Jump to content
Not connected, Your IP: 3.89.204.127
ghostp

Is it really better than a VPN and TOR???

Recommended Posts

Hello everyone,

 

I wonder if someone heared about the website sadd.io and what are you all (including experts here ;-) ) think about it in comparison to VPN, TOR ect.?

 

Cheers

Share this post


Link to post

Hello everyone,

 

I wonder if someone heared about the website sadd.io and what are you all (including experts here ;-) ) think about it in comparison to VPN, TOR ect.?

 

Cheers

 

 

Hello!

 

Different aim and scope and also a nice idea. It's based on Tor too, although scaled down so that a single tab of a single browser of your system communicates with a remote desktop acting as an interface to Tor network . If you use Tor (directly in your system we mean) you get a stronger anonymity layer, while with a VPN you can tunnel the whole traffic of your system. On top of that, you need to consider that with Tor or VPN you can run your own programs locally, which in many circumstances can be a nicer solution.

 

When using a remote desktop not owned by yourself you also need to consider that end-to-end encryption with final services is performed by the remote desktop, and not by your system. So, those who have access to the sadd system may potentially have access to all of your "end-to-end" encrypted communications, because one of the ends is not your system but the remote desktop. Probably not acceptable in most circumstances.

 

Kind regards

Share this post


Link to post

In addition to Staff's points, I'd also ask the question of performance. You can do anything over the Tor network but latency-sensitive and/or traffic-heavy applications might have a hard time. To be pleasant to use, remote desktop needs both a low latency network and a performant one.


» I am not an AirVPN team member. All opinions are my own and are not official. Refer to Staff postings for the official word.

» These are the community forums, not the support portal. You're writing with other users here.

» New here? LZ1's New User Guide to AirVPN. Use the search function, Luke!

» Tor exits behind a VPN connection are discouraged. Using Tor on the other hand is not.

 

» Privacy is like alcohol: Drink a little and it can help you stay unnoticed. Drink a lot and everyone will notice you.

» I cannot give you the solution to all your issues. But I can guide you to it. The rest is up to you.

Share this post


Link to post

 

Hello everyone,

 

I wonder if someone heared about the website sadd.io and what are you all (including experts here ;-) ) think about it in comparison to VPN, TOR ect.?

 

Cheers

 

 

Hello!

 

Different aim and scope and also a nice idea. It's based on Tor too, although scaled down so that a single tab of a single browser of your system communicates with a remote desktop acting as an interface to Tor network . If you use Tor (directly in your system we mean) you get a stronger anonymity layer, while with a VPN you can tunnel the whole traffic of your system. On top of that, you need to consider that with Tor or VPN you can run your own programs locally, which in many circumstances can be a nicer solution.

 

When using a remote desktop not owned by yourself you also need to consider that end-to-end encryption with final services is performed by the remote desktop, and not by your system. So, those who have access to the sadd system may potentially have access to all of your "end-to-end" encrypted communications, because one of the ends is not your system but the remote desktop. Probably not acceptable in most circumstances.

 

Kind regards

Share this post


Link to post

Staff thats not a very good argument as VPNs can also see your traffic. Its all about trust at the end of the day.

 

I think sadd.io is a good concept. Atleast they are destroying the desktops at the end of the day. If you are subpoenaed you may hand over information about your users.

Share this post


Link to post
On 4/19/2019 at 2:52 PM, Jamesmane123 said:

Staff thats not a very good argument as VPNs can also see your traffic. Its all about trust at the end of the day.

 

I think sadd.io is a good concept. Atleast they are destroying the desktops at the end of the day. If you are subpoenaed you may hand over information about your users.


Completely wrong misconception and assumptions here.
First of all, AirVPN does not, and will never provide any "Desktops" or "Workspaces".
Where there is no single verifiable way for the end user to know they are encrypted and destroyed.

Also, AirVPN cannot see encrypted traffic, which is by latest surveys exceeds 90% of WWW.
Sites that default to HTTPS
89 / 100
Sites that work on HTTPS
96 / 100


Second, the business model here is entirely different.Sadd.io, Any.run, all those services allow you
to have a temporary disposable Windows VM for a few minutes. While it is good for random malware
analysis, or unpacking questionable software for future research, how exactly those services "compete"
with VPNs? AirVPN cannot be subpoenaed to any data they don't collect. Unlike those services which
do it for a reason. Both of them have a business model behind, and your privacy is not part of it.
Unless you pay for a "private plan" of $$$ per month. And still nothing is guaranteed.
I used to work with people in the Antivirus/IPS industry who shared collected samples easily, before
it was popular to pay Google (Virustotal) to download it from there. I can still get any file from there,
and those services usually upload it there for "Cloud analysis" checks. So?

@Jamesmane123 Usually it is the service that has to provide it's credibility for the users, not the other way around.
If you are affiliated with the service above, it's not an issue, actually it is welcome in this forum area.
But spreading FUD is not something that will get anyone anywhere, at least in the long term.

P.S.
I have doubts regarding the sadd.io service, the way I see it it's just a platform for purely blackhat activity.
There is no such thing as "free VM" and free nodes, unless you are a start-up company with valid details,
somewhat like hybrid-analysis, joesecurity, cwsandbox,  cuckoosandbox and others were before.
Someone has to pay for those VMs monthly, and it seems to be that the bill is not going to be anywhere
below 200$, for which you can rent ~64GB RAM, two 1Gbit NICs and around 1TB of storage.
Enough for like 30 VMs max?
Google ads are not going to cover it, at least not in that stage.
When you provide an "anonymous" VM, and  your site only has a "PATENT PENDING" contact form,
(since when running VMs over Tor was a patent?) that should raise more questions about who is actually
behind it. Are you really looking for free cheese?
I am sure the business model is the same as dyncheck.com, a blackhat runtime checking service.

At least such "honeypots" could mask themselves better. And I stand behind every word and welcome any
representative of the above service(s) to address any of my comments here on in private.

Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post
Guest
This topic is now closed to further replies.

×
×
  • Create New...