVPN Staff Quote Share this post Link to post
Khariz 109 Posted ... Well, so much for CryptoStorm. I regret pseudo-defending Spink:"CryptoStorm creator and owner, Doug Spink, had another spell over the weekend in Zelienople, Pennsylvania and faces a dozen felonies once he completes a psychiatric evaluation. Doug has had quite a few problems with the law starting 15 years ago when he was caught trying to smuggle drugs over the border. And then there's that animal brothel thing he was running... Spink is a very vocal activist for "cross species alliances", a proud "zoophile" who considers beastiality to be a major part of his lifestyle. He doesn't have pets, he has four legged family members that are also his lovers. Doggy Doug was just released from jail in February after being arrested in Canada in November of last year. He served several months before being deported and asked to never return to Canada. The incident in Canada involved an argument with a fellow zoophile, a burning house, a large dog and Doug running through the streets wearing only a towel. Doug ended up being charged with assault with a weapon, uttering threats, possession of a dangerous weapon, resisting a police officer, mischief, breaking and entering and assault. Canada considered adding more time for being in the country illegally but decided they just wanted him gone. But here we are now, Doug's been out of jail less than two months, living with his mom in Pennsylvania and he's already involved in another incident. On Monday evening Doug forced his way into his mom's bedroom and took her gun, a .38 revolver. They argued and struggled over the gun which subsequently went off twice. Doug then took off down the street yelling for someone to call the police because his "house was being robbed". Police caught up with Spink at a convenience store a mile away where he refused to give himself up, biting and clawing at the officers trying to take him into custody. It took more officers and three sets of handcuffs to subdue Doug who was then strapped to a gurney and taken to a hospital for evaluation and treatment for some minor injuries. Doug caused an estimated $5000 in damages and faces felony charges which include five counts of aggravated assault, three counts of discharging a gun into an occupied structure, three counts of criminal mischief, and one count of illegally possessing a firearm. But yeah, sure, go ahead and use Spink's VPN Cryptostorm. Even though Doug has been under observation for years because of his beastiality, I'm sure Cryptostorm, his 4th VPN effort since his first arrest, is still secure. And you'll be supporting the noble cause of cross species sex while in the company of other animal lovers like Doug." Source: http://www.opuniteblue.com/2016/04/cryptostorm-creator-doug-spink-arrested.html 1 OmniNegro reacted to this Quote Share this post Link to post
themangoman 3 Posted ... I find it amazing that people are still using their vpn Quote Share this post Link to post
Guest Posted ... Source: http://www.opuniteblue.com/2016/04/cryptostorm-creator-doug-spink-arrested.html It was quite an amusing read, but I personally wouldn't make an assumption on a service just because of the things he wanna do in his spare time. 1 OpenSourcerer reacted to this Quote Share this post Link to post
wunderbar 26 Posted ... It is bad style to post such nasty and discrediting stuff about any person, unless it is backed up with documented facts / references to reputable sources. Quote Share this post Link to post
OpenSourcerer 1435 Posted ... It is bad style to post such nasty and discrediting stuff about any person, unless it is backed up with documented facts / references to reputable sources.Please refer to my original post and read the thread I linked there. It's all well documented. (Sent via Tapatalk - this generally means I'm not sitting in front of my PC) Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
wunderbar 26 Posted ... No sorry. I only see links not working and an undocumented story at the gossip site vice.com. Quote Share this post Link to post
OpenSourcerer 1435 Posted ... No sorry. I only see links not working and an undocumented story at the gossip site vice.com. Actually, you're right. The Huffington Post article has been deleted. Let's dig in its history. 1 OmniNegro reacted to this Quote Hide OpenSourcerer's signature Hide all signatures NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT. LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too! Want to contact me directly? All relevant methods are on my About me page. Share this post Link to post
