Blog TUVPN.COM

Not long ago, one of our team members attended a security conference in Amsterdam. He absorbed a lot of information, but was particularly impressed by a presentation about how money flows from stolen credit cards, bank accounts etc to criminal groups in Eastern Europe. This 'flow' seems to be in many directions and in large volumes we think!

We have been quite busy and couldn't give enough time to this tale, but finally and deservedly, here you have it.

Some time ago, we wrote a post about protecting public wireless connections using a VPN service :

http://blog.tuvpn.com/2010/01/why-do-i-need-a-vpn-3-protection-for-wifi-connections-hotels-airports/

As we already pointed out there, public wireless access to the Internet is becoming more and more ubiquitous and people is getting more and more used to being always connected whilst in airports, hotels, bars and a multitude of other public places. As already mentioned too, these new habits come with new risks. We no longer know about the networks that we are connecting to as these change all the time, are of different types over different technologies, and with different levels of security. This opens the door to new ways of  gathering and stealing information, as we clearly  pointed out in the aforementioned post (ref: fake access points).

All these new threats come from new, very specialised, organisations/entities that focus on gathering private financial information (bank account access details, credit cards etc) and using those to steal money. According to the security presentation, these criminal bodies are hierarchic, very well structured and professional organisations that operate throughout Europe, and possibly extend their reach worldwide.

We are not at all scaremongering but relaying very 'real world' facts about crimninal organisations and their modus operandi.

We will focus here on the sofisticated operations of one of these groups and how they managed to move very considerable amounts of money from Western Europe to Eastern Europe by using money mules, and simple yet very efficient procedures.

Obviously, the first step is to get the financial details from as many individuals as possible. This was outsourced to other global networks such as trojan creators, botnet sheperds, phishing masters, hot-spot crackers etc. These groups of self-employed techies have the technical resources to deploy their weapons, but not to monetize them, to convert this private sensitive information into real money. So in most cases, they package this information and resell it to other more specialised networks, like the one we are talking about in this example, who have the structure and resources to make good money out of it.

But how do they do it ?

We have to introduce here our friend the money mule. A money mule would typically be a low income individual with financial needs to cover and not many options to do it. Most importantly, he/she possesses a bank account.

In our example the money mule will be Jack.  A friend of Jack´s, or a friend of a friend of Jack ´s, or a friend of a friend of a friend of Jack´s has come to know a very easy way of making some good money through a reasonably low risk process.

Here it is:

• Our money mule's shepherd does a large number (let's say a thousand) of transfers from stolen bank accounts to our Jacks´ bank accounts. Transfer amounts are never really big, so as not to create serious trouble for Jack (let's say €1000). So that would be €1 million  worth of transfers if we were to have a thousand Jacks.

• Immediately after receiving the transfer, our 'Jacks' in Western Europe do a thousand transfers to some thousand Johns in Eastern Europe each for 950€. So our Jacks have made €50 just for doing a transfer to some John they have been told about. Not too bad.

• Obviously, no sooner our Johns have got the money in their accounts, they all take the 950€ out of the account and the money mules shepherd happily collects €900 from each of them… giving away €50 more to the Johns.

So, all in all, €900,000 have made their way to our happy sheperd and it will be extremely difficult for the police to grab anyone related to it as they have two thousand low profile individuals that have received and processed small amounts of money while the real final target is unknown to all of them.

We would like to insist that this is a completely real world example that would be sharing  'the landscape' with, we assume, plenty of others.

It is in this context and environment that we insist on the importance of correctly protecting your communications from EVERYWHERE. Particularly when we rely on quasi permanent internet access through all types of wireless networks to do all kinds of operations  e.g buying stuff, checking bank accounts, reading corporate mail etc, and using a plethora of devices (laptops, netbooks, mobile phones, iPads …).

It is here where, as already explained, a VPN connection to a good VPN provider can show itself to be worth the few bucks we have spent on it. We don't have to worry any more about the security of the network we are connecting to. We are bringing in the security (in the form of encrypted communications) with us!!

We hope this has been helpful.

