Contact Information
postal address: Montréal, Québec J0L 1B0
voice telephone: +1.866.846.8442 DID/SIP.
IRC + webchat
#cryptostorm webchat gateway
(yes, we're deploying a jitsi server this summer, so stay tuned!)
general email:
general inquiries & customer support: support@cryptostorm.is
(yes the entire team also has individual email accounts; however, due to NP-Complete expansions of inbound volume & other such lame excuses, the reliability of replies to email directed at those accounts ranges from very good - df@cryptostorm.is - to unpredictably erratic - pj@cryptostorm.is - to pretty much equivalent to throwing a bottle-encased message in a vast, dark, ocean - graze@cryptostorm.is - so we're honestly warning about that in an effort to limit disappointment & frustration on all sides; we're working to get this channel back in-hand & useful again, but it's a constant struggle we only occasionally feel as if we've a good chance of ending victoriously)
github:
github.com/cryptostorm
(be forewarned that our github repository collection is notoriously anarchic, loosely-organised, confusing, & often holds code and projects that veer wildly away from any expectations of how git - and github - are "supposed to be used"... this is not accidental, and actually reflects much of our approach to systems technology, but it can be off-putting or worse for folks who arrive there expecting to see rigidly-structured code collections and find instead... well, if you visit you'll see what we mean
)twitter:
main account: @cryptostorm_is
(DMs accepted from follows & non-followers alike; we do our best to keep up w/ volume & cross-staff the account more or less 24/7... but it can get to be a rodeo in there & thus we cannot promise fast replies 100% of the time but we're looking to improve our process of handling the account & thereby our turnaround metrics, wherever possible)
primary backup account: @cryptostorm_net
cryptohaven blog (less technical, more human-readable): @cryptohaven
df's dev-team/personal account: @df_cryptostorm
Graze's vastly entertaining account: @grazestorm
fermi's solidly-informative, well-managed account: @__Fermi__
dfkt's intimidatingly consistent + fascinating personal account: @dfkt
pj's intermittently-active 'personal' account: @cryptostud
torstorm's sporadically-active account: @torstorm_org
#NotSabu... because @SwiftOnSecurity
: @NotSabubitmessage:
{updated as of 1 December 2015 per routine address cycling ~admin}
BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
PGP 4096 (GNUpG v.1)
MIT keyserver (fingerprint 4D87 F984 A222 8392 57FE 36A5 BBDB 991A E9C7 C942 | ID 0xE9C7C942)
keybase.io PGP & ID validators
onename.io namecoin-blockchain validators
ωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωωω
response targets/staffing: we staff all comms channels listed above seven days a week, although there are occasionally periods during which no staffer is available immediately via a particular channel. We're moving towards full, 24/7 coverage for all channels... it is a key goal of our team. In the meantime, we do our best to respond immediately. Please feel free to choose the channel that is most convenient for you, and we will be there to provide support.
press inquiries: we're happy to make our technology staff available to journalists, bloggers, & others interested in network security, privacy policy, applied cryptographic systems, & the history/structure of the "VPN market" - our press liaison may be reached directly via admin@cryptostorm.is; we do our best to respond quickly, however if you are on a tight deadline please include this in your "subject" line to help us prioritise. Also, we ask you to respect that our customers come first, when staff resources are tight.
Facebook: the cryptostorm darknet does not have an official Facebook presence (seriously: lol), as we reject the anti-privacy policies of Facebook's management; any pages identifying themselves as such are best considered "fan pages," & do not reflect the company's core team. We apologize if this causes some inconvenience.
bug reports & bounty programme: If you see something in our service, our website, or anywhere in our network ecososytem that's broken, we ask that you let us know! Our service has improved consistently for more than five years, and we actively encourage outside critique, review, criticism, and suggestions. Feel free to post your feedback in our forum or on twitter publicly, or if you prefer drop a note privately. We are very open in our operational approach to security policy - this is not a "security through obscurity" process, and never has been. We're more than happy to provide dontated service to folks who point out bugs, typos, gaffes, goods, slips, snags, or general screw-ups. Currently, we don't have a cash-based bug bounty programme... but we're actively working on implementing one. If you find a juicy bug and let us know, we'll dig into the coffers and put some bitcoins in your wallet - you have our word. This goes whether you contact us privately, or go public with it - just please point us at your report so we know it's been posted!
