Invite Scene - #1 to Buy, Sell, Trade or Find Free Torrent Invites!

#1 TorrentInvites Community. Buy, Sell, Trade Or Find Free Torrent Invites, For Every Private Torrent Trackers. HDBITS, PTP, BTN, MTV, EMP, EXIGO, RED, OPS, TT, BIB, TTG, MTEAM, CHDBITS, CG, TIK, KG, FSC, BB, IPT, TL, GGN, AB, U2 etc.

Search the Community

Showing results for tags '2015'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Invite Scene Official Information
    • Announcements
    • Suggestions and Ideas
    • Member Introductions
    • Competitions
  • Invite Scene Premium Membership
    • Make a Donation: Grab Your Premium Membership Now
  • Invite Scene VIP Giveaways & Requests
    • VIP Giveaways
    • VIP Requests
  • Invite Scene Official Store
    • Invite Scene Store: The Official Store for Private Torrent Invites
  • Invite Scene Marketplace
    • Premium Sellers Section
    • Buyer's Section
    • Trader's Section
    • Webmaster Marketplace
    • Service Offerings
    • Other Stuffs
  • Invite Scene Giveaways & Requests Section
    • Giveaways
    • Requests
  • Invite Scene Bittorrent World
    • Private Tracker News
    • BitTorrent World Discussion
    • Private Tracker Help
    • Tracker Reviews
    • Open Trackers
  • Invite Scene SeedBox Forum
    • Exclusive SeedBox Sellers Section
    • SeedBox Sellers Section
    • SeedBox Reviews
    • SeedBox Discussions
  • Making Money
    • Monetizing Techniques
    • Crypto Currency
    • Free Money Making Ebooks
  • Webmasters
    • Website Construction
  • Invite Scene General Topics
    • The Lounge
    • Movies, TV, and Videos
    • Melody, Harmony, Rhythm, and MP3
    • General PC Chat and Help
    • Security Hive
    • Guides and Tutorials
    • Gamers Hangout
    • The Graphic Design
  • Invite Scene Deal Disputes & Limitations
    • Deal Disputes
    • Archives

Categories

  • Bug Tracker
  • Suggestions Tracker

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Google+ Hangouts


Yahoo Messenger


Skype


Discord


AIM


ICQ


Interests

Found 45 results

  1. Making a list of the world’s most-visited torrent sites has been a long-standing tradition at TF, which we continue today. At the start of 2015 KickassTorrents is pulling in most traffic followed by Torrentz. File-sharing icon The Pirate Bay is currently down, but gets a mention thanks to a popular copy. Most torrent users rarely change their downloading habits or the places where they get their daily torrent dose. This is also reflected in our annual top 10 where most sites have had a consistent listing for more than half a decade. Like every year there are a few movers and shakers though, and the biggest impact was made by the Pirate Bay raid early last month. The notorious torrent site has been crowned the most popular torrent site since 2008, but isn’t serving any torrents at the beginning of this year. As a result, the top spot is now taken by KickassTorrents. The Pirate Bay hasn’t gone away completely though. There are currently several popular clones and copies of the site that together can easily match the traffic of most other sites that are listed. Thanks to one of its top copies TPB managed to secure a spot in 4th place. Considering the situation we decided to mention both the original Pirate Bay domain and the most-used copy. The rest of the top 10 consists of other familiar names. Bitsnoop.com is the only site to drop from the list, with Limetorrents.cc taking its place. Demonoid, which returned online earlier this year, just fell out of the top 10 but appears to be making a slow but steady comeback that’s worth mentioning. There is a good chance that it will return again next year. Below is the full list of the top 10 most-visited torrent sites at the start of the new year. Only public and English language content sites are included. The list is based on various traffic reports and we display the Alexa and U.S. Compete rank for each. In addition, we include last year’s ranking for each of the 10 sites. 1. KICKASSTORRENTS KickassTorrents was founded in 2009 and surpassed The Pirate Bay in traffic this year, even before it went down. Battling various censorship efforts the site has burned through a few different domain names over the years. Most recently it switched to the Somalian Kickass.so address. ALEXA RANK: 151 / COMPETE RANK: 711 / LAST YEAR #2 2. TORRENTZ Torrentz has been the leading BitTorrent meta-search engine for many years. Unlike the other sites featured in the list Torrentz does not host any torrent files, it merely redirects visitors to other places on the web. The site uses several domain names with .eu being the most popular. ALEXA RANK: 206 / COMPETE RANK: 1.716 / LAST YEAR #3 3. EXTRATORRENT ExtraTorrent continues to gain more traffic and has become one of the most active torrent communities. The site is also the home of the popular ETTV and ETRG release groups. ALEXA RANK: 356 / COMPETE RANK: 3,446 / LAST YEAR #4 4. THE PIRATE BAY (COPIES AND CLONES) At the time of writing The Pirate Bay isn’t serving any torrents. However, there are several copies and clones of the site which, at least temporarily, take its place. OldPiratebay.org is currently the most popular and based on its recent traffic the site is already ranked at least 4th in this list. ALEXA RANK: NA / COMPETE RANK: NA / LAST YEAR #1 5. YTS YTS, also known as the release group “YIFY,†has become the most recognizable movie piracy brands on the Internet. Despite a court court-ordered ISP blockade in the UK the group’s torrent site continues expand. ALEXA RANK: 740 / COMPETE RANK: 4,271 / LAST YEAR #5 6. EZTV TV-torrent distribution group EZTV is a niche site specializing in TV content only. Because of its narrow focus, EZTV’s traffic varies in line with the TV seasons. Despite posting only a few dozen torrents per week it attracts millions of visitors. ALEXA RANK: 1,262 / COMPETE RANK: 5,421 / LAST YEAR #6 7. RARBG RARBG, which started out as a Bulgarian tracker, was last year’s newcomer and continues to rake in more visitors. The site was blocked by UK ISPs last month, which put it on par with most other sites in the top 10. ALEXA RANK: 1,326 / COMPETE RANK: 8,890 / LAST YEAR #10 8. ISOHUNT.TO Isohunt.to was launched in 2013, less than two weeks after isoHunt.com shut down. The site is not affiliated with the old isoHunt but hopes to keep its spirit alive. The same people are also behind Oldpiratebay.org, which is is listed in 4th place. ALEXA RANK: 1,890 / COMPETE RANK: 7,723 / LAST YEAR #8 9. 1337X 1337x is a community driven torrent site. The site’s owners say they launched 1337x to “fill an apparent void where it seemed there was a lack of quality conscience ad free torrent sites with public trackers.†This year the site dropped its .org domain and is now operating from 1337x.to. ALEXA RANK: 2,581 / COMPETE RANK: 11,389 / LAST YEAR #7 10. LIMETORRENTS Limetorrents.cc has been around for several years already, and regained a spot in the top 10 this year. The site appeared in the news this summer after it was sued by LionsGate for posting a link to a leaked copy of The Expendables 3. The case is still ongoing. ALEXA RANK: 2,608 / COMPETE RANK: 3,984 / LAST YEAR #NA Disclaimer: Yes, we know that Alexa isn’t perfect and that Compete has plenty of flaws, but combined both do a pretty good job at comparing sites that operate in a similar niche. http://torrentfreak.com/top-popular-torrent-sites-2015-150104/
  2. Tracker Name: Hey.Fux0r.eu Tracker URL: http://hey.fux0r.eu/ Tracker Genre: Porn Tracker Access: Invite Only Tracker speed: 9/10 Tracker content: 8/10 IRC: irc.corrupt-net.org (+7000 #Fux0r, #Fux0r.Support) Description: This tracker is one of the best trackers for porn. Speeds are good but you can find more things on another trackers. It is hard to get invite Logo: Home: Browse: Requests: Top 10: Statistic: Rules: Forum: Wiki: Donations: User Classes:
  3. Here is the list of 10 must play games of 2015 with best graphics. 10- No Man’s Sky No Man’s Sky is an upcoming science fiction video game created and distributed by Hello Games. It will emphasize a procedural created, hugely multiplayer open world. Affirmed at VGX 2013 nearby a trailer, the game is seen to peculiarity planetary investigation, profound seas, space-based fights, and potential predators on the different procedural-created planets. Every world has its own particular environment with conceivably unforgiving conditions, for example, desert planets with substantial flesh eating worms. 9- Zelda WiiU The Legend of Zelda at long last makes it to the Wiiu in an unique principle establishment portion and in HD shockingly. Guaranteeing a huge and totally open world, Zedla Wiiu is situated to revolutionist the arrangement’s equation 8- Xenoblade Chronicles X Japanese role-playing video game by engineer Monolith Soft and distributed by Nintendo for the Wii U. The game is a piece of the Xeno arrangement of video games, particularly a profound successor to Xenoblade Chronicles on the Wii. It is booked for discharge in 2015 in Japan, North America, Europe and Australia. 7- Rise of The Tomb Raider Square Enix affirmed back in August 2013 that a continuation of its 2013 Tomb Raider reboot is in progress. Ascent of the Tomb Raider was disclosed in Microsoft’s 2014 E3 presentation. Likewise, tombs are affirmed for the game – which is by and by being created by Crystal Dynamics. Rhianna Pratchett, the lead author of a year ago’s Tomb Raider, is additionally ready for lead essayist – which ought to be energizing for fans 6- Quantum Break Quantum Break is a progressive game experience elite on Xbox One that obscures the line in the middle of games and TV. Quantum Break is produced by Remedy Entertainment, the creators of Max Payne and Alan Wake. 5- Deep Down Where it counts – a working title – is another IP from Capcom selective for the PS4. It’s a dream themed Adventure game that is ready to dispatch in the fall of 2013 nearby the Ps4. Nothing more is known yet; with more prone to be published at E3 2013. 4- Batman: Arkham Knight We’ve known for quite a while that Rocksteady has been beavering ceaselessly on another Batman title since the business and basic accomplishment of Arkham City. In the wake of giving control over to Warner Bros Montreal for Arkham Origins, they are presently back in the driving seat for Batman: Arkham Knight and taking Batman to the cutting edge. 3- Bloodborne Venture Beast is a supposed upcoming cutting edge title from Dark Souls designers From Software and Sony Japan Studios for PlayStation 4. At present, no more is thought about the title, despite the fact that there is hypothesis that the game will be an otherworldly successor to the Souls games. 2- The Witcher 3: Wild Hunt The Witcher 3: Wild Hunt is an upcoming activity pretending video game as of now being created by CD Projekt RED and authoritatively affirmed on February 5, 2013. The game will be the third in an arrangement, went before by The Witcher and The Witcher 2: Assassins of Kings. The Witcher 3 will emphasize the new Redengine 3 game motor, created by CD Projekt RED and composed particularly for nonlinear Rpgs set in limitless open world situations. 1- Uncharted 4: A Thiefs End A few years after his last undertaking, resigned fortune seeker, Nathan Drake, is constrained go into the universe of cheats. With the stakes significantly more individual, Drake leaves on a globe-jogging trip in quest for a recorded intrigue behind a mythical privateer treasure. His most noteworthy experience will test his physical limits, his intention, and eventually what he’s ready to give up to spare the ones he adores.
