Re: VPN Service

[erik <security () vanwesten net>]

Op 2-3-2012 5:32, Michael Painter schreef:
> erik wrote:
>
> > And the addresses located in The Netherlands (endpoints) is a perfect
> > reason NOT to use this provider
> > since no other country in the world has (relatively speaking) more
> > lawful intercepts than The Netherlands.
> >
> > Really. Sad but true. All traffic is logged by law, and kept for the
> > duration of 2 (two) years. The bill you talk
> > about for Canada was passed here a couple of years ago. Police are known
> > to (illegally) conduct
> > search operations in these logs.
> >
> > I would look for a vpn provider with endpoints in Sweden or (better)
> > Switzerland.
> >
> > Erik.
>
> I showed the above to my vpn provider (in Europe) and his reply follows:
>
> "Hello!
>
> Unfortunately the author of the article has very confused ideas about 
> the Netherlands, Switzerland and Sweden.
>
> In NL data retention applies to Internet Service Providers that bring 
> connection to the end-user, and applies for 6 months, not 2 years, a 
> shorter period than Switzerland."
Which leaves Sweden comfortably out of the equation. And the vpn 
provider very vcomfortably ignores the statement about the lawful 
intercepts...

About the lawful intercepts (in Dutch) (it states that The Netherlands 
is #1 in formal requests for telecom data):

https://www.bof.nl/2010/11/11/persbericht-nederland-europees-koploper-opvragingen-telecomgegevens/

Bof is a dutch privacy institute, Bits of Freedom.

The dataretention in The Netherlands is 12 (twelve) months (again in 
Dutch. states that it is 12 months and used succesfully in 24 out of 
180.000 court cases):

http://jurel.nl/2011/05/12/evaluatie-van-de-data-retentie-richtlijnnutteloze-hutspot-en-schending-van-de-privacy1/

The data retention in Switzerland on the other hand is only 6 months:

https://www.privacyinternational.org/article/switzerland-privacy-profile

Data retention in Sweden is non-existent (which is one of the primary 
reasons that Pirate bay used to have its home in Sweden, as well as 
Wikileaks):

http://www.theregister.co.uk/2011/03/18/sweden_postpones_eu_data_retention_directive/
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/409&type=HTML 
<http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/409&type=HTML>


My conclusion cannot be anything else than that your vpn provider is 
simply and plainly lying to you. Not a good starting point for a vpn for 
privacy.

Be aware also of the fact that there are no limits on sharing data 
between Dutch government and USA.

As a dutch citizen I am not that confused about what is happening here 
in The Netherlands. Better than the vpn liar^H^H^H^Hprovider that you 
contacted. Actually I am quite well informed.

Sorry to be bringing the bad news.

Erik


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------