New accusations against NordVPN

[Rayxcer]

I've tried to research to hole thing about NordVPN und somehow stumbled upon these new accusations regarding how NordVPN is unblocking Disney+.
https://medium.com/@derek./how-is-nordvpn-unblocking-disney-6c51045dbc30

 

Since I'm not sure how trustworthy this site is, I'd call it an "accusation" rather then a fact.

 

But if these accusations are true, you should stay as far away from NordVPN as you can.

[straight_stewie]

I absolutely love posts like this, because they make an excellent time to point out that the only valid use for a public VPN is exactly this use case: To bypass geographical restrictions or internet censorship. A cloudsourced public VPN can never provide you with any form of security.

This is also a great example of why it's absolutely necessary to log all connections on your network and to regularly review those logs.

[dalekphalm]

It's an interesting theory - but his research didn't prove it. It's entirely possible that yes, NordVPN did contract with residential ISPs to rent servers - especially if CDN's like Disney+ and Netflix are blocking known datacenter IP's, etc.

 

I have no love for NordVPN - I don't use them and never have. But while this could be true, it might also be total bunk. Take it with a grain of salt.

[Roswell]

14 minutes ago, Rayxcer said:

I've tried to research to hole thing about NordVPN und somehow stumbled upon these new accusations regarding how NordVPN is unblocking Disney+.
https://medium.com/@derek./how-is-nordvpn-unblocking-disney-6c51045dbc30

 

Since I'm not sure how trustworthy this site is, I'd call it an "accusation" rather then a fact.

 

But if these accusations are true, you should stay as far away from NordVPN as you can.

I'm not saying the article is false or anything, but to answer your question about the site, it's basically an open platform that anyone can submit their journalism to.

[TempestCatto]

This is utter bullshit honestly. Nord (and other VPN's for that matter) constantly work to make sure they have new servers/IP's for sites like that. Netflix especially. If you tried connecting to the same country using a different sever, chances are very high that the IP on that server is blocked. It works the other way 'round too. If you tried a different VPN and it didn't work, keep trying till it does. It usually takes more than a few tries to get through. Even then, it's usually a flooded server (because it's one of few that isn't yet blocked) so traffic is high and speeds are slow. The person who wrote this article is wearing a bigger tinfoil hat than even me. 

 

That said, every time I use Nord I do a DNS leak test. There are always two IP addresses, but they are never anywhere near mine. They are always one digit off from eachother. So maybe the accusation that they rent out ISP data centers is somewhat valid? Or maybe I'm an idiot and don't fully understand how this works. But, Nord does claim to be a no logs company - even if a big government asks them. They claim their servers aren't even set up to accept logs so it simply wouldn't happen. 

 

That's only half of it. I can't bear to read the rest, it's kinda cringe. 

 

It's all speculation right now. Go to the hardware store, go to the water softener section, and pick up a few bags of softener salt and take this "article" with that. What sources does this person have, how trust worthy are they, is this person just spouting a conspiracy theory that's always been on their mind? We may never know. 

[Taf the Ghost]

5 hours ago, Rayxcer said:

I've tried to research to hole thing about NordVPN und somehow stumbled upon these new accusations regarding how NordVPN is unblocking Disney+.
https://medium.com/@derek./how-is-nordvpn-unblocking-disney-6c51045dbc30

 

Since I'm not sure how trustworthy this site is, I'd call it an "accusation" rather then a fact.

 

But if these accusations are true, you should stay as far away from NordVPN as you can.

Without showing the internal routes through Nord, which he could do in his VM, all he's shown is Nord has some IPs that are harder to block.

 

Also, the whole "Nord was forced to announce the hack" line is complete BS. 2 days after the "rumors" start they have a long document, professionally done and their action plans. It's called someone leaked early before they were set to announce it. Hit a company for screwing up, not when someone is setting a negative narrative about them before they announce bad news.

[Taf the Ghost]

5 hours ago, straight_stewie said:

I absolutely love posts like this, because they make an excellent time to point out that the only valid use for a public VPN is exactly this use case: To bypass geographical restrictions or internet censorship. A cloudsourced public VPN can never provide you with any form of security.

This is also a great example of why it's absolutely necessary to log all connections on your network and to regularly review those logs.

VPNs are good for unknown connection and In-Flight obfuscation, along with the ability to region unblock content. That's really all most people need, as it adds a trust layer where few have the technical knowledge to add themselves. Considering the world is now covered in Public Wifis, it's a solid, basic security measure.

 

(Edit: VPNs also force you off your ISPs DNS services, which tends to be where the most data about you is actually collected. So that's another benefit. Hint: change your DNS settings, if you haven't.)

 

If you want to avoid you local security services, that's going to cost some money. If you want to avoid Intelligence Agencies, that's going to cost a lot of money. VPNs are still useful because far too many things are sent in PlainText.

[straight_stewie]

29 minutes ago, Taf the Ghost said:

VPNs are still useful because far too many things are sent in PlainText.