  4. M-Team-TP/MTTP Review | 2015 | March M-Team-TP (MTTP) was often referred to be an adult tracker, is a Chinese tracker, has surprisingly turned to be one of the best HD Trackers out there now. They have separate section for Adult Contents. MTTP currently has over 1 lakh torrents including porn contents. With the release of Bluray discs with pretimes as good as CHDBits used to give[CHDBits releasers, encoders might have moved to here for now] & in its absence MTTP is now looked up on as one of the best sources by encoders and HD enthusiasts as they fast release Bluray discs, followed by its Remuxes and 720p, 1080p , 3D encodes, iPad encodes etc in the highest quality available. Seeding and maintaining ratio is quite easy like any other chinese trackers with lot of leechers in the swarm & lot of freeleeches, time limited freeleeches on new uploads, halfleeches and bonus point exchanges etc helps. They have internal release teams such as MTeam, MTeamTV, MTeam3D, MTeamPAD, KiSHD, BMDru etc & all internals are marked by a small icon 'M'before the Title & is made sticky(pinned) , and other high quality outside encodes are also shared here. MTTP have a small newbie assessment of 15GB download & upload for fresh signups as per new 2015 announcement [earlier didn't have], but unlike CHD, HDWinG & TTG , MTTP don’t have year ending assessments (yet ), & all of these which makes MTTP a top notch one. Tracker Name : M-Team Tracker Genre : High-Definition | General |XXX Tracker Type : Ratio Based Tracker URL : You know it Tracker Sign Up : Closed ( Invite Only ) Maintaining Ratio : Easy/Medium Bonus System : Yes, available (can exchange for upload credits, invite, custom title etc) Tracker Birthday : 2012 SITE STAT Home Page Categories/Search Browse/Torrents Page New Browse Page With Thumb Nails,DIY Tags etc Added **[May 2015 Update] Adult Forum Site-Bet Bonus Page Offers Upload Page Subtitles Upload Request FAQ Rules 1.General 2.Newbie Assessment Rule 3.Inactivity UserClasses Donation Personal Rating For Bluray contents Content : 7/10 Speed : 8/10 Pretime : 9/10 **Any Edit/add needed please let me know
  5. Tracker Name | TheSportsTorrentNetwork (TSTN) Tracker URL | http://www.tstn.fr/index.php?page=login Genre | Sports Maintaining Ratio | Easy Access | It seems it will be Invite Only. As the homepage says : Sign ups are open at the moment, so you are in luck. Signs Up Url | http://www.tstn.fr/index.php?page=signup Home Faq Rules Torrents Request
  6. Tracker Name : karagarga (KG) Tracker URL :http://karagarga.net/ Tracker Type : Movies Signup URL : Invite only Description: Karagarga is a tracker for old/classic and rare movies. Their content is coming from various countries, like movies from France, movies from Germany and so on. They have some movies that can't be easily found on any other tracker. This is one of my best trackers Home: Statistic: Torrent Categories: Browse page: Requests: Forum: Rules: Bonus sistem: FAQ: Donations: IRC Details: Content:10/10 Speed:9/10 Comunity: 9/10
  7. TRACKER NAME: TorrentHR Tracker URL: http://torrenthr.org/ Language : Croatian Signup: Closed / Invite Only Tracker type: Ratioless (General) Tracker Description: TorrentHR is a croatian private tracker, it is a ratioless general tracker, the pretimes and speed arent so good , but it's very popular among people from ex-Yu, they have many domestic ( ex-YU ) content, alot of music, movies, games, sport events ( like formula 1, uefa champions lige, etc ), tv-shows, also they have own realese group Rakija ( that release popular movies, tv shows - mainly domestic, cartoons etc ), there is karma bonus system, so you can exchange bonus to buy invites, upload, you gain points for voting on polls, uploading new torrents, filling requests. Home: Statistic: Torrent Categories: Browse page: Forum: Rules: FAQ: Bonus sistem: Donations: IRC Details: Tracker speed: 8/10 Tracker pre times: 7/10 Comunity: 8/10
  8. This is my first review. I hope you gonna like it ! If you like it, please rep up HDO is a brand new french tracker for HD Content Only He was created by 3 other trackers (HDFZ,HDD,OHD) The site is closed for signup, and the invite system is disabled. HOME BROWSE REQUESTS FORUM RULES STATS
  9. Tracker Name : HD-Space.org Tracker Genre : Gnereal Tracker Type : Ratio Based Bonus System : Yes Maintaining Ratio : Easy Tracker URL : https://hd-space.org/ Tracker IRC : Network : P2P-NET Server irc.p2p-network.net Channel : #hdspace IRC Bonus : N/A Tracker Description : HD-space is a very good private tracker for all HD content with about 25000 torrents.It has many encodes for well known encoders like KILLERS-CtrlHD-DIMENSION-EbP-DON- PublicHD-SPARKS.It has also many encodes for internal encoder SpaceHD which all are FreeLeech.Download speed is very fast&Pre-time is perfect.Keeping good ratio is easy with bonus system&and it open for FreeLeech frequently.Invites are easy to be obtained. Home: Torrents: Upload: Forum: Rules: FAQ: Donation: Ratings: 8/10 Content 9/10 Speed 8/10 Community 8/10 Overall experience Add Rep and Leave a feedback Reputation is the green button in the down right corner on my post Don't forget to press the Thanks button
  10. The South by Southwest (SXSW) music festival is one of the largest and most popular in the United States. For more than a decade SXSW has been sharing DRM-free songs of the performing artists, 55 GB worth so far. This year's release is the largest thus far with 1,291 tracks totaling more than eight gigabytes. Since 2005 the SXSW music festival has published thousands of DRM-free tracks from participating artists. For some of the first releases the festival organizers created the torrents for the artist showcases themselves, but since 2008 this task has been in the hands of the public. In 2014 SXSW replaced the MP3 files with Soundcloud links, which complicated the archiving process. Luckily, this year all of the regular SXSW showcase MP3s are freely available again on the festival site for sampling purposes. In common with previous years, Ben Stolt has taken the time and effort to upload all of the MP3s onto BitTorrent with proper ID3 tags. The 2015 release is out now and comes in two torrents containing 1,291 tracks. That’s 8.42 gigabytes of free music in total, which is a new record. “These torrents include tracks that can be previewed on the SXSW website for SXSW 2015. This year’s includes 1,291 files totaling 8.42GB, making it the largest to date,†Stolt notes. All the tracks released for the previous editions are also still available for those people who want to fill up their MP3 players without having to invest thousands of dollars. The 2005 – 2015 archives now total more than 55 gigabytes. Every year SXSW torrents are a great success, with many thousands of music aficionados downloading gigabytes of free music across virtually every genre from both established acts and upcoming bands. This year’s SXSW music festival is currently underway in Austin, Texas and ends tomorrow. The torrents, however, are expected to live on for as long as there are people sharing. Torrentfreak
  11. - Sci Fi MOVIES - for every uploaded on "Science fiction Movies" in March 2015 you will receive 5 Gb, another 3 Gb if not yet on the site + 1Gb for every collection item (type, actor, actress, director, producer - complete list on collections) - All these - Sci Fi Movies - uploads are free leech in March 2015- As Always you have to claim your reward by PM to Rudieger
  12. VPN services have become an important tool to counter the growing threat of Internet surveillance, but unfortunately not all VPNs are as anonymous as one might hope. In fact, some VPN services log users' IP-addresses and other private info for months. To find out how anonymous VPNs really are, TF asked the leading providers about their logging practices and other privacy sensitive policies. By now most Internet users are well aware of the fact that pretty much every step they take on the Internet is logged or monitored. To prevent their IP-addresses from being visible to the rest of the Internet, millions of people have signed up to a VPN service. Using a VPN allows users to use the Internet anonymously and prevent snooping. Unfortunately, not all VPN services are as anonymous as they claim, as several incidents have shown in the past. By popular demand we now present the fourth iteration of our VPN services “logging†review. In addition to questions about logging practices, we also asked VPN providers about other privacy sensitive policies, so prospective users can make an informed decision. — 1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long? 2. Under what jurisdiction(s) does your company operate? 3. What tools are used to monitor and mitigate abuse of your service? 4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users? 5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled? 6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened? 7. Does your company have a warrant canary or a similar solution to alert customers to gag orders? 8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? 9. Which payment systems do you use and how are these linked to individual user accounts? 10. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches†if a connection drops and DNS leak protection? 11. Do you use your own DNS servers? (if not, which servers do you use?) 12. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located? — Below is the list of responses we received from various VPN providers, in their own words. In some cases we asked for further clarification. VPN providers who keep logs for longer than 7 days were excluded, and others who simply failed to respond. Please note that several VPN companies listed here do log to some extent. We therefore divided the responses into a category of providers who keep no logs (page 1/2) and one for who keep usage and/or session logs (page 3). The order of the VPNs within each category holds no value. We are also working on a convenient overview page as well as dedicated review pages for all providers, with the option for users to rate theirs and add a custom review. These will be added in the near future. VPNS THAT KEEP NO LOGS PRIVATE INTERNET ACCESS 1. We do not log, period. This includes, but is not limited to, any traffic data, DNS data or meta (session) data. Privacy IS our policy. 2. We choose to operate in the US in order to provide no logging service, as there is no mandatory data retention law in the US. Additionally, our beloved clients are given access to some of the strongest consumer protection laws, and thus, are able to purchase with confidence. 3. We do not monitor our users, period. That said, we have a proprietary system in place to help mitigate abuse. 4. We utilize SendGrid as an external mailing system and encourage users to create an anonymous e-mail when signing up depending on their adversarial risk level. Our support system is in-house as we utilize Kayako. 5. We have a proprietary system in place that allows us to comply in full with DMCA takedown notices without disrupting our users’ privacy. Because we do not log our users’ activities in order to protect and respect their privacy, we are unable to identify particular users that may be infringing the lawful copyrights of others. 6. We do not log and therefore are unable to provide information about any users of our service. We have not, to date, been served with a valid court order that has required us to provide something we do not have. 7. We do not have a warrant canary in place at this time as the concept of a warrant canary is, in fact, flawed at this time, or in other words, is “security theater.†8. We do not attempt to filter, monitor, censor or interfere in our users’ activity in any way, shape or form. BitTorrent is, by definition, allowed. 9. We utilize a variety of payment systems including, but not limited to, PayPal, Stripe, Amazon, Google, Bitcoin, Stellar, CashU, Ripple, Most Major Store Bought Gift card, PIA Gift cards (available in retail stores for “cashâ€), and more. We utilize a hashing system to keep track of payments and credit them properly while ensuring the strongest levels of privacy for our users. 10. The most secure VPN connection and encryption algorithm that we would recommend to our users would be our suite of AES-256, RSA 4096 and SHA1 or 256. However, AES-128 should still be considered quite safe. For users of Private Internet Access specifically, we offer addon tools to help ensure our beloved clients’ privacies including: – Kill Switch : Ensures that traffic is only routed through the VPN such that if the VPN connection is unexpectedly terminated, the traffic would simply not be routed. – IPv6 Leak Protection : Protects clients from websites which may include IPv6 embeds which could leak IPv6 IP information. – DNS Leak Protection : This is built in and ensures that DNS requests are made through the VPN on a safe, private no-log DNS daemon. – Shared IP System : We mix clients’ traffic with many clients’ traffic through the use of an anonymous shared-IP system ensuring that our users blend in with the crowd. 11. We are currently using our own DNS caching. 12. We utilize third party datacenters that are operated by trusted friends and, now, business partners who we have met and completed our due diligence on. Our servers are located in: USA, Canada, UK, Switzerland, Amsterdam, Sweden, Paris, Germany, Romania, Hong Kong, Israel, Australia and Japan. We have over 2,000 servers deployed at the time of writing with over 1,000 in manufacture/shipment at this time. Private Internet Access website TORGUARD 1. No logs are kept whatsoever. TorGuard does not store any traffic logs or user session data on our network because since day one we engineered every aspect of the operation from the ground up, permitting us full control over the smallest details. In addition to a strict no logging policy we run a shared IP configuration that provides an added layer of anonymity to all users. With hundreds of active sessions sharing a single IP address at any given time it becomes impossible to back trace usage. 2. At the time of this writing our headquarters currently operates from the United States. Due to the lack of data retention laws in the US, our legal team has determined this location to be in the best interest of privacy for the time being. Although TorGuard’s HQ is in the US, we take the commitment to user privacy seriously and will uphold this obligation at all costs, even if it means transferring services or relocating company assets. 3. Our network team uses a combination of open source monitoring apps and custom developed tools to mitigate any ongoing abuse of our services. This allows us to closely monitor server load and uptime so we can pinpoint and resolve potential problems quickly. If abuse reports are received from an upstream provider, we block them in real-time by employing various levels of firewall rules to large blocks of servers. Should these methods fail, our team is quick to recycle entire IP blocks and re-deploy new servers as a last resort. 4. For basic troubleshooting and customer service purposes we utilize Livechatinc for our chat support. TorGuard staff does make use of Google Apps for company email, however no identifying client information like passwords, or billing info is ever shared among either of these platforms. All clients retain full control over account changes in our secure member’s area without any information passing through an insecure channel. 5. Because we do not host any content it is not possible for us to remove anything from a server. In the event a DMCA notice is received it is immediately processed by our abuse team. Due to our shared network configuration we are unable to forward any requests to a single user. In order to satisfy legal requirements from bandwidth providers we may temporarily block infringing protocols, ports, or IPs. 6. If a court order is received, it is first handled by our legal team and examined for validity in our jurisdiction. Should it be deemed valid, our legal representation would be forced to further explain the nature of a shared IP configuration and the fact that we do not hold any identifying logs. No, we remain unable to identify any active user from an external IP address and time stamp. 7. No, at this time we do not have a warrant canary. 8. Yes, TorGuard was designed with the BitTorrent enthusiast in mind. P2P is allowed on all servers, although for best performance we suggest using locations that are optimized for torrents. Users can find these servers clearly labeled in our VPN software. 