LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Do any of ya'll use VyprVPN? (http://www.linuxquestions.org/questions/linux-security-4/do-any-of-yall-use-vyprvpn-796315/)

Dogs 03-18-2010 11:37 AM

Do any of ya'll use VyprVPN?
 
http://vyprvpn.goldenfrog.com/

As per marketing proposals -

Quote:

How it Works




Simply sign-in to activate a secure, encrypted VyprVPN connection and all your online communication (web addresses, emails, instant messages, VoIP, social networking, etc.) is "scrambled" as it travels through your Internet service provider (ISP) to VyprVPN servers, making it impossible for eavesdroppers to see what you're transmitting.




Once your online traffic reaches the VyprVPN servers, it's stripped of your Internet Protocol (IP) address, tagged with a VyprVPN IP address, and sent to its final destination on the Internet. Now hackers and identity thieves don't see your identity associated with an email, for example, they see VyprVPN.




VyprVPN keeps your privacy intact.

It seems like an interesting idea, and since giganews has been my usenet provider for the last 6 years, I get it for free. I was wondering if anyone could explain the concept a little more in detail for me to get a better understanding.

What I figure is - All of the traffic coming from your NIC is encrypted, and its destination is a VPN server which will accept your traffic, decrypt your information, replace personal info with VPN info or something, and pass it on to the website that was initially to be accessed.


So, after you click send or whatever, the process is

encrypt, send to VPN(requested address, requesting address, authorization, etc), to ISP which just gets garbage, to VPN which decrypts/strips the message, then to the destination, which will send a reply back to the VPN, then back to the ISP, and then back to you, right?

MensaWater 03-18-2010 01:00 PM

It doesn't really prevent snooping - it just prevents snooping directly from your location except that since VyprVPN has to decrypt it to send it on to its original destination THEY could snoop it all.

Anyone snooping traffic out of VyprVPN's servers could see the traffic to the destination though of course they wouldn't see where it originated (your place) but VyprVPN itself could and if anyone hacked them they could as well.

Also encryption/decryption all by itself slows things down - add in the latency of going to a 3rd party and some of your pages might be dog slow.

XavierP 03-19-2010 06:18 AM

Moved: This thread is more suitable in Linux-Security and has been moved accordingly to help your thread/question get the exposure it deserves.

slimm609 03-19-2010 06:31 AM

Quote:

Originally Posted by Dogs (Post 3903375)
http://vyprvpn.goldenfrog.com/

As per marketing proposals -




It seems like an interesting idea, and since giganews has been my usenet provider for the last 6 years, I get it for free. I was wondering if anyone could explain the concept a little more in detail for me to get a better understanding.

What I figure is - All of the traffic coming from your NIC is encrypted, and its destination is a VPN server which will accept your traffic, decrypt your information, replace personal info with VPN info or something, and pass it on to the website that was initially to be accessed.


So, after you click send or whatever, the process is

encrypt, send to VPN(requested address, requesting address, authorization, etc), to ISP which just gets garbage, to VPN which decrypts/strips the message, then to the destination, which will send a reply back to the VPN, then back to the ISP, and then back to you, right?

Thats correct for the most part. The pages will not be much slower if at all. Giganews who hosts it has multiple gigabit connections.

cantab 03-19-2010 07:04 AM

Your privacy becomes entireley dependent on VyprVPN. They could disclose information voluntarily, have it seized by law enforcement, or be hacked or have hardware stolen by criminals. Even if they properly delete logs in normal operation, an attacker could monitor connections starting from the time of attack. The encryption could also be broken.

All these considerations apply to any such scheme where there is a single organisation responsible for relaying and anonymising your data.

Tor would seem to be a more secure system, though I don't know if it has its own vulnerabilities.

(EDIT: I'm probably using 'secure' in quite a loose sense)

win32sux 03-21-2010 09:45 PM

Quote:

Originally Posted by cantab (Post 3904404)
Tor would seem to be a more secure system, though I don't know if it has its own vulnerabilities.

Well, I see them both about the same with regards to security. One could argue the threat to be greater for either method, albeit for different reasons. Still, Tor does at least provide you with a great deal of anonymity when you use it right, while this VPN solution provides the exact opposite AFAICT (considering that now all your traffic is tied to your credit card). Regardless, the same advice applies to both: Keep your end-to-end traffic encrypted, so that neither your Tor exit node or your VPN service provider can snoop on you (the VPN service provider will still know which sites you use, though).


All times are GMT -5. The time now is 12:43 AM.