VPNs bieten keinen technischen Schutz vor Deanonymisierung

Dass VPNs keinen technischen Schutz vor Spionage durch den VPN-Anbieter bieten, sollte jedem klar sein. Neuestes Beispiel: proxy.sh.

In the absence of third-party auditing, at the moment it is probably a case of a user assessing a VPN provider’s attitudes, relying on feedback from existing customers, and then making an educated decision on perceived risks versus potential benefits. […] On Saturday VPN provider Proxy.sh, a company that has built up a decent reputation with good pricing, quality of service and a no-logging policy, made a surprise announcement. […] “We are unfortunate [sic] to announce that there have been abuse complaints about hacking activities on our U.S. Illinois 1 node. […] As a result, we will […] monitor it with Wireshark for a period of 7 days,” Proxy.sh announced.

Und wieder ein Thema für die CryptoParty. Es wird Zeit für den eigenen VPN-Workshop.