9. We currently accept over 200 different payment options through all forms of credit card, PayPal, Bitcoin, altcoins (e.g. dogecoin, litecoin + more), Paysafecard, Alipay, CashU, Gift Cards, and many other methods. No usage can be linked back to a billing account due to the fact that we maintain zero logs across our network. 10. For best security we advise clients to use OpenVPN connections only and for encryption use AES256 with 2048bit RSA. Additionally, TorGuard VPN offers “Stealth†protection against DPI (Deep Packet Inspection) interference from a nosey ISP so you can access the open web freely even from behind the Great Firewall of China. These options are available on select locations and offer excellent security due to the cryptography techniques used to obfuscate traffic. Our VPN software uses OpenVPN exclusively and features built in DNS leak protection, an App Killswitch, and a connection Killswitch. We have also just released a built in WebRTC leak block feature for Windows Vista/7/8 users. 11. Yes, we offer private, no log DNS servers which can be obtained by contacting our support desk. By default we also use Google DNS and OpenDNS for performance reasons on select servers. 12. TorGuard currently maintains 1000+ servers in over 44 countries around the world and we continue to expand the network every month. We retain full physical control over all hardware and only seek partnerships with data centers who can meet our strict security criteria. All servers are deployed and managed exclusively by our in house networking team via a single, secure key. We have servers in Australia, Belgium, Brazil, Canada, China, Costa Rica, Czech Republic, Denmark, Egypt, Finland, France, Germany, Greece, Hong Kong, Iceland, India, Indonesia, Ireland, Italy, Japan, Korea, Latvia, Luxembourg, Malaysia, Mexico, Netherlands, New Zealand, Norway, Panama, Poland, Portugal, Romania, Russia, Saudi Arabia, Singapore, South Africa, Spain, Sweden, Switzerland, Tunisia, Turkey, United Kingdom, USA, and Vietnam. TorGuard website IPVANISH 1. IPVanish has a zero-log policy. We keep NO traffic logs on any customer, ever. 2. IPVanish is headquartered in the US and thus operates under US law. 3. IPVanish monitors CPU utilization, bandwidth and connection counts. When thresholds are passed, a server may be removed from rotation as to not affect other users. 4. IPVanish does not use any external support tools that hold user information. We do, however, operate an opt-in newsletter that is hosted at Constant Contact. Customers are in no way obligated to sign up for the newsletter. 5. IPVanish keeps no logs of any user’s activity and responds accordingly. 6. IPVanish, like every other company, follows the law in order to remain in business. Only US law applies. 7. No. 8. P2P is permitted. IPVanish does not block or throttle any ports, protocols, servers or any type of traffic whatsoever. 9. Bitcoin, PayPal and all major credit cards are accepted. Payments and service use are in no way linked. User authentication and billing info are also managed on completely different and independent platforms. 10. We recommend OpenVPN with 256 bit AES as the most secure VPN connection and encryption algorithm. IPVanish’s service and software also currently provide DNS leak prevention. We are developing a kill switch in upcoming releases of our software. 11. IPVanish does use its own DNS servers. Local DNS is handled by the server a user connects to. 12. IPVanish is one of the only tier-1 VPN networks, meaning we own and operate every aspect of our VPN platform, including physical control of our VPN servers. This gives IPVanish users security and speed advantages over other VPN services. IPVanish servers can be found in over 60 countries including the US, UK, Canada, Netherlands and Australia. IPVanish website IVPN 1. No, this is fundamental to the service we provide. It is also in our interests not to do so as it minimizes our own liability. 2. Gibraltar. In 2014 we decided to move the company from Malta to Gibraltar in light of the new 2015 EU VAT regulations which affect all VPN service providers based in the EU. The EU VAT regulations now require companies to collect two pieces of non-conflicting evidence about the location of a customer; this would be at a minimum the customer’s physical address and IP address. 3. We have built a number of bespoke systems over the last 5 years as we’ve encountered and addressed most types of abuse. At a high level we use Zabbix, an open-source monitoring tool that alerts us to incidents. As examples we have built an anti-spam rate-limiter based on iptables so we don’t have to block any email ports and forked a tool called PSAD which allows us to detect attacks originating from our own network in real time. 4. No. We made a strategic decision from the beginning that no company or customer data would ever be stored on 3rd party systems. Our customer support software, email, web analytics (Piwik), issue tracker, monitoring servers, code repo’s, configuration management servers etc. all run on our own dedicated servers that we setup, configure and manage. 5. Our legal department sends a reply stating that we do not store content on our servers and that our VPN servers act only as a conduit for data. In addition, we never store the IP addresses of customers connected to our network nor are we legally required to do so. 6. That would depend on the information with which we were provided. If asked to identify a customer based on a timestamp and/or IP address then we would reply factually that we do not store this information, so we are unable to provide it. If they provide us with an email address and asked for the customer’s identity then we reply that we do not store any personal data, we only store a customer’s email address. If the company were served with a valid court order that did not breach the Data Protection Act 2004 we could only confirm that an email address was or was not associated with an active account at the time in question. We have never been served with a valid court order. 7. Yes absolutely, we’ve published a canary since August 2014. 8. Yes, we don’t block BitTorrent or any other protocol on any of our servers. We do kindly request that our customers use non-USA based exit servers for P2P. Any company receiving a large number of DMCA notices is exposing themselves to legal action and our upstream providers have threatened to disconnect our servers in the past. 9. We accept Bitcoin, Cash and Paypal. When using cash there is no link to a user account within our system. When using Bitcoin, we store the Bitcoin transaction ID in our system. If you wish to remain anonymous to IVPN you should take the necessary precautions when purchasing Bitcoin (See part 7 of our advanced privacy guides). With Paypal we store the subscription ID in our system so we can associate incoming subscription payments. This information is deleted immediately when an account is terminated. 10. We provide RSA-4096 / AES-256 with OpenVPN, which we believe is more than secure enough for our customers’ needs. If you are the target of a state level adversary or other such well-funded body you should be far more concerned with increasing your general opsec than worrying about 2048 vs 4096 bit keys. The IVPN client offers an advanced VPN firewall that blocks every type of IP leak possible (DNS, network failures, WebRTC STUN, IPv6 etc.). It also has an ‘always on’ mode that will be activated on boot before any process on the computer starts. This will ensure than no packets are ever able to leak outside of the VPN tunnel. 11. Yes. Once connected to the VPN all DNS requests are sent to our pool of internal recursive DNS servers. We do not use forwarding DNS servers that forward the requests to a public DNS server such as OpenDNS or Google. 12. We use dedicated servers leased from 3rd party data centers in each country where we have a presence. We employ software controls such as full disk encryption and no logging to ensure that if a server is ever seized it’s data is worthless. We also operate a multi-hop network so customers can choose an entry and exit server in different jurisdictions to make the adversaries job of correlating the traffic entering and exiting our network significantly more complicated. We have servers located in Switzerland, Germany, Iceland, Netherlands, Romania, France, Hong-Kong, USA, UK and Canada. IVPN website PRIVATEVPN 1.We don’t keep ANY logs that allow us or a 3rd party to match an IP address and a time stamp to a user of our service. The only thing we log are e-mails and user names but it’s not possible to bind an activity on the Internet to a user on PrivateVPN. 2. We operate in Swedish jurisdiction. 3. If there’s abuse, we advise that service to block our IP in the first instance, and second, we can block traffic to the abused service. 4. No. We use a service from Provide Support (ToS) for live support. They do not hold any information about the chat session. From Provide support: Chat conversation transcripts are not stored on Provide Support chat servers. They remain on the chat server for the duration of the chat session, then optionally sent by email according to the user account settings, and then destroyed. 5. This depends on the country in which we’re receiving a DMCA takedown. For example, we’ve received a DMCA takedown for UK and Finland and our response was to close P2P traffic in those countries. 6. If we get a court order to monitor a specific IP then we need to do it, and this applies to every VPN company out there. 7. We’re working on a solution where we publish a statement that we haven’t received legal process. One we receive a legal process, this canary statement is removed. 8. Yes, we allow Torrent traffic. 9. PayPal, Payson, 2Chrckout and Bitcoin. Every payment has an order number, which is linked to a user. Otherwise we wouldn’t know who has made a payment. To be clear, you can’t link a payment to an IP address you get from us. 10. OpenVPN TUN with AES-256. On top is a 2048-bit DH key. For our Windows VPN client, we have a feature called “Connection guardâ€, which will close a selected program(s) if the connection drop. We have no tools for DNS leak but we’re working on a protection that detects the DNS leak and fixes this by changing to a secure DNS server. 11. We use a DNS from Censurfridns. 12. We have physical control over our servers and network in Sweden. All other servers and networks are hosted by ReTN, Kaia Global Networks, Leaseweb, FDCServers, Blix, Zen systems, Wholesale Internet, Creanova, UK2, Fastweb, Server.lu, Selectel, Amanah and Netrouting. We have servers located in: Sweden, United States, Switzerland, Great Britain, France, Denmark, Luxembourg, Finland, Norway, Romania, Russia, Germany, Netherlands, Canada and Ukraine. PrivateVPN website PRQ 1. No 2. Swedish 3. Our own. 4. No 5. We do not care about DMCA. 6. We only require a working e-mail address to be a customer, no other information is kept. 7. No. 8. As long as the usage doesn’t violate the ToS, we do not care. 9. None of the payment methods are linked to a user. 10. OpenVPN, customers have to monitor their service/usage. 11. Yes. 12. Everything is inhouse in Sweden. PRQ website MULLVAD 1. No. This would make both us and our users more vulnerable so we certainly don’t. To make it harder to watch the activities of an IP address from the outside we also have many users sharing addresses, both for IPv4 and IPv6. 2. Swedish. 3. We don’t monitor our users. In the rare cases of such egregious network abuse that we can’t help but notice (such as DoS attacks) we stop it using basic network tools. 4. We do use external providers and encourage people sending us email to use PGP encryption, which is the only effective way to keep email somewhat private. The decrypted content is only available to us. 5. There is no such Swedish law that is applicable to us. 6. We get requests from governments from time to time. They never get any information about our users. We make sure not to store sensitive information that can be tied to publicly available information, so that we have nothing to give out. We believe it is not possible in Swedish law to construct a court order that would compel us to actually give out information about our users. Not that we would anyway. We started this service for political reasons and would rather discontinue it than having it work against its purpose. 7. Under current Swedish law there is no way for them to force us to secretly act against our users so a warrant canary would serve no purpose. Also, we would not continue to operate under such conditions anyway. 8. Yes. 9. Bitcoin (we were the first service to accept it), cash (in the mail), bank transfers, and PayPal / credit cards. Payments are tied to accounts but accounts are just random numbers with no personal information attached that users can create at will. With the anonymous payments possible with cash and Bitcoin it can be anonymous all the way. 10. OpenVPN (using the Mullvad client program). Regarding crypto, ideally we would recommend Ed25519 for certificates, Curve25519 for key exchange (ECDHE), and ChaCha20-Poly1305 for data streams but that suite isn’t supported by OpenVPN. We therefore recommend and by default use RSA-2048, D-H (DHE) and AES-256-CBC-SHA. We have a “kill switch,†DNS leak protection and IPv6 leak protection (and IPv6 tunnelling). 11. Yes, we use our own DNS servers. 12. We have a range of servers. From on one end servers lovingly assembled and configured by us with ambitious physical security in data centers owned and operated by people we trust personally and whose ideology we like. On the other end rented hardware in big data centers. Which to use depends on the threat model and performance requirements. Currently we have servers hosted by GleSYS Internet Services, 31173 Services and Leaseweb in Sweden, the Netherlands, USA and Germany. Mullvad website BOLEHVPN 1. No. 2. Malaysia. This may change in the near future and we will post an announcement when this is confirmed. 3. We do monitor general traffic patterns to see if there is any unusual activity that would warrant a further investigation. 4. We use ZenDesk and Zopim but are moving to use OSTicket which is open source. This should happen in the next 1-2 months. 5. Generally we work with the providers to resolve the issue and we have never given up any of our customer information. Generally we terminate our relationship with the provider if this is not acceptable. Our US servers under DMCA jurisdiction or UK (European equivalent) have P2P locked down. 6. This has not happened yet but we do not keep any user logs so there is not much that can be provided especially if the payment is via an anonymous channel. One of our founders is a lawyer so such requests will be examined on their validity and we will resist such requests if done without proper cause or legal backing. 7. Yes. 8. Yes it is allowed except on those marked Surfing-Streaming only which are restricted either due to the provider’s policies or limited bandwidth. 9. We use MolPay, PayPal, Coinbase, Coinpayments and direct deposits. On our system it is only marked with the Invoice ID, the account it’s for, the method of payment and whether it’s paid or not. We however of course do not have control of what is stored with the payment providers. 10. Our Cloak configurations implement 256 bit AES and a SHA-512 HMAC combined with a scrambling obfuscation layer. We do have a lock down/kill switch feature and DNS leak protection. 11. Yes we do use our own DNS servers. 12. Our VPN servers are hosted by third parties however for competitive reasons, we rather not mention our providers (not that it would be hard to find out with some digging). However none of these servers hold anything sensitive as they are authenticated purely using PKI infrastructure and as long as our users regularly update their configurations they should be fine. We do however have physical control over the servers that handle our customer’s information. BolehVPN website NORDVPN 1. Do we keep logs? What is that? Seriously, we have a strict no-logs policy over our customers. The only information we keep is customers’ e-mail addresses which are needed for our service registration (we keep the e-mail addresses until the customer closes the account). 2. NordVPN is based out of Panama. 3. No tools are used to monitor our customers in any case. We are only able to see the servers’ load, which helps us optimize our service and provide the best possible Internet speed to our users. 