A VPN cannot enforce encryption between you and your target receiver, it can only enforce encryption between you and the VPN server. After exiting the VPN server, all of your data appears as it would without the use of the VPN, except possibly some changed headers. This really just means that cloudsourced VPNs do not provide any benefits to the end user, except possibly subverting region or IP blocking strategies.

Additionally, as this article would suggest, users have no idea what the VPN service is actually doing. That's one of the fundamental truths of computer security: If your data/machine ever leaves your possession, it is no longer your data/machine.

There are only two useful use cases for VPNs, and they happen to be the use cases that they were primarily designed for:

1. The VPN server is running on a machine physically connected to your local network and is used for secure remote access to your network.
2. The VPN server is provided by a third party, making it useful only to subvert region/IP blocking, internet censorship, and transparent DNS proxying.
   • It should be noted, however, that this use case comes with a whole host of caveats about how secure your communications actually are.

Any other uses amount to security by obfuscation which is widely regarded as not actually providing any security.

Just as a final nail in the coffin for "security by cloudsourced public VPN services", they have to store your payment data somehow, and that trail will always lead to one end point: The actual account that the money is coming out of. This means that you not only have to trust the VPN provider with your data, you have to trust them with your bank account, and therefore, your actual identity.

[amdorintel]

6 hours ago, straight_stewie said:

Just as a final nail in the coffin for "security by cloudsourced public VPN services", they have to store your payment data somehow, and that trail will always lead to one end point: The actual account that the money is coming out of. This means that you not only have to trust the VPN provider with your data, you have to trust them with your bank account, and therefore, your actual identity.

Valid point, thats why crypto currency is popular in one respect, but it just adds more pathways to map to get user info.

[2FA]

6 hours ago, straight_stewie said:

Just as a final nail in the coffin for "security by cloudsourced public VPN services", they have to store your payment data somehow, and that trail will always lead to one end point: The actual account that the money is coming out of. This means that you not only have to trust the VPN provider with your data, you have to trust them with your bank account, and therefore, your actual identity.

A lot of VPN providers accept cryptocurrency which you don't have to obtain through an exchange. Simply pay someone random with cash without exchanging personal information and there is effectively no trail. That's the decentralized part of cryptocurrencies that public exchanges make people forget about. Hell, Mullvad VPN accepts cash payments through mail (which by the way does not require a return address). They also claim to point their logs to /dev/null (which is a data blackhole for those that aren't familiar with *nix OSes).

[amdorintel]

12 minutes ago, 2FA said:

address

lots of ways to game the system thats for sure, and your post is most informative with the logs and such.

thats why the governments and banks wants to crack down on crypto and get rid of it, but big government and the nanny state are meddling in too many areas of our lives, same goes for private corps, google, facebook, ms etc. so hiding our tracks is becoming more important in my view.

 

[straight_stewie]

21 minutes ago, 2FA said:

Simply pay someone random with cash without exchanging personal information and there is effectively no trail.

1 hour ago, amdorintel said:

thats why crypto currency is popular in one respect

I would argue that virtually no one who isn't turned off of cloudsourced VPNs for the other reasons I mentioned is willing to or even knows that you can buy cryptocurrency without going through an exchange.

[2FA]

2 minutes ago, straight_stewie said:

I would argue that virtually no one who isn't turned off of cloudsourced VPNs for the other reasons I mentioned is willing to or even knows that you can buy cryptocurrency without going through an exchange.

I only use a VPN so my ISP doesn't see my linux iso torrents. Also, your mention of no security from these isn't the most accurate. There is a lot of unencrypted parts of network traffic that can give a lot of information, for example DNS, which if you're on a public wireless network could potentially be an issue, especially with rogue APs which aren't as uncommon as one may think. I think you're conflating security with privacy, they're related but not exchangeable terms. I use the Google Fi VPN on my phone because it's transparent and encrypts those packets on public networks for me (not the same VPN I mentioned in my first sentence). I get where you're coming from but you're trying to speak absolutely when the topic is in fact not absolute.

[amdorintel]

8 minutes ago, 2FA said:

I use the Google Fi VPN on my phone because it's transparent and encrypts those packets on public networks for me (not the same VPN I mentioned in my first sentence).

Google and VPN seems to me I want to gag everytime I read/see google name.

What gives for Google Fi VPN ?

[mr moose]

 

[2FA]

14 minutes ago, amdorintel said:

Google and VPN seems to me I want to gag everytime I read/see google name.

What gives for Google Fi VPN ?

I have a Pixel 3a and use Google Fi as my mobile network provider. The "VPN" simply encrypts the data without spoofing your IP, it is purely meant for security.

[Arika]

33 minutes ago, mr moose said:

-snip-

this is something i do very much agree with. 

With that said i do have NordVPN and while i don't trust them 100% (i dont trust any VPN 100%), I trust them a hell of a lot more than I trust Telstra. 

 

There are certainly privacy benefits to a VPN, but it's not full privacy like some people think, which is something you just have to deal with more and more these days with the internet how it is.

[SpaceGhostC2C]

8 hours ago, straight_stewie said:

A VPN cannot enforce encryption between you and your target receiver, it can only enforce encryption between you and the VPN server.

That's far from trivial, especially when using public wifi, or frankly any form of wireless communication, and in some cases any form of communication altogether.

