Security Basics mailing list archives
Re: VPN Service
From: erik <security () vanwesten net>
Date: Fri, 02 Mar 2012 18:15:40 +0100
Op 2-3-2012 5:32, Michael Painter schreef:
Which leaves Sweden comfortably out of the equation. And the vpn provider very vcomfortably ignores the statement about the lawful intercepts...erik wrote:And the addresses located in The Netherlands (endpoints) is a perfect reason NOT to use this provider since no other country in the world has (relatively speaking) more lawful intercepts than The Netherlands. Really. Sad but true. All traffic is logged by law, and kept for the duration of 2 (two) years. The bill you talk about for Canada was passed here a couple of years ago. Police are known to (illegally) conduct search operations in these logs. I would look for a vpn provider with endpoints in Sweden or (better) Switzerland. Erik.I showed the above to my vpn provider (in Europe) and his reply follows: "Hello!Unfortunately the author of the article has very confused ideas about the Netherlands, Switzerland and Sweden.In NL data retention applies to Internet Service Providers that bring connection to the end-user, and applies for 6 months, not 2 years, a shorter period than Switzerland."
About the lawful intercepts (in Dutch) (it states that The Netherlands is #1 in formal requests for telecom data):
https://www.bof.nl/2010/11/11/persbericht-nederland-europees-koploper-opvragingen-telecomgegevens/ Bof is a dutch privacy institute, Bits of Freedom.The dataretention in The Netherlands is 12 (twelve) months (again in Dutch. states that it is 12 months and used succesfully in 24 out of 180.000 court cases):
http://jurel.nl/2011/05/12/evaluatie-van-de-data-retentie-richtlijnnutteloze-hutspot-en-schending-van-de-privacy1/ The data retention in Switzerland on the other hand is only 6 months: https://www.privacyinternational.org/article/switzerland-privacy-profileData retention in Sweden is non-existent (which is one of the primary reasons that Pirate bay used to have its home in Sweden, as well as Wikileaks):
http://www.theregister.co.uk/2011/03/18/sweden_postpones_eu_data_retention_directive/http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/409&type=HTML <http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/409&type=HTML>
My conclusion cannot be anything else than that your vpn provider is simply and plainly lying to you. Not a good starting point for a vpn for privacy.
Be aware also of the fact that there are no limits on sharing data between Dutch government and USA.
As a dutch citizen I am not that confused about what is happening here in The Netherlands. Better than the vpn liar^H^H^H^Hprovider that you contacted. Actually I am quite well informed.
Sorry to be bringing the bad news. Erik ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Re: VPN Service Michael Painter (Mar 02)
- Re: VPN Service erik (Mar 05)
- <Possible follow-ups>
- RE: VPN Service JB JB (Mar 05)
- Re: VPN Service Michael Dupree (Mar 05)