4. We use the third-party live support tool, but it is not linked to the customers’ accounts. 5. When we receive any type of legal notices, we cannot do anything more than to ignore them, simply because they have no legal bearing to us. Since we are based in Panama, all legal notices have to be dealt with according to Panamanian laws first. Luckily they are very friendly to Internet users. 6.If we receive a valid court order, firstly it would have to comply with the laws of Panama. In that case, the court settlement should happen in Panama first, however were this to happen, we would not be able to provide any information because we keep exactly nothing about our users. 7. We do not have a warrant canary or any other alert system, because as it was mentioned above, we operate under the laws of Panama and we guarantee that any information about our customers will not be distributed to any third party. 8. We do not restrict any BitTorrent or other file-sharing applications on most of our servers. 9. We accept payments via Bitcoin, Credit Card, PayPal, Banklink, Webmoney (Paysera). Bitcoin is the best payment option to maintain your anonymity as it has only the paid amount linked to the client. Users who purchase services via PayPal are linked with the usual information the seller can see about the buyer. 10. We have high anonymity solutions which we would like to recommend to everyone seeking real privacy. One of them is Double VPN. The traffic is routed through at least two hoops before it reaches the Internet. The connection is encrypted within two layers of cipher AES-256-CBC encryption. Another security solution – Tor over VPN. Firstly, the traffic is encrypted within NordVPN layer and later sent to the Tor network and exits to the Internet through one of the Tor exit relays. Both of these security solutions give a great encryption and anonymity combination. The benefit of using these solutions is that the chances of being tracked are eliminated. In addition, you are able to access .onion websites when connected to Tor over VPN. Furthermore, our regular servers have a strong encryption which is 2048bit SSL for OpenVPN protocol, AES-256bit for L2TP. In addition to that, we have advanced security solutions, such as the “kill switch†and DNS leak protection which provide the maximum possible security level for our customers. 11. NordVPN has its own DNS servers, also our customers can use any DNS server they like. 12. Our servers are outsourced and hosted by a third parties. Currently our servers are in 26 countries: Australia, Austria, Brazil, Canada, Chile, France, Germany, Hong Kong, Iceland, Isle of Man, Israel, Italy, Liechtenstein, Lithuania, Netherlands, Panama, Poland, Romania, Russia, Singapore, South Africa, Spain, Sweden, Switzerland, United Kingdom and United States. NordVPN website TORRENTPRIVACY 1. We don’t keep any logs with IP addresses. The only information we save is an email. It’s impossible to connect specific activity to a user. 2. Our company is under Seychelles jurisdiction. 3. We do not monitor any user’s traffic or activity for any reason. 4. We use third-party solutions for user communications and emailing. Both are running on our servers. 5. We have small amount of abuses. Usually we receive them through email and all of them are bot generated. As we don’t keep any content we just answer that we don’t have anything or ignore them. 6. It has never happened for 8 years. We will ignore any requests from all jurisdiction except Seychelles. We have no information regarding our customers’ IP addresses and activity on the Internet. 7. No, we don’t bother our users. 8. Yes we support all kind of traffic on all servers. 9. We are using PayPal but payment as a fact proves nothing. Also we are going to expand our payment types for the crypto currencies in the nearest future. 10. We are recommending to use the most simple and secure way — OpenVPN with AES-256 encryption. To protect the torrent downloads we suggest to create a proxy SSH tunnel for your torrent client. In this case you are encrypting only your P2P connection when your browser or Skype uses your default connection. When using standard VPN in case of disconnection your data flows unencrypted. Implementing our SSH tunnel will save from such leaking cause traffic will be stopped. 11. Yes. We are using our own DNS servers. 12. We use third party datacenters for VPN and SSH data transmission in the USA, UK and Netherlands. The whole system is located on our own servers. TorrentPrivacy website PROXY.SH 1. We do not keep any log at all. 2. Republic of Seychelles. And of course, every jurisdiction where each of our servers are, for their specific cases. 3. IPtables, TCPdump and Wireshark, for which their use is always informed at least 24 hours in advance via our Network Alerts and/or Transparency Report. 4. All our emails, panels and support are in-house. We host our own WHMCS instance for billing and support. We host server details, project management and financial management on Redmine that we of course self-run. The only third-party connections we have are Google Analytics and Google Translate on our public website (not panel), for obvious convenience gains, but the data they fetch can easily be hidden or faked. We may also sometimes route email through Mandrill but never with user information. We also have our OpenVPN client’s code hosted at Github, but this is because we are preparing to open source it. 5. We block the affected port and explain to upstream provider and/or complainant that we cannot identify the user who did the infringement, and we can therefore not pass the notice on. We also publish a transparency report and send a copy to the Chilling Effects Clearinghouse. If there are too many infringements, we may block all ports and strengthen firewall rules to satisfy upstream provider, but this may lead us to simply drop the server on short-term due to it becoming unusable. 6. We first post the court order to public and inform our users through our blog, much-followed Twitter account, transparency report and/or network alert. If we are unable to do so, we use our warrant canary. Then, we would explain to the court that we have no technical capacity to identify the user and we are ready to give access to competent and legitimate forensic experts. To this date, no valid court order has been received and acknowledged by us. 7. Yes, proxy.sh/canary. 8. We do not discriminate activity across our network. We are unable to decrypt traffic to differentiate file-sharing traffic from other activities, and this would be against our ethics anyway. The use of BitTorrent and similar is solely limited to the fact you can whether open/use the ports you wish for it on a selected server. 9. We support hundreds of payment methods, from PayPal to Bitcoin through SMS to Ukash and Paysafecard. We use third-party payment providers who handle and carry themselves the payments and the associated user information needed for them (e.g. a name with a credit card). We never have access to those. When we need to identify a payment for a user, we always need to ask him or her for references (to then ask the payment provider if the payment exists) because we do not originally have them. Last but not least, we also have an option to kill accounts and turn them into completelyanonymous tokens with no panel or membership link at all, for the most paranoid customers (in the positive sense of the term). 10. We currently provide Serpent in non-stable & limited beta and it is the strongest encryption algorithm we have. We also openly provide to our experienced users ECDH curve secp384r1 and curve22519 through a 4096-bit Diffie-Hellman key. We definitely recommend such a setup but it requires software compiling skills (you need OpenVPN’s master branch). This setup also allows you to enjoy OpenVPN’s XOR capacity for scrambling traffic. We also provide integration of TOR’s obfsproxy for similar ends. Finally, for more neophyte users, we provide 4096-bit RSA as default standard. It is the strongest encryption that latest stable OpenVPN provides. Cipher and hash are the strongest available and respectively 256-bit CBC/ARS and SHA512. Our custom OpenVPN client of course provides a kill switch and DNS leak protection. 11. Yes, we provide our own OpenNIC DNS servers as well as DNSCrypt capacity. 12. We use a mix of collocation (physically-owned), dedicated and virtual private servers – also known as a private/public cloud combination. All our VPN servers are running from RAM and are disintegrated on shutdown or reboot. About two-third of them are in the public cloud (especially for most exotic locations). Our network spans across more than 40 countries. Proxy.sh website HIDEIPVPN 1. We have revised our policy. Currently we store no logs related to any IP address. There is no way for any third-party to match user IP to any specific activity in the internet. 2. We operate under US jurisdiction. 3. We would have to get into details of each individual point of our ToS. For basics like P2P and torrent traffic on servers that do not allow for such transmissions or connecting to more than three VPN servers at the same time by the same user account. But we do not monitor users’ traffic. Also, since our users use shared IP address of VPN server, there is no way any third party could connect any online activity to a user’s IP address. 4. We are using Google apps for incoming mail and our own mail server for outgoing mail. 5. Since no information is stored on any of our servers there is nothing that we can take down. We reply to the data center or copyright holder that we do not log our users’ traffic and we use shared IP-addresses, which make impossible to track who downloaded any data from the internet using our VPN. 6. We would reply that we do not have measures that would us allow to identify a specific user. It has not happened so far. 7. Currently not. We will consider if our customers would welcome such a feature. So far we have never been asked for such information. 8. This type of traffic is welcomed on our German (DE VPN) and Dutch (NL VPN) servers. It is not allowed on US, UK and Canada servers as stated in our ToS – reason for this is our agreements with data centers. We also have a specific VPN plan for torrents. 9. Currently HideIPVPN accepts the following methods: PayPal, Bitcoin, Credit & Debit cards, AliPay, Web Money, Yandex Money, Boleto Bancario, Qiwi. 10. We would say SoftEther VPN protocol looks very promising and secure. Users can currently use our VPN applications on Windows and OSX systems. Both versions have a “kill switch†feature in case connection drops. Also, our apps are able to re-establish VPN connection and once active restart closed applications. Currently our software does not provide DNS leak protection. However a new version of VPN client is in the works and will be updated with such a feature. We can let you know once it is out. At this time we can say it will be very soon. 11. For VPN we use Google DNS servers, and for SmartDNS we use our own DNS servers. 12. We don’t have physical control of our VPN servers. Servers are outsourced in premium datacenters with high quality tier1 networks. Countries now include – US/UK/NL/DE/CA HideIPVPN website BTGUARD 1. We do not keep any logs whatsoever. 2. United States 3. Custom programs that analyze traffic on the fly and do not store logs. 4. No, all data is stored on servers we control. 5. We do not have any open incoming ports, so it’s not possible for us to “takedown†any broadcasting content. 6. We would take every step within the law to fight such an order and it has never happened. 7. No. 8. Yes, all types of traffic our allowed with our services. 9. We accept PayPal and Bitcoin. All payments are linked to users’ accounts because they have to be for disputes and refunds. 10. We recommend OpenVPN and 128-bit blowfish. We offer instructions for some third party VPN monitoring software. 11. We use our own DNS servers. 12. We have physical control over all our servers. Our servers we offer services with are located in the Netherlands, Canada, and Singapore. Our mail servers are located in Luxembourg. BTGuard website SLICKVPN 1. SlickVPN does not log any traffic nor session data of any kind. 2. We operate a complex business structure with multiple layers of Offshore Holding Companies, Subsidiary Holding Companies, and finally some Operating Companies to help protect our interests. We will not disclose the exact hierarchy of our corporate structures, but will say the main marketing entity for our business is based in the United States of America and an operational entity is based out of Nevis. 3. We do not monitor any customer’s activity in any way. We have chosen to disallow outgoing SMTP which helps mitigate SPAM issues. 4. No. We do utilize third party email systems to contact clients who opt in for our newsletters. 5. If a valid DMCA complaint is received while the offending connection is still active, we stop the session and notify the active user of that session, otherwise we are unable to act on any complaint as we have no way of tracking down the user. It is important to note that we ALMOST NEVER receive a VALID DMCA complaint while a user is still in an active session. 6. Our customer’s privacy is of top most importance to us. We are required to comply with all valid court orders. We would proceed with the court order with complete transparency, but we have no data to provide any court in any jurisdiction. We would not rule out relocating our businesses to a new jurisdiction if required. 7. Yes. We maintain a passive warrant canary, updated weekly, and are investigating a way to legally provide a passive warrant canary which will be customized on a “per user†basis, allowing each user to check their account status individually. It is important to note that the person(s) responsible for updating our warrant canary are located outside of any of the countries where our servers are located. 8. Yes, all traffic is allowed. 9. We accept PayPal, Credit Cards, Bitcoin, Cash, and Money Orders. We keep user authentication and billing information on independent platforms. One platform is operated out of the United States of America and the other platform is operated out of Nevis. We offer the ability for the customer to permanently delete their payment information from our servers at any point. All customer data is automatically removed from our records shortly after the customer ceases being a paying member. 10. We recommend using OpenVPN if at all possible (available for Windows, Apple, Linux, iOS, Android) and it uses the AES-256-CBC algorithm for encryption. Our Windows and Mac client incorporates IP and DNS leak protection which prevents DNS leaks and provides better protection than ordinary ‘kill-switches’. Our IP leak protection proactively keeps your IP from leaking to the internet. This was one of the first features we discussed internally when we were developing our network, it is a necessity for any good VPN provider. 11. Yes. 12. We run a mix. We physically control some of our server locations where we have a heavier load. Other locations are hosted with third parties until we have enough traffic in that location to justify racking our own server setup. To ensure redundancy, we host with multiple providers in each location. We have server locations in over forty countries. In all cases, our network nodes load over our encrypted network stack and run from ramdisk. Anyone taking control of the server would have no usable data on the disk. We run an algorithm to randomly reboot each server on a regular basis so we can clear the ramdisk. SlickVPN website OCTANEVPN 1. No. We cannot locate an individual user by IP address and timestamp. There are no logs written to disk on our gateways. The gateway servers keep the currently authenticated customers in the server’s RAM so they can properly connect and route incoming traffic to those customers. Obviously, if a server is powered down or restarted, the contents of the RAM are lost. We keep gateway performance data such as CPU loading, I/O rates and maximum simultaneous connections so that we can manage and optimize our network. 