HideMyAss.com Doesn't Hide Logs From the FBI

An anonymous reader writes "People use VPN services to hide their identities online, right? And a UK-based service called HideMyAss would seem to fit that bill perfectly. Not so, unfortunately: they have to hand over the logs to the FBI when a UK judge tells them to." Reader wiredmikey points to a story at SecurityWeek, too.

Re:Who would have thought so....

[Runaway1956]

Now, THAT is the correct question. A server that keeps no logs is a fairly secure server from which to run a VPS. Ditto proxies. When shopping for something of this sort, the important question to ask is, "What logs do you keep, and how long do you retain them?" Every server makes and keeps logs - there is no getting around that. The lifetime of the logs should depend on administrative necessity. Generally, logs should be flushed every 24 hours. Performance logs, security logs, things that pertain to the ongoing health and security of the server should be retained for as long as necessay - sometimes, for months. But every publicly facing server should routinely delete logs that aren't central to the server's main mission. VPS and proxy servers main mission being to protect the anonymity of it's users.

Shouldn't it be considered a fraud, to advertise they you will protect a user's identity, then maintain logs which can be seized by any government agency that demands them?