Jump to content
Not connected, Your IP: 54.234.227.202
ghostp

Is it really better than a VPN and TOR???

Recommended Posts

Hello everyone,

 

I wonder if someone heared about the website sadd.io and what are you all (including experts here ;-) ) think about it in comparison to VPN, TOR ect.?

 

Cheers

Share this post


Link to post

Hello everyone,

 

I wonder if someone heared about the website sadd.io and what are you all (including experts here ;-) ) think about it in comparison to VPN, TOR ect.?

 

Cheers

 

 

Hello!

 

Different aim and scope and also a nice idea. It's based on Tor too, although scaled down so that a single tab of a single browser of your system communicates with a remote desktop acting as an interface to Tor network . If you use Tor (directly in your system we mean) you get a stronger anonymity layer, while with a VPN you can tunnel the whole traffic of your system. On top of that, you need to consider that with Tor or VPN you can run your own programs locally, which in many circumstances can be a nicer solution.

 

When using a remote desktop not owned by yourself you also need to consider that end-to-end encryption with final services is performed by the remote desktop, and not by your system. So, those who have access to the sadd system may potentially have access to all of your "end-to-end" encrypted communications, because one of the ends is not your system but the remote desktop. Probably not acceptable in most circumstances.

 

Kind regards

Share this post


Link to post

In addition to Staff's points, I'd also ask the question of performance. You can do anything over the Tor network but latency-sensitive and/or traffic-heavy applications might have a hard time. To be pleasant to use, remote desktop needs both a low latency network and a performant one.


Four simple things:
There's a guide to AirVPN. Before you ask questions, take 30 minutes of your time to go through it.

Amazon IPs are not dangerous here. It's the fallback DNS.
Running TOR exits is discouraged. They're subject to restrictions on the internet and harm all AirVPN users.

Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, you'll be unique among the mass again.

 

XMPP: gigan3rd@xmpp.airvpn.org or join our lounge@conference.xmpp.airvpn.org

Share this post


Link to post

 

Hello everyone,

 

I wonder if someone heared about the website sadd.io and what are you all (including experts here ;-) ) think about it in comparison to VPN, TOR ect.?

 

Cheers

 

 

Hello!

 

Different aim and scope and also a nice idea. It's based on Tor too, although scaled down so that a single tab of a single browser of your system communicates with a remote desktop acting as an interface to Tor network . If you use Tor (directly in your system we mean) you get a stronger anonymity layer, while with a VPN you can tunnel the whole traffic of your system. On top of that, you need to consider that with Tor or VPN you can run your own programs locally, which in many circumstances can be a nicer solution.

 

When using a remote desktop not owned by yourself you also need to consider that end-to-end encryption with final services is performed by the remote desktop, and not by your system. So, those who have access to the sadd system may potentially have access to all of your "end-to-end" encrypted communications, because one of the ends is not your system but the remote desktop. Probably not acceptable in most circumstances.

 

Kind regards

Share this post


Link to post

Staff thats not a very good argument as VPNs can also see your traffic. Its all about trust at the end of the day.

 

I think sadd.io is a good concept. Atleast they are destroying the desktops at the end of the day. If you are subpoenaed you may hand over information about your users.

Share this post


Link to post
On 4/19/2019 at 2:52 PM, Jamesmane123 said:

Staff thats not a very good argument as VPNs can also see your traffic. Its all about trust at the end of the day.

 

I think sadd.io is a good concept. Atleast they are destroying the desktops at the end of the day. If you are subpoenaed you may hand over information about your users.


Completely wrong misconception and assumptions here.
First of all, AirVPN does not, and will never provide any "Desktops" or "Workspaces".
Where there is no single verifiable way for the end user to know they are encrypted and destroyed.

Also, AirVPN cannot see encrypted traffic, which is by latest surveys exceeds 90% of WWW.
Sites that default to HTTPS
89 / 100
Sites that work on HTTPS
96 / 100


Second, the business model here is entirely different.Sadd.io, Any.run, all those services allow you
to have a temporary disposable Windows VM for a few minutes. While it is good for random malware
analysis, or unpacking questionable software for future research, how exactly those services "compete"
with VPNs? AirVPN cannot be subpoenaed to any data they don't collect. Unlike those services which
do it for a reason. Both of them have a business model behind, and your privacy is not part of it.
Unless you pay for a "private plan" of $$$ per month. And still nothing is guaranteed.
I used to work with people in the Antivirus/IPS industry who shared collected samples easily, before
it was popular to pay Google (Virustotal) to download it from there. I can still get any file from there,
and those services usually upload it there for "Cloud analysis" checks. So?

@Jamesmane123 Usually it is the service that has to provide it's credibility for the users, not the other way around.
If you are affiliated with the service above, it's not an issue, actually it is welcome in this forum area.
But spreading FUD is not something that will get anyone anywhere, at least in the long term.

P.S.
I have doubts regarding the sadd.io service, the way I see it it's just a platform for purely blackhat activity.
There is no such thing as "free VM" and free nodes, unless you are a start-up company with valid details,
somewhat like hybrid-analysis, joesecurity, cwsandbox,  cuckoosandbox and others were before.
Someone has to pay for those VMs monthly, and it seems to be that the bill is not going to be anywhere
below 200$, for which you can rent ~64GB RAM, two 1Gbit NICs and around 1TB of storage.
Enough for like 30 VMs max?
Google ads are not going to cover it, at least not in that stage.
When you provide an "anonymous" VM, and  your site only has a "PATENT PENDING" contact form,
(since when running VMs over Tor was a patent?) that should raise more questions about who is actually
behind it. Are you really looking for free cheese?
I am sure the business model is the same as dyncheck.com, a blackhat runtime checking service.

At least such "honeypots" could mask themselves better. And I stand behind every word and welcome any
representative of the above service(s) to address any of my comments here on in private.

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...