2. We operate two independent companies with different ownership structures – a network operations company and a marketing company. The network operations company operates out of Nevis. The marketing company operates under US jurisdiction and manages the website, customer accounts and support. The US company has no access to network operations and the Nevis company has no customer account data. 3. We are not in the business of monitoring customer traffic in any way. Spam emails were our biggest issue and early on we decided to prevent outgoing SMTP. Otherwise, the only other abuse tools we use are related to counting the number of active connections authenticated on an account to control account sharing issues. We use a NAT firewall on incoming connections to our gateways to add an extra layer of security for our customers. 4. No. We do use a service to send generic emails. 5. Due to the structure of our network operations company, it is unusual that we would receive a notice. There should be no cause for the marketing company to receive a notice. If we receive a DMCA notice or its equivalent based on activity that occurred in the past, we respond that we do not host any content and have no logs. If we receive a DMCA notice based on very recent activity and the customer’s current VPN session during which it was generated is still active on the gateway, we may put the account on hold temporarily and notify the customer. No customer data is used to respond to DMCA notices. 6. Our customers’ privacy is a top priority for us. We would proceed with a court order with complete transparency. A court order would likely be based on an issue traced to a gateway server IP address and would, therefore, be received by our our network operations company which is Nevis based. The validity of court orders from other countries would be difficult to enforce. The network company has no customer data. Our marketing company is US based and would respond to an order issued by a court of competent jurisdiction. The marketing company does not have access to any data related to network operations or user activity, so there is not much information that a court order could reveal. This has not happened. 7. We are discussing internally and reviewing existing law related to how gag orders are issued to determine the best way to offer this measure of customer confidence. 8. Yes. We operate with network neutrality except for outgoing SMTP. 9. Bitcoin and other cryptocurriences such as Darkcoin, Credit/Debit Card, and PayPal. If complete payment anonymity is desired, we suggest using Bitcoin, DarkCoin, or a gift/disposable credit card. Methods such as PayPal or Credit/Debit card are connected to an account token so that future renewal payments can be properly processed and credited. We allow customers to edit their account information. With our US/Nevis operating structure, customer payment systems information is separate from network operations. 10. We recommend using the AES-256-CBC cipher with OpenVPN, which is used with our client. IPSec is available for native Apple device support and PPTP is offered for other legacy devices, but OpenVPN offers the best security and speed and is our recommended protocol We provide both DNS and IP leak protection in our Windows and Mac OctaneVPN client. Our OpenVPN based client’s IP leak protection works by removing all routes except the VPN route from the device when the client has an active VPN connection. This a better option than a ‘kill switch’ because our client ensures the VPN is active before it allows any data to leave the device, whereas a ‘kill switch’ typically monitors the connection periodically, and, if it detects a drop in the VPN connection, reacts. 11. Yes and we physically control them. You can choose others if you prefer. 12. In our more active gateway locations, we colocate. In locations with lower utilization, we normally host with third parties until volume at that location justifies a physical investment there. The hosted locations may have different providers based on geography. We operate gateways in over 44 countries and 90 cities. Upon booting, all our gateways load over our encrypted network from a master node and operate from encrypted ramdisk. If an entity took physical control of a gateway server, the ramdisk is encrypted and would vanish upon powering down. Torrentfreak
  13. — 1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long? 2. Under what jurisdiction(s) does your company operate? 3. What tools are used to monitor and mitigate abuse of your service? 4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users? 5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled? 6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened? 7. Does your company have a warrant canary or a similar solution to alert customers to gag orders? 8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? 9. Which payment systems do you use and how are these linked to individual user accounts? 10. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches†if a connection drops and DNS leak protection? 11. Do you use your own DNS servers? (if not, which servers do you use?) 12. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located? — VPNS THAT KEEP SOME LOGS IPREDATOR 1. We try to store the least amount of data legally possible anywhere. We keep a record of when you logged in for debugging, which happens encrypted and off-site in a different jurisdiction. IP addresses are encrypted and can only be decrypted by non-support staff to ensure a proper process. These are saved for three days. For example, to work around issues where the police ruffles up the support staff a bit to get data for an abuse report. In the database we only store the details users give us on sign-up and a limited backlog of basic payment information (no PSP processor TX-IDs). We do not run a ticket system, all support emails are deleted after 3 months. Inactive accounts are deleted after 3 months. We do not track you on our website or keep any website logs. We do not rent servers and have control over our network infrastructure. Our primary objective is to protect your anonymity from legal abuse, but not to cover up ethically serious crimes. As stated in the past we are open to an audit of our infrastructure and processes by a trustworthy 3rd party. 2. We only operate servers in Sweden. This includes understanding jurisdictional limitations and engineering our environment according to them, not making claims we cannot hold when things get serious. Offenses penalized by anything less than prison time do not qualify for such a request. For a valid request IPredator then has to hand over the subscription information entered by you, which is all that we are required to do. 3. We only use email to handle abuse related support issues. If a user decides to abuse one of our machines for a DOS attack we use rate limiters on the switches to mitigate this. So far no other tools are needed to deal with abuse. Abuse cases that are not covered by that are forwarded to the BOFH. As long as the BOFH does not wake up or considers the abuse to be substantial all is fine. Imagine Bilbo wading through Smaugs gold. Once awake anything can happen … (in terms of mitigation) 4. No, since those systems tend to be data graves and we do not trust 3rd parties with our users data. 5. The staff forwards them to the BOFH. Notices sent via paper are usually converted into energy by combustion … to power the data center in the basement where the BOFH lives. Digital SPAM^WDMCA notices are looped back into the kernel to increase the VPNs /dev/random devices entropy. 6. Please see 2). 7. Yes we do, for the newest canary see here. 8. Besides filtering SMTP on port 25 we do not impose any restrictions on protocols our users can use on the VPN, quite on the contrary. We believe our role is to provide a net-neutral access. Every user is free to share his/her/its files. We are conservative people and firmly believe in the heritage of our society, which was built upon the free exchange of cultural knowledge. This new age patent system, and the idea that we need companies who milk creators are simply alien to us. Imagine the world going to hell tomorrow … how much will be lost if we do not make sure that there are backup copies. In kopimism we firmly believe that to copy is ones sacred birth right. After all we are all imperfect copies of our parents. The act of copying is natural … without it we would not be here in the first place … 9. We offer PayPal, Bitcoins, Payza, and PaySon fully integrated. OkPay, Transferwise, WU, PerfectMoney, Webmoney, Amazon Giftcards, Cash and Credit Cards on request. An internal transaction ID is used to link payments to their payment processors. We do not store any other data about payments associated with the users account. 10. At the moment OpenVPN with Elliptic Curve Cryptography (brainpoolP512r1 curve), ephemeral Diffie-Hellmann key exchange, and AES 128/256 along with seems to be the best default choice. In our current default VPN configurations we encourage the use of TLS 1.2, but we provide backwards compatibility in case certain VPN clients have issues with such configurations. Other configs are available on request. We also provide guides on how to limit traffic to just the VPN connection and provide different DNS servers for the occasion: Public resolvers and internals for use when connected to the VPN, since lately there is also the possibility of using DNScrypt if you are into that. 11. We do provide our own DNS servers and also separate between public resolvers and those only accessible from inside the VPN. 12. We run our service on our own hardware and have complete control over our network. There are no third parties involved in our setup which is run out of Sweden. Ipredator website TIGERVPN 1. Since hundreds of people share the same IP, our accounting data (start time – end time, & generated Traffic) does not allow any further breakdown. We save those records for 3 days (in line with our 3 day money back guarantee) and only keep the traffic per month value until the next billing cycle starts. 2. Tiger At Work is a Limited Liability Company with operation in Slovakia. 3. We don’t use any tools for monitoring or mitigation. 4. We use Freshdesk as Support Software, however no data is stored in that 3rd party app as it’s a read only tool for us. E.g. when a customer submits a ticket via our App we reply and he gets that message within the app. The only thing stored in the “cloud†is the conversation itself. We aim to keep all data inhouse, which is what we did for hardware, software and infrastructure. 5. We’ve never received a DMCA takedown notice, however, our architecture won’t allow us to single out a customer. We hope that our premium product does not attract too many “issues†and we hope that our customers keep within the safe range. 6. This has never happened, so let’s not paint the devil on the wall. 7. As we can’t single out our customers, we can’t notify or warn them. 8. We usually allow torrents, but not in Amsterdam and the US. 9. We are one of the few PCI complaint merchants, so we can handle all payment data for credit card transactions ourselves on our own servers. Meaning that we don’t use tools like Chargify or other POS systems. We only save a token which is a system to system key and it does not link any card data to our customers. A similar token system is used with PayPal, but here the payment is processed with them. We also allow Bitcoin transactions, that’s the ultimate secure payment source, we also roll out prepaid cards which you will be able to buy in shops and internet cafes in cash soon. 10. Our Apps are set per default in OpenVPN mode, which is the algorithm we approve and recommend. Our Win + Mac + Android apps are equipped with kill switch functionality, however we need to fine tune them a bit over the next couple of weeks. 11. Yes we use our own DNS servers 12. We are in full control of our equipment, hardware and upstream. We operate 55 locations in 40 countries from Australia to Emirates, HongKong to Denver, London to Serbia. We have a lot of locations covered. tigerVPN website SWITCHVPN.TO 1. SwitchVPN does not monitor, record, store any kind of users activity or IP addresses so it’s impossible to pin point any user at any time. SwitchVPN uses Shared IP address, which means the same Public IP is being used by other users too making it further inpossible to track any user. In order to maintain our top notch service, troubleshoot any performance issues and protect the service from getting abused, we log only the duration of VPN connections, bandwidth consumed and VPN server connected. This by no means allow us to match an IP address and a time stamp. These logs are regularly recycled and destroyed automatically. 2. SwitchVPN operates under Indian jurisdiction. 3. We have firewalls and filters in place to block spamming and filters on US servers to block P2P activity to prevent DMCA notices. 4. We use Zopim Live Chat for Live Support and Ticket system. 5. SwitchVPN does not keep logs and assigns its customers with Shared IP address which makes it impossible to indiviually identify an indiviual with copyright abuse or other online activity. 6. As we do not hold any logs and also we use shared IPs, its impossible to identify any user at any time. 7. We are Indian based company, so not applicable. 8. We allow BitTorrent on all servers except VPN servers based in US. However we request our clients to use Netherlands, Romania, Russian and other servers which tolerate P2P and are specially optimized for P2P usage. 9. We accept all the leading payment methods like Bitcoin, Perfect Money, PayPal, Credit Card, PaySafeCard, Skrill, WebMoney and AliPay. 10. We recommend our clients to use OpenVPN with 256 AES, 2048bit RSA, SSTP ( 2048bit Encryption) and L2TP Over IPsec which also uses 256bit AES Encryption for most secure VPN connection 11. Yes, we have started implementing our own DNS Servers on some of our servers which is in beta and we would apply it on all of our servers in future. 12. We have full control over our VPN Servers and network. We own our hardware with multiple datacenters and we only outsource servers where there is complete privacy and no logging. We have servers located in 29 Countries ie. USA, United Kingdom, Germany, Netherlands, Canada, Sweden, Czech Republic, Singapore, Malaysia, Hong Kong, Latvia, Luxembourg, Switzerland, France, Italy, Romania, Russia, Japan, Belgium, Spain, Denmark, Poland, Australia, Brazil, Ireland, Iceland, India, Chile and Austria. SwitchVPN.to website VPN UNLIMITED 1. We do not keep the logs of the websites our customers visit, we only store the data related to the amount of traffic downloaded by the user. This information is available to be viewed in his account only. Also, it is crucial to point out that every time a customer logs into VPN Unlimited, the system assigns a dynamic IP-addresses. They are not static and there is no way that we can log the exact IP-addresses or particular time stamps of VPN Unlimited customers. 2. VPN Unlimited is owned by New York based company, Simplex Solutions Inc. 3. As we have mentioned before, we do not keep any visited websites but we keep traffic data logs. However, if we notice any spam related activities or other illegal actions, the user’s account will be blocked without any extensive or preliminary warning. 4. Our support team uses Zendesk to address the issues from our customers, but we do not store or give the users’ personal information to third parties. 5. All our servers are located in datacenters, operated under jurisdictions of countries they are located in. We use Bittorrent and SMTP traffic filters to minimize such threats. But in any case, we do not provide information about our customers to copyright holders or any other third parties. 6. To this date, we have not received any court notices; therefore, no actions were done. As we do not log any of the customers’ information or session data, VPN Unlimited customers are protected by legal definition. Also, there are consumer protection laws in the US that can be used to protect our customers too. 7. We do not have any system such as a “warrant canary†for our users. There has been no situation that has required such measures. 8. The primary goal of VPN Unlimited is not to download torrents, but to offer online security. There are limited cases when our technical team had to decrease the connection speed because of torrenting. 9. We accept PayPal payments as our primary payment system as well as using your Apple or Amazon ID account from the Purchasing tab inside the app. Soon we will be able to accept Bitcoins and process the payments via some national payment systems. We ensure that all the mentioned above payment system offer 99.99% security. 