clever hacks for free accounts: If you really want an account from us, but simply cannot afford the monthly cost right now (student, activist, low-income... whatever the reason, you need not justify nor feel obligated to explain to us - we understand), simply let us know. Within reason, we'll get you an account for free so that you can protect yourself. We've done this hundreds of times for more than five years, and are happy to do so. Perhaps you're in a country where payment mechanisms are difficult or censored. Just let us know - we've got you covered. Please, don't waste your time trying to find a way to sneak a free account (dodgy card #, tricky form injections, whatever) - just ask, as we'll set you up. Plus, if you do find a tricky hack of the payment process, just let us know and we'll bounty you with a free account (or three), per above. You don't have to "hack" us to get an account, really. If you do outsmart our payment engine and get freebies, good on 'ya
Post a brag, and we'll retweet your 'sploit with humility and respect. If it's truly clever, we'll set you up with a lifetime's free account. But if you're simply cash constrained for the time being, no problem - just ask, and you're covered. What goes around, comes around - it's an honour for us to be of service. DDoS & such: Please don't DDoS our service. We do good work in support of folks around the world, and have for years. We're not your enemy (we hope). If you want to show your DDoS chops, we're a terrible target anyhow: we're just a little website sitting parallel to a global network of VPN exit nodes; taking our website offline is an inconvenience for our customers, but that's about it. We'll just wait it out, really. We're not heavily bulletproofed against the most current, clever DDoS tools - we're just not. You can easily put us tango down if you like, but we ask that you don't. If you hate us, explain your hatred on our forum; we won't censor your post, and people can read it & make up their own minds. For the public record: we do not, will not, and have never reported "attacks" against our infrastructure to LEO (i.e. the cops). Ever. If you pwn us and wipe our network, shame on us for being bested. We'll reinstall from offsite, encrypted backups and tip our hat to your competence. That's it. If you do something really mean to us - or, worse yet - our customers - we'll take matters up ourselves, as best we can. No cops - but we do have friends who aren't too shabby in their own capabilities, too. Fair warning - although we hope, an unnecessary one.
activist assistance/donations: If you're an activist group or individual doing work in support of privacy, free speech, governmental transparency, cultural diversity, ecological sustainability, nonhuman rights/wellbeing (i.e. "animal rights"), or any other "make the world a better place for everyone" work and you're worried about your safety online, we're happy to help. We also donate larger quantities of tokens for auctions or fundraisers in support of activists, legal defence funds for persecuted individuals, and other such good work. Simply email us via activism@cryptostorm.is & we'll get you set up. We also accept referrals from our longtime colleagues at Baneki Privacy Labs.
DMCA "takedown" requests, &c: We offer an encrypted packet routing service, and meet the statutory & regulatory definition of a "transport service" under both U.S. and E.U. frameworks. We do not provide hosting service; we do not host files. We do not run "filesharing" services. We are not an ISP, and we do not provide physical internet connectivity. As such, targeting us (or our infrastructure service providers) with so-called "takedown" requests is, simply put, dumb. We have nothing whatsoever to take down, as it were. Further, sending us nasty, legal-sounding letters (emails, actually) demanding we turn over the identity of our subscribers is a source of genuine humour for us. We retain no logs of user activity, and thus cannot see who was routing packets of "Ass Busters XXII" (or whatever) over our routing infrastructure last year. So terribly sorry about that. Even if we could, we would never betray our customers in that way - and we never have. We feel quite strongly about that. If you (or your automated bot) nevertheless decide to email is with your fatuous "demand" notices under inapplicable statutory authority, do not be surprised when we post it - and our snarky reply - publicly, and use it as part of our market outreach work in the future. Marking it "confidential" in the footer is legally specious, by the way. We're fortunate to have the assistance of excellent counsel, both in the U.S. and Europe, to assist with such matters, if need be. If you are LEO, we respectfully ask that you carefully review our Terms of Service & Privacy Policy, respectively, prior to contacting us via channels outlined above. Thank you.