TUVPN.COM Team

Go to TUVPN.COM

In this blog post we will examine another feature that differentiates VPN Services - the type of IP that you are assigned (dedicated or shared) and the advantages / disadvantages of each option.

What does a 'Dedicated IP VPN Service' mean? This type of service will map to your VPN account a dedicated IP address, that is, an IP address that is reserved just for you and your activities.

Now, what is a 'Shared IP VPN Service'? Here you are sharing the same IP (or a small set of IPs) with all the other VPN users of the VPN server your are connected to. So all the activities of all users seems to come from the same IP.
 

The biggest advantage of having a Dedicated IP (as the name implies) is that the IP will be used just by you. And now you would say, what are the advantages of this ? :

• There is no risk of your IP being banned/blocked/blacklisted by any Internet service as some times can happen with Shared IP services.

• All the ports are open to the Dedicated IP that you have been assigned. There is no need for Remote Port Forwarding as in Shared IP environments. Because you have one IP for yourself, all the connections to all the ports will be open for that Dedicated IP, so you can run any service that you want in that IP (a web server, remote access to your computer etc …).

• Further, it is interesting if you want to offer a service as if it was provided from a given country but you have your server somewhere else e.g. you have a server in the USA and want to offer some Internet service as if your server was in Spain. You just get a VPN Dedicated IP Spanish service, set it up in your server and that's all.

So, why I would like to use a Shared service then? Well, there are also answers to this question :

• Generally with a Dedicated IP service you just get access to a given VPN server in a given country i.e. if you buy an American Dedicated VPN Service, then you can just connect to a given American VPN server that will provide you with your assigned Dedicated IP. On the other hand, with a Shared IP VPN service (in general) you have access to a wider set of VPN servers worldwide that you can use. So if there is an issue with a particular server you can just move to the next.

• Further, and very importantly, you get much much more anonymity using a Shared IP VPN Service. As your activities are mixed with the activities of hundreds or thousands of other users, then of course you become much more anonymous. So if you are concerned about privacy and anonymity online, a Shared IP VPN Service is a better option.

So in short, you need to be clear about which are your needs and priorities for a VPN service and then you will be able to easily decide on either of these two options.

We hope this has been helpful.

TUVPN.COM Team

Go to TUVPN.COM

The main uses of a VPN service are to provide ANONYMITY by hiding your IP address and to mantain PRIVACY by sending encrypted data across the Internet. There are various types of VPN connections available but in general many VPN providers offer PPTP and OpenVPN connections due to their simplicity and efficiency. They both provide different levels of encryption, in addition to anonimity.

PPTP

The Point-to-Point Tunneling Protocol (PPTP) is a method for implementing virtual private networks. PPTP uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets.

OpenVPN

OpenVPN is a free and open source software application that implements virtual private network (VPN) solutions for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It uses SSL/TLS security for encryption and is capable of traversing network address translators (NATs) and firewalls.

PPTP vs OpenVPN ?

One of the biggest issues that drives our choice between PPTP and OpenVPN, and an issue that we have no control over, is that sometimes ISP block PPTP connections. There is nothing to be done about this, and in this case using OpenVPN is your only alternative. PPTP has some unique advantages, but a change to OpenVPN may be a good thing.

PPTP works with almost all the Operating software and not requires any software to use. It also works with many mobile devices such as Iphone, Ipad, Windows mobile and can easily be setup on them. In contrast, OpenVPN setup can be a little more complicated compare to PPTP, but with the right directions you should be able to setup the connection without much difficulty. Note that OpenVPN does not work with mobile devices.

PPTP encryption method uses the password as the key and it’s datastream carries a retrievable hash password. If someone in middle intercepts your traffic and cracks the encryption (which is not easy though possible) then he can decrypt your traffic. Where as OpenVPN uses a very strong encryption (blowfish) method. Even if someone does intercept your traffic, they can do nothing with it. This makes OpenVPN more secure than PPTP. To read further about OpenVPN security encryption keys follow this link.