10. VPN Unlimited uses the best security options via a high level of data encryption. The most secure VPN connection and encryption algorithm lies in transmitted data through iOS or Mac Os X’s built-in IPSec client using strong AES-CBC-128 encryption. Windows users are protected with the use of AES-256 with SHA1 and OpenVPN protocol. We are working on such tools as “kill switches†and plan to implement them into VPN Unlimited in one of the upcoming updates. 11. We use our own DNS servers that forward domain data from Google DNS. Forwarding makes any kind of user tracking impossible, but Google DNS is uncensored, fast and stable. 12. We rent our servers from numerous well-known companies like LeaseWeb, OVH, RedStation, ServerCentral, IBM SoftLayer, etc. Servers are located in 13 countries which are: Canada, France, Germany, Luxembourg, Netherlands, Romania, UK, USA, Panama, Hong Kong, Singapore, Japan, Ukrain and Finland. VPN Unlimited website FACELESS 1. For each user we keep only number of sessions, and bandwidth use (uploaded and downloads). Those logs are kept for one week. It is possible to match an IP and time stamp during one day. 2. The company operates under Cyprus jurisdiction. 3. There are no any specific tools. We just react on any possible reports from our hosting provider. 4. No. We use our internal server email system for supporting our customers. 5. We block an activity for an IP and a port specified in the notice. 6. We will provide an email address and logs we physically have at the time an order arrives. It will be done only if the order is in force in the country where the server is located. 7. No, we don’t have any kind of warrant canary. 8. Yes, file-sharing traffic is allowed on all our servers. 9. VISA, MasterCard, and PayPal via Plimus.com. Payments are linked to user accounts via order IDs. 10. We recommend RSA-1024. It’s more than enough for everybody. Nobody will be able to decrypt it before the whole universe collapses. 11. No, we use Google public DNS. 12. They are hosted by a third party: Leaseweb, IWeb and Infobox in the USA, The Netherlands and Russia. Faceless website BLACKVPN 1. Yes we keep connection logs which contain the time of connection and the internal IP address assigned. This information is kept for 7 days on our Privacy VPNs and 30 days on our TV VPNs (USA, UK & Singapore). We NEVER log a user’s real IP address, only the shared BlackVPN IP address they were assigned. 2. BlackVPN operates under the jurisdiction of Hong Kong which has no mandatory Data Retention laws. This helps to impede the requests from international law enforcement and spy agencies like NSA/GCHQ. China is not interested in policing the internet outside its Great Firewall and does not interfere with Hong Kong in this regard. 3. Since we do not monitor or log any VPN activity we have no internal tools for detecting abuse on our VPN servers. Instead we respond to abuse complaints from 3rd parties (which usually contain an hostname/IP + port) by temporarily blocking access to that hostname/IP or port. In rare cases we may monitor a specific IP/port that is being abused via the traffic going through our VPN firewalls (using iptables) in order to warn or ban the offending user. The last time this happened the user responsible found that their computer was infected with malware which was causing the abuse without their knowledge. 4. We run our own mail servers for @blackvpn.com, host our own support systems (osTicket and Live Helper Chat – which have both been configured not to log IPs), plus host our own website analytics (Piwik). We use a 3rd party email service only for sending generic emails in bulk (such as security alerts, renewal reminders, updates from blackVPN, etc.) which contain no identifying information. We also use a 3rd party system for our blog (medium.com/@blackVPN) and of course our social media. 5. On our Privacy VPNs these are ignored because they are located in countries which do not enforce DMCA notices (or equivalent copyright alerts). On our TV VPNs we warn any customers who were sharing that IP address at the time and will ban repeat offenders from the TV VPNs. 6. To identify an active user of our service we legally require a valid court order from a Hong Kong court. So far this has never happened. We have received requests from various international law enforcement agencies asking us to assist them, however our response has always been to ask for a valid court order from Hong Kong. Recently we were asked by Hong Kong police to come to Hong Kong in person to make a statement regarding an investigation by the UK authorities. With the help of the EFF we found new legal counsel in Hong Kong who quietly resolved the issue with the Hong Kong police, resulting in the UK authorities withdrawing their request. Any future requests from international authorities will be handled by our lawyers in a similar way. 7. Hong Kong does not have an equivalent to America’s NSLs and is unable to legally issue a gag order. Since none of the BlackVPN team are in Hong Kong it’s difficult for them to intimidate us that way. We do not have a warrant canary as we’ve never seen one used effectively. In the worst case scenario we would simply “do a Lavabit†and hit the kill switch to shutdown all our systems until the authorities or the offender went away. 8. Yes it is allowed on our Privacy VPNs but not allowed on our TV VPNs (USA, UK and Singapore). Extreme pressure is being applied to the network providers in these countries to minimise copyright infringement so if we don’t take action our servers will soon get cut off. 9. We accept PayPal, Credit Cards (via CardPay) and Bitcoin (via BitPay). All payment information is stored by our payment providers and is linked to a blackVPN account via their own transaction IDs. 10. OpenVPN is the only protocol that can be considered secure after recent leaks show the NSA can decrypt PPTP and IPSec protocols (source). Since our beginning in 2009 all openVPN connections have been forced to use the AES-256-CBC cypher for maximum security and after the recent Heartbleed bug we switched to new 4096-bit Diffie-Hellman keys too. We encourage the use of open source software such as OpenVPN and Tunnelblick, neither of which have a kill switch or DNS leak protection. Our VPN routers use firewall rules to only allow internet access while the VPN connection is established, which is a more reliable solution than a “kill switchâ€. 11. Yes we run our own DNS servers however we use censurfridns.dk (which does not log or censor DNS queries) as a DNS forwarder. 12. We do not have physical control over our VPN servers and network since we lease bare-metal dedicated servers in various data centres around the world for our VPNs and infrastructure. Management of these servers is performed ONLY by the blackVPN founders – no employees of the company have access to the VPN servers or infrastructure. Our VPN servers are located in the USA, UK, Canada, Netherlands, Switzerland, Luxembourg, Estonia, Lithuania, Russia, Ukraine, Panama and Singapore. Other infrastructure servers (such as databases, mail servers, etc) are hosted in places with strong privacy protection laws such as Iceland, Switzerland or the Netherlands. BlackVPN website ANONYMIZER 1. Anonymizer does not log ANY traffic that traverses our system, ever. We do log when a user connects, and the IP address they connected from (which is needed for customer support and ensure system optimization), but that log purges every 24 hours. We don’t log when users disconnect, how much data they used, where they went, at anytime, ever. We would also like to point out that all of our customers exit out and share the same IP, which changes on a daily basis, and we don’t even track that. If asked what IP we used last week, we wouldn’t have any way to know for certain. 2. Anonymizer Inc. operates under US jurisdiction. The US is still one of the best countries to operate privacy services out of due to a lack of mandatory data retention laws. 3. We can’t. We don’t monitor or log traffic or user activity. When we receive reports of abuse, we have no way to isolate or remediate it because we don’t monitor. 4. Anonymizer uses a ticketing system for support tracking but does not request verification of a user actually having access with us unless it is needed specifically in support of the ticket. Anonymizer uses a bulk email service for our email marketing system but does not store any details about the users account beyond their email address. 5. Since Anonymizer does not log any traffic that comes over our system, we have nothing to provide in response to DMCA requests. None of our users have ever been issued a DMCA take down notice or the European equivalent. We’re over 18 years old now, and if not the oldest service out there, certainly one of the oldest, and we’ve never turned over information of that kind. 6. Anonymizer Inc. only responds to official valid court orders in which we comply with information that we have available. Since we do not log any traffic that comes over our system, we have nothing to provide in response to requests associated to service use. If a user paid by credit card we can confirm that they purchased access to our service only. There is, and would be, no way to ever connect a specific user to specific traffic. There has been instances were we did receive valid court orders and followed our above procedures. We have never identified details about a customer’s traffic or activities. 7. Anonymizer does not use a warrant canary or similar solution to gag orders as we feel they are largely ineffective and offer a false sense of security. 8. Any traffic is allowed on our servers. Due to not logging or monitoring any traffic it would be impossible for us to know if any user were to be engaging any specific kinds of activity on our service. 9. Anonymizer Inc. uses a payment processor for our credit card payments. There is a record of the payment for the service and the billing information associated to the credit card to confirm the service has been paid for. We also offer Cash and will soon offer crypto-currency options to include Bitcoin. Cash payment options do not store any details (e.g. Billing address and customer name) of the transaction beyond the account username and the service being paid for by cash; there is no way for us to connect an individual to a specific account. 10. We would recommend OpenVPN for a user that is looking for the most secure connection. We feel it is the most reliable and stable connection protocol currently. Our OpenVPN implementation uses AES-256. We also offer L2TP, which is IPSEC. Anonymizer’s client software has the option to enable a kill switch that prevents any web traffic for exiting your machine without going through the VPN. 11. Yes, we operate our own DNS. 12. We own ALL our hardware, and have full control of our servers. No third party has access to our environment. We don’t leverage VPS or third party hosts, which we feel would be compromising our customer’s security. Anonymizer website IRONSOCKET 1. We keep limited session logs for all of our services which include VPN, HTTP, SOCKS5 and Smart DNS Proxy. Session logs record the time and date of the user’s session connection and disconnection, the IP address used for the session, and a numerical representation of how many bytes were transferred. These logs are typically kept for 72 hours, usually less, after which they are purged. The main reason we retain this data is to prevent fraud and abuse. Since we use Shared IPs on our servers, and do not log activity, it is very hard, if not impossible, to know what a user is doing. 2. We operate under the laws of the SAR of Hong Kong, which has no data retention law whatsoever. 3. For reasons of security, we don’t disclose our exact security systems and processes. Additionally, we do not monitor what activity users do when using our services, regardless of the service used (VPN, HTTP, SOCKS5, Smart DNS Proxy). 4. No. We do not use any external email providers. We also do not use any third party support tools. We utilize Facebook and Twitter as a means of social contact with users and we provide light support for general questions however any account specific issue must go through our ticket system. At no time do we ever link a user’s social media account to an IronSocket account. 5. IronSocket is not subject to the DMCA or its European equivalent. We do NOT host any user uploaded content on any of our servers. While IronSocket is not subject to DMCA, some of our hosting partners are. If they receive and escalate a DMCA notice to us, we reply to the provider that we do not log our user’s activity, we utilize shared IP addresses, and it is next to impossible to determine any activity of our users. We then confirm P2P is not being used on servers where P2P is not allowed. 6. We cooperate with proper legal processes valid under Hong Kong jurisdiction. The first step is to determine the validity of the court order, and if valid, determine if we have any data available to identify the active user of our service. Because of our privacy policy, terms of service, and anonymous payment methods, it would be almost impossible to identify any user engaging in any specific activity while using any one of our services. This situation has never happened. 7. As of February 2015, IronSocket has never been compelled by court order, secret or otherwise, to share any business or customer information with any government or law enforcement agency. We do not currently have this posted on our website but it will be included in our transparency report section which is scheduled to be published to our website later this year. 8. We allow Torrent/P2P file-sharing traffic on specific servers that have been optimized for file sharing performance. The list of servers that allow P2P file sharing can be found here. We do not allow BitTorrent/P2P on all of our servers due to the legal pressure on the data centers we use in the US, UK, Canada, and other countries. 9. We accept payments in cash, credit cards via PayPal, Bitcoin via BitPay and gift cards via PayGarden. We do not retain specific payment information, such as credit card information, linked to individual user accounts. That is maintained by the payment processor, not us. If you wish to pay in an anonymous fashion we recommend paying by cash, Bitcoin, or gift card. These methods provide the highest levels of anonymity for users. 10. We recommend the IronSocket VPN network; based on OpenVPN, a full-featured SSL VPN. Our users are given the encryption options of Strong, Light and None. We recommend using the default Strong encryption setting, which utilizes AES 256-bit Data Encryption with SHA256 Message Authentication, using a 4096-bit key for secure authentication. 11. Yes, we use our own DNS servers. We currently provide DNS servers in 8 different regions for increased redundancy and improved query speeds. We push our own DNS server IP addresses to our VPN clients. 12. Our global network of VPN and Proxy servers are all self-managed and are hosted in a number of third party datacenters. We vet all datacenter relationships prior to engaging in business, and regularly re-evaluate them to assure security practices, personnel, and policies are established, trained, and enforced. We have servers located in the following countries: Argentina, Australia, Brazil, Canada, Cyprus, Denmark, Egypt, France, Germany, Hong Kong, Iceland, India, Indonesia, Ireland, Italy, Japan, Luxembourg, Mexico, Netherlands, New Zealand, Norway, Panama, Philippines, Romania, Russia, Saudi Arabia, Singapore, South Korea, Spain, Sweden, Switzerland, Taiwan, Thailand, Ukraine, United Kingdom, and United States. IronSocket website VPN.AC 1. We keep connection logs for 1 day to help us in troubleshooting customers’ connection problems but also to identify attacks (e.g. bruteforce). This information contains IP address, connection start and end time, protocol used (including port) and amount of data transferred. 2. Our company is incorporated in Romania since 2009. Data retention has been declared unconstitutional in our country and even before of Constitutional Court’s decision, it wasn’t applying to VPN service providers. 3. We do not monitor traffic. We monitor bandwidth usage per server but that’s a different topic. Abuse issues are solved effectively by adding firewall rules on-the-fly, even automatically, without monitoring or logging actual traffic. 