Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Even if vpn doesn't log, what is preventing data centers from not logging?

Post a reply

:
In an effort to prevent automatic submissions, we require that you enter the letters that are written in red.
Smilies
:D :) ;) :( :o :shock: :? 8-) :lol: :x :P :oops: :cry: :evil: :twisted: :roll: :!: :?: :idea: :arrow: :| :mrgreen: :geek: :ugeek: :angel: :clap: :crazy: :eh: :lolno: :problem: :shh: :shifty: :sick: :silent: :think: :thumbdown: :thumbup: :wave: :wtf: :yawn:

BBCode is ON
[img] is ON
[flash] is OFF
[url] is ON
Smilies are ON

Topic review
   

If you wish to attach one or more files enter the details below.

Expand view Topic review: Even if vpn doesn't log, what is preventing data centers from not logging?

Re: Even if vpn doesn't log, what is preventing data centers from not logging?

Post by Leicht » Thu Aug 23, 2018 3:52 pm

Good to know you guys are paying attention to that. Does this affect your bottom line in any way btw?

Re: Even if vpn doesn't log, what is preventing data centers from not logging?

Post by df » Mon Aug 06, 2018 2:27 am

We try to choose data centers that are known to respect customer privacy, but without physical access to the data center we can't verify their claims (and even if they aren't logging, their upstream provider could be).
That's why end to end encryption is important, even if you're using a VPN. If you're doing plaintext things while connected to CS (i.e., HTTP instead of HTTPS, etc.) then that traffic still leaves our servers for the internet in plaintext. That means any of the routes between our server and the destination IP can log/intercept the traffic.
If you're doing end-to-end encryption, then those routes would only be able to see what our server is connecting to, but not the content.
That's also one of the reasons voodoo was created, to make the the data available to the data center useless on it's own.

If your goal is to stay as anonymous as possible, then it's also useful to choose VPN nodes that aren't in your jurisdiction, or in the jurisdiction of the thing you're connecting to. It really all depends on your threat model. In some cases, it's useful to chain the VPN with something else to add more anonymity, like another VPN provider, or connecting to Tor before connecting to CS. Speeds would suffer when adding more layers like that, but people who are looking for the highest level of anonymity generally aren't doing simple things like downloading the latest Avengers torrent, or whatever. For that plain CS is plenty :-P

Even if vpn doesn't log, what is preventing data centers from not logging?

Post by wwee » Sun Aug 05, 2018 4:06 am

If anyone can forward some information, that would be great.

Thank you

Top

Nothing to display.

Login