Jump to content
Not connected, Your IP: 3.145.108.43
discov

TorGuard and NordVpn court battle

Recommended Posts

Interesting. VPN providers always say "We do not log anything" but nobody thinks about what the colos might do.

Personally I wouldn't trust NordVPN on the sole grounds that it gets frequent promotion from Glenn Beck.

Share this post


Link to post

This look interesting, can someone TL;DR this long pdf? I'm out of popcorn so it won't be interesting to read it all.

From what I could read it seems like an epic fail from TGs side. Apparently 
they don't have a practice of installing  their servers via remote KVM over IPMI and set up full disk encryption,
which left their "business secrets" open for the hosting provider to access after they finished renting them.
Another fail is not to wipe the disks+BIOS after usage, but here it is possible that they were just kicked out and didn't have
time to do so. Still a full disk encryption, or no disks at all and just a PXE boot from a remote URL is what any provider that
respect it's customers will do.


The second part is that they claim to be DDoSed by Nord, which is another  fail. The website is something that is very easy to
protect against temp DDoS, it's the VPN servers which are harder. Seems like very amateur administration skills all together.

Not a fan of Nord but if the first part is true, it's an epic pwnage and deserves a thumbs up. Maybe now VPN providers will take physical security more seriously, it's not less important than logs.

Also, their attorney last name is Losey.
Call me superstitious but I wouldn't trust an attorney with such name to win my case in court ;)


 


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

If these allegations are substantiated, this could become a significant civil precedent--assuming, of course it is actually litigated (at this point. private settlement, shrouded in NDAs is not off the table). Otherwise, this has the potential earmarks of a made-for-TV movie . . . bring your own popcorn.  

Share this post


Link to post

There are much more creative and effective ways to blackmail a VPN provider. I would find it very surprising
if Nord took a script kiddie approach with some data leak threats + DDoS.
Their advertising budget seems huge, sometimes even more than whole VPN providers annual turnabouts.

This would be absurd for them to do such things openly, since the damage
from the allegations can be higher than the potential attack outcome.

If they will submit a defending court letter claiming libel, then I'll consider
reading the full docs and definitely  restock the popcorn supply, which ended
after the latest Intel/MS issues.
 


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...