4. Support (ticketing, livechat) is operated in our own environment. Email is not used to transmit information provided by users, such as part of ticketing conversations. We only provide a notice that a reply has been made and is available in our online ticketing system, after logging in. We also don’t use any 3rd party tracking services like Google Analytics. Backups, APIs and everything else related to our service are hosted in our own environment and we make use of strong encryption for storing them. 5. We are handling DMCA complaints internally without involving the users (i.e. we are not forwarding anything). We use shared IP addresses so it’s not possible to identify the users. 6. It never happened. In such event, we would rely on legal advice. 7. No. We may consider using one at a later date, but at this moment we believe its effectiveness and legality are questionable, and we don’t want to have one just as “yet another feature†for marketing & PR purposes. Having a warrant canary or not, the customer still has to trust the provider for using the service. 8. Yes, it is allowed. 9. Mostly PayPal, bitcoin, credit/debit cards, pre-paid cards (including anonymous vouchers). 10. OpenVPN using Elliptic Curve Cryptography for Key Exchange (ECDHE) is used by default in most cases. We also provide support for ECC keys (secp256k1) and RSA-4096, SHA256 and SHA512 for digest/HMAC. For data encryption we use mostly AES-256 and AES-128. Yes, we provide tools and instructions for setting up “kill switches†and solving DNS leaking issues. 11. We use our own DNS resolvers, outside of USA for good reasons. We also generate millions of DNS queries artificially on a daily basis and they are mixed with the queries coming from users. 12. We have physical control of our servers in Romania. In other countries we rent or collocate our hardware. We have some measures in place to prevent and alert us in case of unauthorized physical access – but that’s realistically limited, though. Some of the hosting providers we host with are LeaseWeb, Voxility, Private Layer, Softlayer, UK2, QuadraNet, Root SA, Ecatel, NForce, Sweden Dedicated, OVH, Online.net in the following countries: Netherlands, Germany, Romania, Luxembourg, Switzerland, Sweden, France, USA, Canada, UK, Mexico, Japan, Australia, Singapore and Hong Kong. VPN.ac website SEED4.ME 1. We do not analyze or DPI traffic. We also do not keep logs on VPN nodes. General connection logs are stored on a secure server for 7 days to solve network issues if there are any. These logs are deleted after seven days if there are no network problems. 2. Taiwan. We are not aware of any legislation requiring us to share client information and we are not aware of any precedents in Taiwan where client information was disclosed. We do not hold much information anyway. On the other hand, we do not welcome illegal activities which potentially harm other people. 3. We use simple firewall rules to block peer-to-peer file sharing on servers where the DMCA applies. Still, users can use torrents in Russia and Ukraine. 4. Currently we utilize Google Apps. We do not store any sensitive information there, only support issues. 5. In case of abuse we null route the IP to keep ourselves in compliance with the DMCA. Currently we use simple firewall rules to block torrents in countries where the DMCA applies. 6. We will act in accordance with the laws of the jurisdiction, only if a court order comes from a jurisdiction where the affected server is located. Fortunately, as I said before, we do not keep any logs on VPN nodes, on the other hand – we do not encourage illegal activity. This has never happened. 7. No. 8. Yes, torrents are allowed in Russia and Ukraine. 9. We accept Bitcoin, PayPal, Visa, MasterCard, Webmoney, Yandex.Money, Bank transfer and In-App purchases in our iOS App. We do not store sensitive payment information on our servers, in most cases payment system simply sends us a notification about successful payment with the amount of payment. We validate this data and top up the VPN account. 10. L2TP (2048 bit) for Desktop and 2048 bit IPSec in our App will be a good choose. Our App (https://bitly.com/seed4me) has Automatic protection option that guarantees for example that all outgoing connections on open Wi-Fi will be encrypted and passed through secure VPN channel. We don’t provide a kill switch for Desktop. We are still compatible with free software that prevents unsecured connections after VPN connection goes down. 11. We use Google and users can override these settings with their own. 12. We have VPN clusters in the US, UK, Hong Kong, Singapore, Russia, Netherlands and Ukraine. All servers are remotely administered by our team only, no outsourcing. No data is stored on VPN nodes (if the node is confiscated, there will not be any data). We prefer to deal with trustworthy Tier-3 (PCI-DSS) data centers and providers to ensure reliable service with high security. Seed4.me website BLACKLOGIC 1. We keep logs only for payment fraud prevention reasons. We do not monitor what our clients do online. We keep port mapping logs for 72 hours. 2. Canada 3. SMTP/S ports are closed. All ports which could be used for P2P are closed on the US servers. Port mapping logs can trace back to the specific user account. 4. We have our own email system, and don’t outsource email hosting. For online chat we use Zopim. 5. The port in question is closed for 48 hours. 6. We know our clients and don’t accept any suspicious clients. No court orders were ever received 7. As mentioned above, we haven’t received any court orders since 2007. 8. We don’t allow P2P on American servers. Other servers are still fine. 9. Credit Cards, PayPal, WebMoney and Western Union. 10. OpenVPN (256 symmetric AES encryption, and 2048 bit certificates). VPNWatcher app is one of the recommended tools for “kill switches.†11. Yes, we have our own DNS servers 12. All Canadian VPN servers are owned and controlled by our company. Other servers are dedicated servers rented from multiple datacenters. Blacklogic website IBVPN 1. We do not spy on our users and we don’t monitor their Internet usage. We do not keep logs with our users’ activity. However, in order to avoid abuses that may occur during the 6-hour trial we record and keep for 7 days the time, date and location VPN connection was made, connection duration and bandwidth used during the connection. 2. We are located in Romania, which means we are under EU jurisdiction. 3. Due to security concerns and in order to avoid servers’ attacks, we cannot disclose these tools. 4. We do not use external e-mail providers. To provide quick support and a user friendly service experience, our users can contact us via live chat but activity logs are deleted on a daily basis. There is no way to associate any information provided via live chat with the users’ account. 5. So far we have not received any DMCA notice or other European equivalent for any P2P server from our server list. For the rest of the servers, we have filtering systems that prevent P2P and file sharing activities in order to protect us and our users from DMCA notices. In case such a notice is received we simply reply that measures have been taken in order to prevent future abuses. 6. As stated in our TOS, we do not support criminal activities, and in case of a valid court order we must comply with EU law under which we operate and provide the limited information we may have. It would be illegal not to. So far, however, we have not received any valid court order. 7. As we are located in the EU we do not have a warrant canary or a similar solution to alert customers to gag orders. 8. We allow BitTorrent and other file-sharing traffic on specific servers located in the Netherlands, Luxembourg, Sweden, Russia, Hong Kong and Lithuania. Based on our legal research, we consider that it is NOT safe for our users to allow such activities on servers located, for example, in the United States or United Kindgom. 9. We accept various payment methods like Credit cards, PayPal, prepaid credit cards, Payza, SMS, iDeal, Ukash, OOOPay and many more. Payments are performed exclusively by third party processors, thus no credit card info, PayPal ids or other identification info are stored in our database. For those who would like to keep a low profile we accept BitCoin, LiteCoin, WebMoney, Perfect Money, PaySafeCard, CashU, Ukash. 10. The most secure VPN connection is Open VPN, which provides 256 bit Blowfish algorithm encryption. Yes, Kill Switch has been implemented with our VPN Clients. When enabled, the Kill Switch closes all applications (that are running and have been added to the Kill Switch app list) in case of an unwanted VPN disconnection. 11. At this time we use a combination of public and private servers. To improve our service, we have started the process of switching to our own DNS servers (few months ago) and our goal is to complete this process by the beginning of March. 12. We do not have physical control over our VPN servers, but we have full control to them and all servers are entirely managed personally by our technical staff. Admin access to servers is not provided for any third party. ibVPN website VPN BARON 1. Our users share the server IPs making it impossible to link any user to a particular action. On the server, no traffic logs are recorded. We monitor only the number of simultaneous user connections on our network as whole, and do not link the user to a particular server. This helps us avoid infinite simultaneous connections from a single user. 2. We’re under Romanian jurisdiction, inside of the European Union. EU takes privacy issues more seriously than the US, as many already know. 3. We’ve implemented strict firewall/traffics shaping rules or our Linux servers in order to avoid abuses. If any abuses go through, we just add a new rule that deals with the new issue. This security does not affect the regular VPN usage in any bad way. 4. Our VPN network is separated from the administrative part. As any service that deals with customers, we use emailing software that uses our local server (not a 3rd party server). The information that can be provided by/to users has no incriminating value, being mostly standard OpenVPN troubleshooting, install help and various enquires. 5. None of our users have ever been issued a DMCA notice, being unable to detect which user has caused it due to our no traffic logging policy. On our end, if the issue is persistent and our server provider insists that we deal with it, we wipe that particular server and replace it with a new one from a different provider. Rinse and repeat. 6. This didn’t happen so far. Court orders usually imply something serious and we’re requested by law to assist. We don’t have much to offer. We can answer if a particular email address \ name (could not be a real name, we don’t check) has an active account on our administrative part. 7. We do not. As we haven’t received any warrants or court orders there was no need. However, we’ll certainly do our best to protect our users. 8. Yes. All P2P traffic is allowed. 9. We use Bitcoins, PayPal and Credit Cards (processed by PayPal). Again, the administrative part is very separated from our VPN service. With each paid invoice the administrative part updates the subscription’s expiration date on the VPN service. We recommend using Bitcoins for the most anonymity a payment method could offer. Bitcoin payments cannot be traced to a particular individual. 10. OpenVPN protocol offers by default excellent security on any type of encryption, and after a certain point, adding more encryption has diminishing returns while making a huge impact on user’s internet speed. It makes little difference if a package is cracked in 10,000 years or 20,000 years. We currently use by default BF-CBC 128 bit key, TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA. In the future update, we’re allowing users to select their preferred type of encryption. We regularly check for DNS leaks. If the VPN connection drops, all traffic will be halted. 11. We’re using Google DNS. It’s fast, secure and google does a great job keeping it safe against any type of attacks. There is a huge list of Security Benefits on their page that might be of interest to anyone who’d like to find out more. 12. We’re big fans of cloud servers. They can be created or destroyed in seconds. We feel that the ease of replacing a server is essential to any privacy service, adding an extra bump to anyone trying to track the activity of our users. Our servers located US and Europe and our main providers at this time are Digital Ocean and Vultr. VPN Baron website ACEVPN 1. We do not log established accounts nor log traffic. We respect their privacy. We do not store any personal information on VPN servers. IPs are shared among users and our configuration makes it extremely difficult to single out any user. To mitigate abuse and fraud, we log time of connect and disconnect for new signups from certain IP ranges. This information is purged after two weeks. 2. We are registered in the US. 3. We use a proprietary pattern and rules based risk management system to screen for fraud and to mitigate abuse. 4. We use Google apps for email. Emails are deleted regularly. 5. If we receive DMCA takedown, we block the port mentioned in the complaint. IP’s are shared by other users and our configuration makes it extremely difficult to single out any user. We do not share any information with 3rd parties. 6. To date we have not received court order. We only store billing information which the payment processor or bank or credit card issuer has. 7. We publish transparency report quarterly. 8. We have special servers for P2P that are in datacenters that allow such traffic. These servers also have additional security to protect privacy when P2P programs are running. There are several legal uses of P2P. 9. We use Paypal, Google, Stripe and Square for processing payments. We store billing information on a secure server separate from VPN servers and do not store any financial information. 10. For high security needs we suggest using our IPSEC IKEv2 VPN. Our IPSEC IKEv2 VPN servers use Suite B cryptographic algorithms. Yes, we do provide kill switches if a connection drops. Our servers are tested for DNS leak. Encryption varies depending on VPN protocol. We support the following protocols and encryption. IPSEC IKEv2 – 384 bits ECC (Equivalent to RSA 7680 bits) and AES 256 bit encryption. OpenVPN – We have servers running on port 53, 80, 443, 1194, 8292. RSA 4096 bit and AES 256 bit encryption supported. L2TP VPN – AES 256 bit encryption. Stealth VPN – RSA 2048 bit and AES 256bit encryption. Makes VPN traffic look like https traffic. PPTP VPN – Avoid if you can! 11. We operate our own DNS servers (Smart DNS) for streaming videos. For VPN, we use Google and Level3 DNS. 12. We control our servers and network. We have servers in 18 countries and over 36+ locations / datacenters. USA, Canada, UK, France, Germany, Italy, Netherlands, Spain, Sweden, Switzerland, Latvia, Luxembourg, Romania, Denmark, Ireland, Hong Kong, South Korea and Australia. Acevpn website NOLIMITVPN 1. At NolimitVPN, we have developed a custom activity tracker. We only log the user authentication on the network, the P2P activity and the SMTP activity (to avoid any kind of abuse). The activity tracker is based on “magic IDs†(temporary and rolling IDs) so we are able to match a server IP to a customer account during 48 hours. We do not log the traffic content of our VPN users. 2. We are currently based in Singapore and we plan to move the company to Hong Kong in a near future for more convenience. 3. We have developed custom tools (mainly parsers) based on tcpdump. 4. We use Zopim for the live chat on the website and we use Mandrill to send automatic emails to our VPN users. Every other emails are processed through our mail server. 5. At NolimitVPN, we do everything we can to protect the anonymity and the privacy of our customers, in case of complaint we do not transmit any information. But we warn the user about the complaint and we suggest him to use a private tracker to download torrent files. If too many DMCA complaints are received and if the user has been warn many times (more than 3 times), we can suspend his account (this never occurred). 6. This has never happened. Anyway, if a legal court order is received, we would be forced to give them the logs of our activity tracker. But as mentioned above our activity tracker does not log any legal information (IP address and timestamp) that could be valid for authorities. 7. No. 8. We allow torrents as long as we do not receive a DMCA complaint. If too many DMCA complaints are received and if the user has been warned many times (more than 3 times), we can suspend his account (this has never occurred). 9. We use Stripe but we do not record the billing address on our servers, every information linked to the payment is stored on Stripe servers. We do the maximum to store the minimum information about our customers. 10. Currently we support two protocols, PPTP (with 128bits encryption over MPPE) and L2TP (with 256bits encryption over IPsec). Thus, we recommend to use the L2TP protocol (which provides the same encryption level than OpenVPN). We provide to our users a Windows script that automatically connect and reconnect you if your connection drops. We plan to integrate OpenVPN protocol before the end of the year. 11. We do not have our own DNS for now, instead we use OpenDNS. We plan to integrate our custom DNS before the end of the year. 12. As our company is young (only 1 year old), we currently have two servers provider: DigitalOcean and Vultr. We have the following servers locations: Netherlands, France, United Kingdom, Germany, Singapore, Japan, United States and Australia. Torrentfreak