"Not secured everywhere" doesn't rule out "secure where it matters".

[mr moose]

46 minutes ago, Arika S said:

this is something i do very much agree with. 

With that said i do have NordVPN and while i don't trust them 100% (i dont trust any VPN 100%), I trust them a hell of a lot more than I trust Telstra. 

 

There are certainly privacy benefits to a VPN, but it's not full privacy like some people think, which is something you just have to deal with more and more these days with the internet how it is.

 

I was speaking to a friend of a friend of a friend (know what I mean?) who works for an ISP.  They said they all keep logs of everything. The law doesn't require them to but they do anyway because it helps resolve some issues.

[mr moose]

5 minutes ago, comander said:

They can provide some anonymity. 

 

It becomes harder for MANY companies to track you via IP. 

 

The downside of course is that the VPN now knows all of your domain level traffic. 

 

Pick your poison. I'm of the belief that my domain level traffic isn't that important and that it's the specific pages you visit which are. 

 

-----

 

I miss 1999 when tracking wasn't really a thing. 

And vpns don't stop fingerprinting data, at best they will hide your location until some other data gives that away too. 

[Anomnomnomaly]

the way I look at the whole issue... is that it's simply raised enough questions about their service that it would make me seriously reconsider if I wanted to be a customer of theirs... and if I could trust them in the future.

 

That's all the relevant info most people need... I suspect that most people... myself included use a VPN in part to get around geo blocking of sites and to help protect privacy to some degree... at the very least it stops my ISP collecting and selling my browsing habits/data for ad revenue.

 

I do as much as I can to make any data collected by anyone... as close to worthless as possible... that includes script/cookie/ad blockers, a VPN, a neutral search engine (duckduckgo) and I disabled as much telemetry as I can within android and windows. I sandbox sites in containers within firefox to further stop leakage. I also avoid the biggest data harvesting sites... so no google or facebook sites ever... got them blocked in my hosts file along with others as well as at the router level... and if I visit a new site (and it works without enabling all of the 3rd part scripts/trackers and so forth) I'll happily spend a minute or two blocking specific elements to make the site cleaner and safer.

 

Sometimes this means it breaks a site, I can live with that... most info can be found in multiple places... so any single site is superfluous to any ones needs really.

 

A VPN is not fool proof, but it's just one tool in a bag of many tools you can use to make your data almost worthless to those trying to collect it.

[jagdtigger]

On 11/30/2019 at 3:41 PM, Rayxcer said:

NordVPN is unblocking Disney+

Why is it blocked in the first place? These companies need a few slap in the face with a shovel. If ppl are willing to pay just give them what they want. And if you dont do not complain about ppl getting it through other means.....

[mr moose]

36 minutes ago, jagdtigger said:

Why is it blocked in the first place? These companies need a few slap in the face with a shovel. If ppl are willing to pay just give them what they want. And if you dont do not complain about ppl getting it through other means.....

They can't always just give you everything as they will still have distribution contracts  in place with other service providers for some of the content.

 

Quote

The titles coming to the US are more or less in line with what European subscribers will see, with a few notable exceptions. Part of that has to do with rights distributions — it’s why Spider-Man: Homecoming isn’t available on the service yet. Disney is working to get back rights to the titles it’s leased to other streamers (just as other major distributors, like NBCUniversal and WarnerMedia, are slowly buying back the rights to their top shows for their own streaming services), but given the value of Marvel and Disney titles, the process may take some time.

 

The same thing happened in Australia except we got more content this time:

 

Quote

In fact thanks (presumably) to international rights deals, a lot of the content missing from the US Disney+ launch is present and accounted for here in Australia.

 

 

https://www.lifehacker.com.au/2019/11/disney-plus-in-australia-everything-you-need-to-know/

https://www.theverge.com/2019/10/14/20913417/disney-plus-launch-lineup-marvel-star-wars-pixar-tv-shows-movies-simpsons-national-geographic

 

The advent of streaming services doesn't nullify all the legal contracts in place under the old fta and cable services days.  Companies still have to honor those contracts or buy them out.

[jagdtigger]

50 minutes ago, mr moose said:

They can't always just give you everything as they will still have distribution contracts 

Its their problem not ours. They were getting the signs that ppl are fed up with their outdated ways and had plenty of time to clean up those contracts.... In this day and age you cannot control anymore who gets what, its both unreal and extremely dumb to think otherwise...

[mr moose]

2 minutes ago, jagdtigger said:

Its their problem not ours. They were getting the signs that ppl are fed up with their outdated ways and had plenty of time to clean up those contracts.... In this day and age you cannot control anymore who gets what, its both unreal and extremely dumb to think otherwise...

???

 

Your argument is because you don't understand the distribution contracts or why things are the way they are that it entitles you to pirate?  And what do you even mean by not being able to control who gets what?   There are lots of things we can't control, doesn't justify doing it nor make it legal, moral or otherwise.  All I here in this reasoning is entitlement. I can do it and your dumb for thinking I shouldn't,  I don't like the contracts Disney signed with time Warner a decade ago therefore I will pirate.