Which to Use

If you're looking to get high security and are more concerned about the secure transfer of data, then you should use OpenVPN. If you're looking for easy setup OR VPN usage on mobile devices then PPTP is the one for you. There are other protocols available such as L2P or IpSec, but they are not as user-friendly or cost-efficient. 

TUVPN.COM Team

Go to TUVPN.COM

The Internet has revolutionised the way we live, and with the passing of time we grow more and more dependant on its very existence. That it could spring up independently of governments and big business lead many to believe that the Internet could bring the world a new type of freedom. Now we have reason to think again……..

We send emails, blog, chat, do our banking, organise our travel, engage in social networks, enjoy numerous forms of entertainment…..the list is endless.

While we go about our lives on the Internet, we need to be conscious of the threats that exist, and take steps to protect among other things our identity, privacy and communications. VPN service providers play an important role in helping you protect your life on the Internet. We have discussed this in previous blog articles.

Beyond the sinister threat from individuals with criminal intent, we would like to explore in greater detail the growing threat to our Internet freedoms from government sponsored initiatives. Traditionally we have thought of countries such as China and Iran as examples of countries looking to block Internet freedoms from their citizens. But there is a creeping menace that is developing in so called liberal democracies.

There is clearly a role for responsible governments to play in protecting its citizens from harm. But we see a disturbing trend in how this mandate is being used to restrict individual freedoms on the Internet. And the main issue we see is not what is necessarily being targeted now by 'Internet filtering' systems, but how they will morph and be applied into the future……..who will hold the keys? what will be done with information gathered? where will it be stored? how secure is the storage?

In the United Kingdom, the Digital Economy Bill was rushed through parliament in the evening of the 10th of April 2010. Is remains only to be approved by the House of Lords. In short, it gives the government the power to force ISPs to block access to any sites its deems necessary, and block access of individuals to the Internet entirely. Cynically it could be argued that MPs have come under significant pressure from global media companies to push this legislation through. But the wider implications of this bill are frightening.

In Australia, the government recently said that it would pass laws to block access to some Websites. The prohibited material includes child pornography, bestiality, incest, graphic "high-impact" images of violence, anything promoting or providing instruction on crime or violence, detailed descriptions of the use of proscribed drugs, and how-to information on suicide by Websites supporting the right to die for the terminally or incurably ill. A poll in the Sydney Morning Herald showed 96% opposed, and 2% in support. This is obviously not a display of support for the list of prohibited sites, but a resounding condemnation of a system that threatens freedom of information and expression into the future.

Wikileaks reported a leaked list of sites supposed to be included in the Australian filtering scheme. They included online poker sites, YouTube links, regular gay and straight porn sites, Wikipedia links etc.

In New Zealand, the government has quietly introduced an Internet filter and has been placing pressure on ISPs to implement its use. On the 1st of February 2010, the filter was reportedly turned on. David Zanetti, and spokesman for Tech Liberty made a very valid observation, "It establishes the principle that the government can choose to arbitrarily set up a new censorship scheme and choose which material to block, with no reference to existing law"

In the European Union, a Directive on 8 June 2000 about e-commerce revealed the first threat to freedom of expression, by making ISPs responsible for the content of websites they host and requiring them to block any page they consider illegal when informed of its existence. On the 29 of April 2004, the European Parliament approved the IPR Enforcement Directive. The Directive covers remedies available in cases of IPR breaches. Unfortunately, this directive has spawned new laws in member states that pose significant threats to Internet freedoms. As an example, Swedens IPRED law that went into effect on the 1st of April 2009, requires ISPs to store individual users traffic data. While not censorship, it perhaps points to a worrying EU direction on Internet freedoms.

The moment systems and laws are put in place to facilitate censorship, they sow the seeds for the eventual erosion of our human rights and individual freedoms. They will always be open to abuse and misapplication.

Jeremy Bentham was an English philosopher that lived from 1748 - 1832. He said something that is as true today as the day he uttered these words;

"As to the evil which results from a censorship, it is impossible to measure it, for it is impossible to tell where it ends."

We would value your thoughts and updates on cases of Internet censorship.

