Slashdot Mirror
VPN Provider Removes Russian Presence After Servers Seized (thestack.com)
An anonymous reader quotes a report from The Stack: VPN provider Private Internet Access has pulled out of Russia in the wake of new internet surveillance legislation in the country. The company claims that some of its Russian servers were seized by the government as punishment for not complying with the rules, which ask providers to log and hold all Russian internet traffic and session data for up to a year. Upon learning of the federal action, the company immediately removed its Russian availability and announced that it would no longer be operating in the region. "We believe that due to the enforcement regime surrounding this new law, some of our Russian Servers (RU) were recently seized by Russian Authorities, without notice or any type of due process," wrote Private Internet Access in a blog post. The company advises users to update their desktop clients. They also noted that its manual configurations now support the "strongest new encryption algorithms including AES-256, SHA-256, and RSA-4096." Putin has given Federal Security Agents two weeks to produce "encryption keys" for the internet.
Obey every law without question. Civil disobedience is violence. Do not test us.
Your employer requires it. Some semi responsible employers require a gesture towards security even if they won't spend any real money on it.
errr....umm...*whooosh* *whoosh* Is this thing on ?
Obey every law without question. Civil disobedience is violence. Do not test us.
You go on and try that in Putin's Russia. Let me know how it works out for you, K?
Because Archfield and the Anonymous Coward missed the point, I submit the following rephrasing...
Why would a person/company who is using a commercial VPN service actually want their internet traffic to originate from Russia?
An employer requiring a VPN to the home office? Makes perfect sense, and happens every day. An employer requiring their remote-working employees who are probably working from home (e.g. likely within 50 miles and 10 hops of that office) to connect via Sonicwall NetXtender or Cisco VPN to their front-facing router? Absolutely. However, what possible security could be accomplished by having remote employees use a commercial VPN service to encapsulate traffic making a 50(ish) mile trip or less by making it traverse through Russia before getting to the home office?
A multinational company having a site-to-site VPN also makes plenty of sense. Even if it's to their office in Russia, it still makes sense, but it's not what Hagbard was referring to, because in that context its from their company, to their company. The question implicitly doesn't apply. If you're in China or Iran and VPNing due to government oppression, doesn't it make a lot more sense to send your traffic through the US or UK or Japan or some other country with less draconian oversight of internet traffic? Actually, that proves the point of the article - the company pulled out of Russia because Russia was implementing that very level of oppression for which a VPN would be needed. Finally, latency alone would be reason enough not to VPN through Russia for remote viewing of a security camera.
Nobody is asking whether VPNs are useful. The question being asked is whether there's any utility for the endpoint to be in a country that is beginning to require a year's retention on connectivity logs.
Are we honestly going to pretend that an American VPN provider is secure and does not do exactly what they're told by American authorities?
Citation ? The US is arguing loudly about who can and does snoop and when it is OK, while most other countries are just doing it quietly in the background. Nearly every country in the EU has been implicated in cooperating with the US, UK, Germany, Australia and France amongst the foremost contributors. The reason it is such a newsworthy item in the US is the fact that the ISP's are privately owned and complain about the government wanting records, while in many countries the ISP's are state sponsored or owned and are already directly connected to the government network.
errr....umm...*whooosh* *whoosh* Is this thing on ?
I see your point now, and I have to agree. Point to point VPN for work is a requirement but if I was looking for an environment to VPN my private traffic, Russia would not be my choice either.
Not to be pedantic my nick is archFELD no field involved. Thanks for the correction/information in any case.
errr....umm...*whooosh* *whoosh* Is this thing on ?
you mean the same demands that US/UK/AU governments etc are making? They aren't the first to push for this, nor will they be the last.
I find it a great jump point for many other regions of Europe, my own country (Australia) has insane intrusive internet monitoring laws and I would much prefer a country like Russia sees what I am accessing as they are far less likely to do something about it whereas western world is very much all joined human centipede style.
Russia is one of the countries I regularly choose to send my traffic through. Good internet infrastructure and bandwidth with fast connectivity to much of europe. Absolutely ZERO legal agreements between countries like US, UK etc so far less chance of them sharing your browsing habids with others and those that they would share it with would not give a shit about me.
Obey every law without question.
When you are a COMPANY yes. A company doesn't have a right to civil disobedience. A company may challenge the law in courts it cannot and SHOULD NOT choose which laws to follow.
IOT now stands for Internet Of Thugs.
The Russians have won. They have made the world a cesspool of distrust, greed, fear and hate.
You provided the citation. Any body that argues over "Freedom Of Speech" is looking to restrict "Freedom Of Speech".
Time is what keeps everything from happening all at once.
They don't agree with the law so they stopped doing business there. Where is the problem with that? The nature of their business demands not operating there while a theoretical petition is filed.
So discussion of an issue is equal to opposition of an issue ? Quit trying to cryptic and cool and deal with reality. Any society that purports to be free MUST have room for argument, debate, and a wide variety of ideas of what is correct and what isn't. But you appear to only see black and white, your way or nothing. All I did was express an opinion, which you declared as wrong and proved yourself as a narrow minded fool.
errr....umm...*whooosh* *whoosh* Is this thing on ?
But couldn't they still offer a VPN client that connects to a server outside the country with a "dynamic" IP of sorts to keep it from from being blocked by the ISP? [snip] We need some good news, and we just aren't getting any yet.
They do. That is the good news. Here's the summary...
Private Internet Access owns about 3,000 servers in 34 countries. You pay $7/month, and you set up a PPTP/IPSEC/OpenVPN client with the credentials they specify. When you log into your account on their website, you can pick which country you want your data to be originating from, and that is your endpoint. If they have a server in France, then your traffic is VPN'd from your computer to their servers in France. If you connect to their VPN and then head over to IPChicken, you'll see a French IP address from the block of IPs they own from that region. If tomorrow you want your traffic to come from Kansas, you pick your server there, and your IPChicken will reflect that IP instead. Meanwhile, those IPs are used by dozens of other users, so it's neigh impossible to tell exactly which user was responsible for a given piece of traffic...unless you explicitly configure those server to log which users were logged in and sent what traffic where, which is what Russia is looking for.
They also yanked all certificates (or will soon). Customers will have to download the new ones if they use OpenVPN or something of the like.
Chewbacon
The Bible is like Wikipedia: written by a bunch of people and verifiable by questionable sources.
Really? Show me one article about, or even better yet -- an official letter sent to a company executive, from the US government asking for encryption keys that will allow decryption of any data the company handles.
I won't hold my breath while I wait, but I certainly hope you do while you're looking.
In that point I agree with bloodhawk. Russia and even China products have the inherent advantage of not collaborating with our governments.
Because it's cheaper to buy a game on Steam if Steam thinks you're in Russia (really).
Generally, you are right. For a very extended meaning of "laws". In Russia, it means bribing administrative clerks, doing favor to "politicians" and always being ready to surrender your business to someone with power. Doing business in Russia means being forced to break both Russian written laws and your domestic laws (if you are foreigner and your domestic laws apply, and for US or EU citizens a lot of them DO apply).
So when you cannot comply, you close.
Russia is one of the countries I regularly choose to send my traffic through. Good internet infrastructure and bandwidth with fast connectivity to much of europe. Absolutely ZERO legal agreements between countries like US, UK etc so far less chance of them sharing your browsing habids with others and those that they would share it with would not give a shit about me.
This. A person I know has sometimes used his Bit Torrent client through a VPN going through Russia for the same reasons.
Also, Russia has cheaper games, but they can only be activated from IP addresses in Russia. Some people use a VPN to bypass region lock-outs on cheaper products.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC