Stumbled upon this..
what are your thoughts?
Jump to content
Posted 13 December 2018 - 08:50 PM
I think it's an interesting concept and I've often imagined something like it, so in overall terms, the idea or intent is good I think.
To me, it does seem like there's many many things buried in their methodology, which seems somewhat suspicious.
In a sense, turning everything into an exercise in transparency is a gimmick. Because it needs to be followed up with real technical know-how and integrity in order to actually mean something.
So perhaps ironically, the only ones who will probably use that stuff, are the gullible customers whom can't utilise the apparent transparency to make informed judgments.
While the technical crowd can and will raise the necessary and hard questions and resolve to stay away. But of course, I hope they keep developing.
Some things I find less likable about it:
For mobile users, we require an App Store or Google Play receipt, which contains no personally identifying information. The sole purpose of this data is to to validate that the account has an active subscription for the Confirmed service.
Each Account is limited to one individual on up to either three or five devices, depending on your Service plan. After substantial activity, we reserve the right to reasonably throttle the speed of your access to the Service to protect the experience of other users of the Service.
We do not log or track any usage of our website, except for error messages on our server (such as accessing a page that does not exist). For these cases, we log the error (i.e., the URL attempted) and the time that it happened, but no personally identifying information such as a user’s IP address.
For desktop users, we require a valid credit card that is processed and stored by Stripe, Inc., a PCI-compliant payment processor. We do not store your credit card number on our servers, nor can we access it. Stripe also will also store metadata related to your financial transaction that we can access, such as zip code and country of origin, primarily to validate the authenticity of the transaction and pay applicable local taxes (i.e., Value Added Tax in the European Union).
Posted 13 December 2018 - 11:34 PM
I like this idea, and it's something I wish Air (or another high value VPN provider) would do (although it would obviously be detrimental to their business). As LZ1 states, they're 'open', so they're hiding nothing or leaving nothing to the imagination. Their logging is clear and nobody in their right mind would use them (hopefully) but the concept is desirable.
> Except Air didn't make it a central theme in this way and yet still has FOSS software, high transparency infrastructure
I'm confused what you mean here, how does Air have 'high transparency'? I mean sure, we can see the status of servers, issues, and a few other pieces of information, but I don't agree it makes them transparent, far from it. We don't know Kernel versions, patches, what software they have on the server, how it's maintained, who has access, how access is granted, whether they have active monitoring/hardened against attacks, if they've been attacked and whether their server security is up to an acceptable standard.
AirVPN (as far as I am aware) has not done a public aduit, and does not have audit logs that are viewable, so in that regard, they're not 'transparent'. We can see from their software they've got competent developers, but there's more to the story behind every VPN.
> But there are things that even a VPN would probably be wise not to be sharing
Is there anything in particular you can mention? It's highly desirable to have a VPN willing to share everything and anything so we can (finally) learn how these services operate (because it all seems a closely guarded secret) and see if there are improvements that can be made by the community.
It's ironic that VPNs utilize and rely on the foundational trust of software like OpenVPN of which they make all of their profits, yet in the same breath they do not seem willing or keen to share information about their infrastructure which is very much 'closed sauce' and the secret ingredient nobody wants to talk about. Why? Why not share a little bit more information. If OpenVPN decided to close their source tomorrow we'd all be wanting to know why and (probably) demanding them to reconsider...
Posted 14 December 2018 - 11:14 AM
It's a delicate matter. The suggested method, which is a trademark if you didn't notice , will harm customers security and AirVPN industrial secrets as well.
"Security through obscurity" is "the reliance on the secrecy of the design or implementation as the main method of providing security for a system or component of a system.". It is trivial and obvious that when secrecy is not the only security method, it can be extremely helpful for security as well as other purposes. It's a macroscopic and logical mistake to believe that to not rely on "security through obscurity" you must have no secrets at all.
Under the current terms, the whole matter looks like marketing fluff aimed to promote a trademark and maybe gain some more customers. Ironic that those who promote access in read-only mode into their servers and recommend publication of all algorithms implementation feel the need to trademark two common language words. On top of that, it looks like you can't even access their service if you don't run their software. If you are in mobility, you also need an Apple or Google receipt, so they force you to use either Apple or Google stores. Wow, that's openness and respect for users' privacy, sure.
To get into more details:
1) Our industrial secrets are not rocket science. However, we have seen that our competitors in many years have not been able to have an infrastructure working on a par with AirVPN architecture, so our industrial secrets are valuable and we will not throw them away by allowing access in read-only mode inside our servers or by documenting our secret algorithms or in any other way.
2) Harm customers security. By allowing inspection or documenting the exact implementation of our security features and algorithms we will remarkably lower our customers security. For example, backend servers will become of public domain as well as the reverse proxies allowing indirect communications to service and VPN servers up to the backend servers. The whole path would be discovered and having compartmentalized databases (which, alone, is an important security feature) on servers unknown to the public, would be destroyed at once.
The architectural security principles are already documented in the Privacy Notice, in strict compliance with GDPR, which would enforce such documentation and implementation in case we handled personal data. We do not even handle personal data so the additional security features are a proof of our commitment to your security.
That said, knowing in details the technical implementation of said features, the exact locations, addresses and non-root access credentials from the Internet of our strategic servers, and the original algorithms, invented for a wide variety of purposes, which make AirVPN unique, is a dangerous madness.
Posted 14 December 2018 - 12:23 PM
I'm confused what you mean here, how does Air have 'high transparency'? I mean sure, we can see the status of servers, issues, and a few other pieces of information, but I don't agree it makes them transparent, far from it.
Because it's relative. The VPN industry is unregulated and so it must necessarily be in relation to what is the norm. The norm, from all that I've seen, is:
So in relation to things like the above, I think it's accurate and true to say that Air has high transparency by comparison. I didn't say total transparency and I was therefore still pleased with their idea .
AirVPN (as far as I am aware) has not done a public aduit
The only recent audit I'm aware of, is the funding provided to help audit OpenVPN and do a bug bounty.
Is there anything in particular you can mention?
I was trying to find a post I read earlier about this. But now Staff has answered, so hopefully that's sufficient. As Staff stated, there's compelling security and business concerns to take into account and if (perhaps especially in a VPN context) security is not done properly and transparency simply becomes another way of virtue signalling, then the security it was meant to foster will be undermined. Or put another way: if Air offered to share something meant to be secret, in the name of transparency, with the added explanation that it would undermine security for users, would you want it?
It's ironic that VPNs utilize and rely on the foundational trust of software like OpenVPN of which they make all of their profits, yet in the same breath they do not seem willing or keen to share information about their infrastructure which is very much 'closed sauce'
We should definitely start saying "closed sauce" instead, that'll spice things up .
I understand what you mean. In regards to trust, I think it's also relevant to remember that AirVPN at least, actively encourages "partition of trust" for some of those reasons. Because trust is a weakness in this scenario. So if you/I/we don't *need* to trust AirVPN in order to use it or at least won't be completely compromised if Air was, then we all benefit. While the Openly Operated model, while great in so many ways, still makes users rely on the service and therefore trust it. While if they had more anonymizing features it would be more compelling.
0 members, 0 guests, 0 anonymous users