zhang888 1066 Posted ... Looks like they actively started to conduct Man-In-the-Middle attacks on their users, and thisalready created quite a storm on Twitter, although not exactly a crypto one. https://twitter.com/ba_lock_ae/status/725123956777312256 I guess this can conclude that the whole buzzword fluff on their barely readable forums, whichyou can use only with disabled 3d party fonts, is a useless random ranting and controversy. Using Snort in preventive mode on a public VPN service nodes is just blatant disrespect towards users. 1 OmniNegro reacted to this Quote Hide zhang888's signature Hide all signatures Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees. Share this post Link to post
satoshitree 1 Posted ... After recently discovering cryptostorm, I was pulled in by their so-called superior security and token system. But I'm glad I fell on this forum thread before making the jump. Sure, one shouldn't always judge a person's personal choices or struggles, but everything has different degrees..People are boycotting Ivanka for being Donald's daughter.. No sorry. I only see links not working and an undocumented story at the gossip site vice.com. It seems the stories are legit:http://www.nydailynews.com/news/national/coke-kingpin-douglas-spink-busted-running-bestiality-farm-washington-state-article-1.165236Here is a recent one from local London, Ontario news site in Canada around his whereabouts before getting deported again:http://www.lfpress.com/2016/02/23/douglas-spink-ordered-returned-to-united-states-where-he-is-wanted-for-animal-crueltyIf this guy owns the business, I would arguably be supporting an animal abuser, dog thief, who also happened be a fugitive on the run. I couldn't care less what Mr. Spink does/did in his personal life. I bet half the people who use this forum have been involved in some way or another with "drugs" at some point or another in their life. Granted, I figure a much lesser percentage will have been involved with bestiality, but to each their own (and I have no proof that he has been, nor do I care). I bet probably no one in this forum was a drug smuggler, apples and oranges. You might not care that he technically rapes animals, but plenty of people would willingly refuse to pay this guy money for a VPN service based on those facts.I'll stick with AirVPN thank you Quote Share this post Link to post
jean claud 45 Posted ... I love Airvpn and its forum, but I do not understand this hatred that reigns here against cryptostorm. I do not find an equivalent attitude with another VPN. Anything that is exaggerated is suspect, is there initially a conflict of people or some other hidden problem? I confess that I ask myself the question ... Quote Share this post Link to post
SDBF 22 Posted ... Animal Cruelty. That alone should disqualify CS for anything. 1 Stan464 reacted to this Quote Share this post Link to post
Khariz 109 Posted ... It really shouldn't. That guy hasn't had anything to do with CS in years. He was never much more than a mouthpiece anyway. He doesn't have anything to do with the technical or operational side of CS. And literally has NOTHING to do with it at all for years. Quote Share this post Link to post
dakkon 0 Posted ... I just switched from Cryptostorm to AirVPN, and I really like it. The Windows client is superior with more options, the DNS leak problems I had are no more, there are much more servers to choose from and the forums are actually readable. However, there is for me a sizeable difference in speed between the two. With CS I had, in normal browsing sessions, almost no difference with or without VPN, but with AirVPN sites and images take perceptible longer to load. Is that just with my setup or can anyone else that used the two compare? Quote Share this post Link to post
go558a83nk 362 Posted ... I just switched from Cryptostorm to AirVPN, and I really like it. The Windows client is superior with more options, the DNS leak problems I had are no more, there are much more servers to choose from and the forums are actually readable. However, there is for me a sizeable difference in speed between the two. With CS I had, in normal browsing sessions, almost no difference with or without VPN, but with AirVPN sites and images take perceptible longer to load. Is that just with my setup or can anyone else that used the two compare? Air servers are known for their speed so it's likely an issue of the different route taken to the Air server you're using vs the CS server you were using. Try different servers, different ports and protocols, mssfix values, and send/receive buffers. Quote Share this post Link to post
dakkon 0 Posted ... I will try that. One thing I noted is that it takes a long time resolving the host. Once the host is resolved and the website is loaded it is as fast as without a VPN on that website. Do you have any clue on what the problem here could be? Seems like it's something with DNS. E: Also it works perfectly fine on my android phone, where I use the same ovpn config as with the windows client. Quote Share this post Link to post