Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Using Torguard's VPN? Best not for pr0n, nor in Iran :-/

Encouraging best practices in the VPN industry via independent, community-certified verification of clean installers and clean basic service operations. Let's reward the good, and make the bad a little bit less tempting 〰 github repo#cleanVPN
User avatar

Topic Author
Posts: 1493
Joined: Sun Dec 16, 2012 6:34 am

Re: Using Torguard's VPN? Best not for pr0n, nor in Iran :-/

Postby Pattern_Juggled » Sat Nov 09, 2013 3:30 am

The trolling begins anew; a reply via a subreddit:

I assume this is the same troll from Torguard that was caught red-handed doing exactly this kind of smear campaign earlier this year? Anyway, we've learned along with everyone else that when competitors have no legitimate reply to innovation, a pathetic few will resort to simply making things up.
(link to underlying thread & full backstory included below)

I'd ask where your "information" is that backs up what you're saying... but of course we all know you have no such information.

All the members of cryptostorm's team - which includes the entire tech and development team that originally built cryptocloud - have chosen to remain pseud-anonymous, via nicknames online, at this point. Given the extreme lengths that some government entities go to in order to harass and hinder those involved in real security technology nowadays (just ask @ioerror about this). doing so is good OpSec practice. Assumptions may be made, as a result, about who we "really are" - or are not We are not engaging in fishing expeditions regarding our identities, in this regard. Rather, people will make what conclusions they will and we will do our work in the meantime. So be it, for the best.

This is somewhat sad, admittedly, but nevertheless true. We should be able to stand behind our work without fear of reprisal or dirty-tricks campaigns by surveillance state stooges. Unfortunately, that has proved not to be the case - a lesson our team knows from years on the front lines of the security service battles. Some companies, like Silent Circle, are genuinely trying to buck this trend by taking a public stance personally, within the US no less! And although we wish them luck, we simply don't see that as a wise move when it comes to providing durable, reliable security service to customers. Perhaps we're wrong, and in time they prove their model works better - I'd say, personally, I hope that proves to be the case. For now, as a team this is not the path we have chosen - and we've been clear and public about our reasons fro that choice (yes, it provides an attack surface for a particularly desperate kind of troll, but this is not relevant to member security and thus is at most a distraction to consider).

For projects offering simply "security theatre" services, of course they have no fears that anyone from the spy agencies will bother then - their protection is useless anyway. For those actually provisioning competent security service, the situation is far different. I have discussed this, on behalf of cryptostorm, numerous times in published interviews - particularly since our work on the NSA's torsploit attack against the Tor network this summer; said attack being quite relevant, given that members of Tor's core development team have been subject to intensive U.S. government harassment as a result of Tor's legitimately strong security model (ironic, yes, given the majority of their funding comes via U.S. government sources).

So, with all due respect - and although it is quite fascinating to be "outed" as this or that individual - neither I nor anyone else with cryptostorm will be responding to such fishing expeditions. Doing so simply feeds the trolls, and does nothing to improve the security of our project for members. Perhaps, in the future, we will choose to approach this question differently; for now, putting our personal identities into the mix provides a larger attack surface for genuine threats to network security.

As we've told this troll before, if he has a personal issue with the individual about whom he apparently has some sort of personal/sexual obsession, perhaps he should contact that person directly. It seems there's no difficulty in doing so:


We've expected our Torguard troll to reappear during the launch, and planned to write something up to address this troll-bait attack on our service. However, speaking candidly, we've chosen to invest our time in more substantive work rather than waste it on this sort of hot-air nonsense. I still suspect that's the best choice; we don't see Torguard or any other old-generation "VPN service" as "competition" and don't find it productive to engage in vacuous mudslinging with them via their disposable reddit accounts, sorry.

But, despite the fact that I know better, if the person about whom you have such an obsession is subject to computer monitoring... how is it that I am he? That's such a logical failure that it really shouldn't need to be mentioned - but I'm mentioning it. Obviously, there's no credible answer to that. Like this entire smear campaign you've waged since we outed the lame policy choices made by your employer, this has no basis in logic nor fact. For archival purposes, here's the thread that set off this particular smear campaign:

Also, and most vehemently, let me say something that we've discussed as a team since that thread was created this spring: we do not regret speaking up about Torguard's duplicitous policies and marketing hype, not one bit. We've had this particular troll smearing us, as a team and as individuals, ever since. So be it. It confirms our worst predictions about Torguard and about the "VPN service" industry in general, and indeed helped motivate cryptostorm's development as a substantive alternative to this kind of senseless bullshit.

And, no, I'm not DPR version 2.1 or anything like that. Apologies for the disappointment that must bring, but such is the case.

Cheers :-)
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
[email protected]ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github


Re: Using Torguard's VPN? Best not for pr0n, nor in Iran :-/

Postby catwilder » Sun Apr 12, 2015 11:27 am

To the straight shooters administrating this forum. Please accept my humblest apology for an elementary interjection/inquiry (which may appear as a cloud of smoke) as I am less familiar with some terminology being delivered in an evolving quasi-coded scriptpogram format, slightly akin to an emerging paradox in the geeks' slang dictionary; perhaps found under the term, "techno-prose".

Please regard the following inquiry as nothing more than request for clarification with hopes of gaining a better appreciation of ToS, not some poorly outfitted "fishing expedition" with where the trophy is made available for a show and tale exercise that undermines the spirit of the VPN experience.

Are the ToS, aka, ToC referred to above, the Board's stated Policies which are intended to be self imposed by the endusers and enforced within the purview of their power to act (or not) consistent with the stated ToS as means of optimizing the endusers' rights to privacy, so long as no harm comes to others in the process? Or have I over weighted the moral intent and/or tone here? Thereby, trusting the enduser to bare the full ownership and responsibility for their encrypted internet activity? Also, it sounds as though should the content/context of any unregulated internet activity be navigated through Crypostorm, be called into question by concern authorities, the administrators of Torguard shall terminate further access to those endusers' generating untoward attention?

Should this cipher be a miss, surely the analysis above will be reckoned or disavowed.

Return to “#cleanVPN ∴ encouraging transparency & clean code in network privacy service”

Who is online

Users browsing this forum: No registered users and 1 guest