TUVPN.COM Team

Go to TUVPN.COM

Here we look at one of the benefits of using a VPN service - avoiding geographic restrictions.

First we need to look at what these restrictions are and why we might be interested in avoiding them.

A geographic restriction exists when a web page can only be viewed by people browsing the internet from a particular geographic location. e.g United States. In most cases the restriction is implemented by filtering our IP address. If your IP address corresponds to the area of service, e.g US, then our connection will be accepted. Otherwise it will be rejected. We can look at this graphically;

Here we can see a user browsing the internet and trying to access a website in the United States (e.g www.hulu.com), and the United Kingdom (e.g www.bbc.co.uk/iplayer/). In this case the websites recognise that the user is trying to access the web pages from Italy, and his access is blocked. By contrast, users trying to access these web pages from within the US and UK respectively will be able to access the web pages in question. This filtering has been achieved by identifying the users IP address which is particular to a geographic location.

How does a VPN service help in this regard? Simple. As discussed in previous blog articles, a VPN service replaces a users IP address with an IP address of the VPN service provider. Generally a VPN service provider gives you a selection of servers in different geographic locations through which to connect to the VPN service. So the solution then becomes simple. A user just has to chose the geopgraphic location of the VPN server node that will provide the appropriate geographic IP address. Lets see this graphically;

When a user connects to a VPN server in Chicago, his or her IP address becomes American, and access to sites such as hulu.com become possible. The same principle applies for the UK example.

Obviously this can be achieved with the use of a proxy. However, many sites are now utilising sophisticated systems to identify when a proxy is being used and then denies the user access.

We hope this has been clear! Find here a list of restricted sites accessible from our servers. We hope to get more from you !

USA

• www.hulu.com - TV and video.
• www.pandora.com - Internet radio.
• www.openpandora.com - Internet radio.
• www.cwtv.com - Series, video …
• www.fox.com - TV Series, FOX channel
• www.fancast.com - TV series and video
• www.abc.go.com - TV series, ABC channel
• www.vh1.com - Music, Music Videos, Music Billboard
• www.revision3.com - Internet TV

UK

• www.bbc.co.uk/iplayer - TV and video.
• www.channel4.com - TV and video.
• www.zattoo.com -TV on your PC.
• demand.five.tv - TV and video.
• www.itv.com - TV on your PC
• www.seesaw.com - TV  and video

Switzerland

• www.zattoo.com -TV on your PC.

Spain

• www.zattoo.com -TV on your PC.

TUVPN.COM Team

Go to TUVPN.COM

There is a lot of misunderstanding and misrepresentation regarding encryption strength and how most VPN providers talk about it. In fact, we would say that most of them don't have any idea what they are talking about, or if they have, they try to fool possible users in believing that they are more secure than other VPN services …

Let's see some examples from live VPN sites :

What does 2048 bit Encrypted connection mean ? And what about 128-2048bit security ? Let's try to clarify it as simply as possible….which in itself is challenging when discussing encryption! . We will do our best.

Firstly, encryption strength is related to a type of service. So we have to know if we are talking about PPTP or L2TP or OpenVPN or SSH. Once we know the type of service that we are talking about, we can better assess the information that the VPN provider gives to us related to its strength.

PPTP

So focusing first on PPTP…. it can (and should) offer a maximum strength of 128 bits. Encryption using PPTP is provided by the use of Microsoft Point-to-Point Encryption (MPPE) protocol that can just handle 40-bit, 56-bit and 128-bit session keys. So when talking about PPTP, don't be fooled: 128 bits is the maximum strength that you can expect.

Anyhow, security wise, the biggest problem with PPTP is not related to the length of its key (there are other protocols very secure with similar key lengths), but to its underlying implementation that has several flaws. You can read more here.

OPENVPN

Although OpenVPN can be configured in several ways, let's focus on the most typical one found in many VPN providers.

In this typical configuration, first the peers taking part in the communication (you and the VPN server to which you are trying to connect) will authenticate to each other. Once this has been done and the VPN tunnel is established, the proper flow of encrypted data from and to your computer will begin.

The authentication process will usually take place using Public-Key Cryptography and/or username and password. When you read about 2048 bit keys, or 4096 bit keys or something like this, you are reading about the key used during the authentication phase of the communication.

But once authentication has happened and because Public-Key algorithms are really slow, OpenVPN will switch to Symmetric Cryptography to actually encrypt the data that is sent between you and the VPN server. This encryption will take place using a given type of symmetric algorithm (AES, Blowfish, Twofish …) and with a given key length (128bit, 192bit, 256bit, 448bit …).

Most probably this last key length is the one you would worry more about along with the type of algorithm that the VPN provider is using. As you can see none of these symmetric key lengths get anywhere close to those 2048bit ot 4096bit keys that some VPN providers boast.

Having longer symmetric keys will increase security at a performance cost (more or less depending on the algorithm selected). All depends on how paranoid we are and the options that the VPN service provider gives to us.

Hope we have clarified things a bit !

TUVPN.COM Team

Go to TUVPN.COM

This could potentially get into a very technical discussion! However, we will try to avoid this, and keep this discussion focused on what we think you want to know. If we don’t cover areas you would like to understand better, please post your thoughts and questions.

We believe the question is as follows;

I want to secure my communications over the internet and protect my identity. I want to do this with the least impact on the speed of my internet connection, with maximum levels of security/anonymity and with the most cost effective solution. What is the difference between proxy server and VPN (Virtual Private Network) solutions?

Proxy Solutions

A proxy server is a server that acts as an intermediary, relaying your request for connection to a webpage, file, or service on the Internet. The location of the proxy server could be physically anywhere in the world. The recipient of the request (e.g a website, service or file) will only see the request for connection coming from the proxy server. The recipient will not know that you were the source of the original request.

The main use of anonymizing proxy servers are:

1. Protecting the identity of the computer behind it.
   
2. Avoiding geographic restrictions.
   

Pros:

• Many free solutions.
  
• Anonymises your web browsing.
  
• Unlocks geographic restrictions.
  

Cons:

• There is generally little or no encryption provided, so all information being sent by you through the proxy server is completely transparent and can be intercepted. With an SSL proxy, communications from the client to the proxy are correctly protected.
  
• Connection speed with free proxy servers is generally slow. Bandwidth costs money.
  
• Plenty of free solutions require software installs, and or display intrusive adds to pay for the running of the service.
  
• Many proxy server IP addresses are known as sources of spam and are blocked by the end destination site.
  
• Beware anonymizing proxy services declaring themselves VPNs.
  

VPN Services

In a previous TUVPN blog article entitled, What is a VPN service? we throw light on what a VPN service provides, and how it works. We also cover this in our FAQs. So we will not repeat ourselves again here, but rather we will spend a little more time highlighting a VPN’s ‘Pros and Cons’.

In a following blog post, we will go into a more detailed explanation of the differences between PPTP and OpenVPN solutions.

Pros:

• Anonymizes and encrypts all communications over the internet. Not just web browsing as is the case with Proxy solutions. VPNs protect emails, VOIP, chat applications…. i.e. ALL your Internet traffic.
  
• Wireless Hotspot protection. See our blog article, Protection for WIFI Connections (hotels, airports…).
  
• Subject to the quality of the supplier, high connection speed.
  
• Solution to geographic restrictions.
  
• With PPTP solutions you don't need to install any software as clients are provided with most Operating Systems or mobile devices. PPTP has limitations vs OpenVPN – we will look at that later as previously mentioned.
  
• Stable and Reliable.
  

Cons:

• There is a cost to high data speeds.
  
• As with Anonymous proxy providers, trusting your VPN service provider is vitally important. There is a growing source of VPN services, but not all are trustworthy.
  
• Most types of VPNs require a software installation.
  

So in summary, proxy services DO have a use, but they have limitations and risks attached. Reliable VPN services will generally have a cost attached to them. You must judge for yourself if the added security and convenience provided is worth that extra cost.

Please dive in with your thoughts or questions.

TUVPN.COM Team

Go to TUVPN.COM

Finally, and as we promised some time ago , we will address this important question:

Why not use TOR, which is a free service, for providing anonymity and privacy online?

To the layman, TOR is defined as:

TOR is a free software and open network that helps protect you from all forms of online surveillance and threats to your personal freedom and privacy. Tor protects you by routing your communications through a network of servers distributed around the world and provided / managed by volunteers.

In this sense, the objective of TOR and a VPN service such as TUVPN.COM is the same. Protecting the security, privacy and anonymity of your communications. One of the differences, as you may have already noticed, is that there is usually a small fee attached to accessing a VPN service, while TOR is free. In this difference lies the core advantages / disadvantages of both options.

Let us now graphically look at the TOR network structure. It is important to emphasise again that this is a network created from servers offered and run by volunteers. Looking at the implications of this is point:

As we can see, our communication enters the TOR network through an entry node, then it tumbles from one server to another within the network and finally reaches a TOR exit node, and from there to our Internet destination. The communication is encrypted from your computer to the exit node that decrypts it before sending it to its destination.

Anyone can create a TOR node and add it to the network. This can be for honest and selfless reasons, or not. You can't choose whether your node will be an entry, exit, or intermediate node as this is random in each communication but it will probably go through all the roles at some point.

Imagine now that we are very bad and we decide to create our own TOR server node and add it to the network to serve our own purposes …  Let's see how much evil we can do depending on the role of our server in each communication. Lets use innocent "John" in this example. Remember, our server will go through all the server node roles according to TOR's random design:

1 - Our server acts as a TOR input node for John's communication.

As the communication we received from John is encrypted, the only thing we know is that John is connected to the TOR network (we can identify his IP). But knowledge of this alone is not important enough to feed our bad intentions.

2 - Our server acts as an intermediate node in John's communication on the TOR network.

Our evil intentions are not satisfied here either. The communication we recieve is encrypted and all we know is that it has come from a node on the TOR network before reaching us. Hopefully the next role our server can play on the TOR network will provide food for our evil appetite!

3 - Our server acts as a TOR exit node for John's communication.

Now things get interesting for our evil intent! Our mission here is to decipher the communication through our exit node and send it to your destination. In so doing, we can see all data communication. We cannot know who sent the now transparent communication, we only know that we received it from an intermediate TOR node.

We can argue that by protecting the communication with the target (eg our bank or our e-mail or …) with SSL, there is no way for us to get to know the contents of John's communications.

Wrong again. As security researcher Moxie Marlinspike showed at the last  BlackHat Europe, we can mount a man-in-the-middle attack from our beloved TOR exit server and crack John's SSL communications.

Moxie gave a real-time demonstration of this attack that obtained a large number of passwords for all kinds of services from many users whose traffic was going through his TOR node. For more complete information about this topic: http://blog.phishme.com/2009/02/moxie-marlinspike-un-masks-tor-users/.

So we can see that the very nature of decentralised and distributed communication on the TOR network brings some problems.

Another drawback, in our humble opinion, of TOR vs a VPN service, is speed. Anyone who has used TOR for something more than just reading emails will know what we are talking about. Unfortunately, bandwidth has a price. Free and open services like TOR just cannot deliver this bandwidth.

By contrast, a VPN provider such as TUVPN.COM, has the resources to secure and supply this bandwidth for their services, and allow its customers to enjoy streaming and other bandwidth intensive activities. Something that is unthinkable with TOR.

There is no doubt that TOR has its uses, if one is aware of its limitations. All the same, VPN services also have their uses and , most probably, their limitations. It is just a matter of being able to choose and with the right information come the right decisions !

PS: Not to add fuel to the fire, but this week has seen TOR in the news. It has asked its users to upgrade their software as a result of attacks on its servers that run TOR directory authorities. More information:  http://news.zdnet.co.uk/security/0,1000000189,40004185,00.htm

TUVPN.COM Team

Go to TUVPN.COM

Go to TUVPN.COM

Go to TUVPN.COM