  14. — 1. Do you keep ANY logs which would allow you to match an IP-address and a time stamp to a user of your service? If so, exactly what information do you hold and for how long? 2. Under what jurisdiction(s) does your company operate? 3. What tools are used to monitor and mitigate abuse of your service? 4. Do you use any external email providers (e.g. Google Apps) or support tools ( e.g Live support, Zendesk) that hold information provided by users? 5. In the event you receive a DMCA takedown notice or European equivalent, how are these handled? 6. What steps are taken when a valid court order requires your company to identify an active user of your service? Has this ever happened? 7. Does your company have a warrant canary or a similar solution to alert customers to gag orders? 8. Is BitTorrent and other file-sharing traffic allowed on all servers? If not, why? 9. Which payment systems do you use and how are these linked to individual user accounts? 10. What is the most secure VPN connection and encryption algorithm you would recommend to your users? Do you provide tools such as “kill switches†if a connection drops and DNS leak protection? 11. Do you use your own DNS servers? (if not, which servers do you use?) 12. Do you have physical control over your VPN servers and network or are they outsourced and hosted by a third party (if so, which ones)? Where are your servers located? — LIQUIDVPN 1. The VPN servers do not store user authentication logs. Once a user logs off of our VPN network we have no way of knowing which IP they were assigned or which server they were using let alone the time of day they logged in at. 2. USA 3. The main tools in place at the network level are SNMP and Mikrotik Layer 7 firewall rules. At the host level its Zabbix and OSSEC. 4. LiquidVPN hosts everything on servers we control. 5. As much as I would love to toss these in the trash it would be impossible to keep the servers online if I did so. Most USA data centers require action to be taken within 24 hours or they automatically null route the IP until corrective action has been taken. In the UK and Europe many data centers that require any action at all give us 48 hours before an automatic null route of the IP address. When we are required to take action we will rate limit the port in question down to 5Kb/s for 24 to 48 hours. Here is our exact process. 1. Post the DMCA notice to the Transparency Reports section along with the intended course of action if there is one. 2. Post a link on Twitter. 3. If we are required to take action and update the data center we will rate limit transfers on the offending port to 5Kbs 6. This has never happened. In the event that it does happen our attorney will post the court order and our intended action in the transparency reports section I linked above. If there is a gag order of some sort our Warrant Canary will stop being updated. We do abide by the law so in the end we would have to send over the information requested on a user. 7. Yes we do. 8. Yes it is. 9. PayPal, Credit Card, Bitcoin and Cash are accepted. Our payment data and VPN user data are completely separate. We only require a first name, country and email address to sign up unless you are paying by credit card. Due to the obscene number of charge backs we were getting on credit card transactions we had to begin collecting addresses and phone numbers for credit card transactions. When an order is placed the webserver logs the IP and time of order. Other actions on the website will also trigger the same logging event. These logs are purged after 6 months. 10. We have a very easy to use kill switch and also provide directions on setting up a full-fledged firewall to protect against leaks, drops and much more if the user is so inclined. Our client enables DNS leak protection by default. We provide private DNS servers, reverse proxies aka SMARTDNS (in beta) and of course IP Modulation. IP modulation shares a pool of IP addresses with dozens or even hundreds of other users and each connection has a random chance to modulate the IP. An average webpage makes 30+ connections for it to load completely. In theory on a modulating IP address your traffic could appear to be coming from 30 different IP addresses. Currently the best encryption OpenVPN supports without being modified is AES-256-CBC. So this is what I would recommend for most people. I would recommend 2048 to 4096 bit RSA keys. I would tell users to make sure a TLS key is used and some form of server certificate verification is enabled in the configuration file. I would tell them to MAKE SURE there is an auth SHA256/SHA512 line in their configuration file and that tls-cipher is defined. 11. Of course and we are 90% finished converting them all to communicate on private subnets only. 12. We do not own the equipment it is on short term leases and collocated around the world. We do not like to be married to a data center in case a privacy issue comes up and we have to pull out quickly. We choose our data centers very carefully but things change very quickly politically in a lot of these regions. We currently have servers in Canada, UK, USA, Netherlands, Switzerland, Germany and Romania. LiquidVPN website AIRVPN 1. No, we don’t keep such logs. 2. Italy. 3. We use internally written tools to mitigate attacks against our VPN servers as well as DDoS attacks originating from clients behind our servers. 4. No, we don’t. 5. They are ignored, except when they refer to web sites running behind our VPN servers. Due to our service features, it is perfectly possible to run web sites from behind our servers: we also provide DDNS for free to our customers. For these specific cases, we can act similarly to a hosting provider and we verify that the web site is compliant to our Terms of Service. We have had web sites spreading viruses and other malware (verified without any doubt) and we intervened to quickly stop them when we were warned about the issue. 6. Since we can’t provide information that we don’t have, an “ex-post†investigation is the only solution, if and when applicable. So far we have had no court orders of this kind. 7. No, we don’t. While a warrant canary’s effectiveness is questionable, we recommend to use technical means to solve the problem at its roots. When a customer can’t afford to trust us for the sensitivity of his/her activities, he/she can simply use Tor over OpenVPN, or OpenVPN over Tor, to get an immediate protection which a warrant canary, not even if updated every day, will never be able to provide. 8. Yes, it’s allowed on every and each server. We do not discriminate against any protocol or application and we do not monitor traffic or traffic type. 9. We accept Bitcoin, a wide range of cryptocoins, PayPal and major credit cards. About PayPal and credit cards, the usual information pertaining to the transaction and account/credit card holder are retained by the financial institutions, and it is possible to correlate a payment to a user (which is good for refund purposes when required). When this is unacceptable for security reasons, then Bitcoin or some other cryptocoin should be used. Bitcoin can also be provided with a strong anonymity layer simply by running the Bitcoin client behind Tor. 10. Our service setup, based on OpenVPN, is the following: 4096 bit RSA keys size, AES-256-CBC Data Channel, 4096 bit Diffie-Hellman keys size, HMAC SHA1 Control Channel, TLS additional authorization layer key: 2048 bit. Perfect Forward Secrecy through Diffie-Hellman key exchange DHE. After the initial key negotiation, re-keying is performed every 60 minutes (this value can be lowered unilaterally by the client). Due to the serious doubts about NIST standard Elliptic Curves parameters being manipulated by NSA, we feel to share Bruce Schneier’s considerations to not use ECC. Our free and open source client Eddie (under GPLv3) for Linux, Windows, OS X Mavericks and Yosemite, implements features which prevent the typical DNS leaks in Windows and any other leak (for example in case of unexpected VPN disconnection). Leaks prevention, called “Network Lockâ€, is not a trivial kill-switch, but it prevents various leaks that a classical kill switch can’t block: leaks caused by WebRTC, by programs binding to all interfaces on a misconfigured system and by malevolent software which tries to determine the “real†IP address. In the future, probably before the end of 2015, our client will be available, as usual free and open source according to our mission, for other VPN services too. We provide guides, based on firewalls and not, to prevent leaks on various systems for all those persons who can’t or don’t wish to use our client Eddie. 11. Yes, we use our own DNS servers. 12. Our servers are housed in datacenters which we have physical access to, provided that the access is arranged in advance for security reasons. Datacenters must comply to some technical and privacy requirements. With rare exceptions, a datacenter must have a PoP to at least one tier1 provider. Without exceptions, datacenter must be network neutral, must provide bandwidth redundancy, minimum uptime of 99.8% and our servers must have a dedicated port and a guaranteed bandwidth. We have servers located in Canada, France, Germany, Hong Kong, Latvia, Netherlands, Portugal, Romania, Singapore, Spain, Sweden, Switzerland, Ukraine, USA. We work or have been working with big and small providers, such as Amanah, IBM, Leaseweb, Voxility, HugeServers, Serveria, YesUp, Teknikbyran, just to name a few. AirVPN website VPN.S 1. We do not keep logs that could match time stamp of a user. 2. Australia 3. If there is a *serious* abuse that we have been alerted to, we may use string matching in the firewall to DROP packets containing the particular abuse, or block outbound traffic to a particular IP. We do not monitor for abuse, abuse alerts come from third parties such as fail2ban services. 4. We host our own Mail server along with a support system on our own Colocated equipment. Live chat system is Zopim, unfortunately we have not been able to find adequate self hosted software solutions that meet our requirements for live chat however we do review this option once to twice a year incase something becomes available 5. We do not track our users, therefore the notices cannot be acted upon, due to the fact the DMCA notices cannot be verified we respond to the notices in this manner. 6. We have yet to encounter this. Our policy is to adhere to the court order, however due to our no logging policy it would be impossible to provide in-the-past information on any user. If the user is active and the court order contains specific end point IPs it is possible by firewall matching the user could be identified. 7. yes. 8. Yes. 9. Bitcoin, Perfect Money, PayPal, Visa/MC, 10. We provide OpenVPN which can be used across multiple devices with our 2048bit keys, our Windows, OSX, Linux application provides DNS Leak and protection if VPN is dropped within the application settings, we can also provide tutorials to users to set these safe-guards up manually 11. Yes, each server pushes DNS settings which are within our own network, these servers are recursors so the source IP of all queries are that of our own servers. 12. We have physical control over our infrastructure that contains any user data such as email address and passwords – these do not reside on end point VPN servers. Our VPN endpoints are configured so they do not contain any sensitive user information, the only information is the username which is required for our key based authentication for OpenVPN. We currently have servers in 41 countries. VPN.S website PERFECT PRIVACY 1. We do not log or store any traffic, IP addresses or any other kind of data that would allow identification of our users or their activities. The anonymity and privacy of our users is our highest priority and the Perfect Privacy infrastructure was built with this in mind. 2. Perfect Privacy is a community of interests with a postal address in New Zealand. However, our servers are operated in accordance with the law of the respective countries they are located in. 3. Since it is impossible for us to determine which user causes specific traffic, we cannot identify individual customers responsible for abuse. If we receive abuse complaints we usually offer to block the destination IPs from our ranges so that no further abuse can take place. The only data we record is the total amount of traffic per server so we can check and publish our traffic capacities. 4. No user input or data is processed by any third party tools (no Google Mail, no ZenDesk, no ticket system, etc.). Users can contact us by email and a https contact form, both running with our own mail server. We also encourage users to use PGP when communicating with us. We also offer TeamViewer support for customers but this is completely optional and up to the user. 5. Because we do not host any data, DMCA notices do not directly affect us. However, we do receive copyright violation notices for filesharing in which case we reply that we have no data that would allow us to identify the party responsible. 6. The only step on our side is to inform the contacting party that we do not have any data that would allow the identification of a user. There had been incidents in the past where Perfect Privacy servers have been seized but never was any user information compromised that way. Since no logs are stored in the first place and additionally all our services are running within ramdisks, a server seizure will never compromise our customers. 7. Since we are not bound by U.S. law, gag orders like National Security Letters do not apply to us. We would outright disclose any information of a possible problem to our users. As a last resort we would shut down our service before allowing our users to be compromised (e.g. like LavaBit). 8. Yes, Bittorrent and other file sharing is generally allowed. However, at certain locations that are known to treat copyright violations rather harshly (very quick termination of servers) we block the most popular torrent trackers to reduce the impact of this problem. Currently this is the case for servers located in the United States and France. 9. We offer a variety of payment options ranging from anonymous methods such as sending cash, Bitcoin or PaySafeCard. However, we also offer payment with PayPal for users who prefer that option. We keep no data about the payment except for when the payment was received which is linked only to an anonymous account number. 10. While we offer a range of connection possibilities we would recommend using OpenVPN with 256 bit AES encryption. Additional security can be established by using a cascaded connection: The Perfect Privacy VPN Manager allows to cascade your OpenVPN connection over up to four freely choosable servers. The client software also comes with an integrated firewall and DNS leak protection which are enabled by default: This prevents any traffic bypassing the VPN connection and the exposure of the user’s IP address by a DNS leak. This protects against attacks like the WebRTC IP leak vulnerability. 11. Yes. All Perfect Privacy servers run a Domain Name Server for the exclusive use of our customers. Users can choose to either use a randomly assigned DNS from our pool or choose a specific one. We are currently evaluating additional security features like DNSSec. 12. All management tools and internal systems are running in-house and are completely under our own control. Our VPN servers (and other user-reachable services like Proxies, DNS, etc.) run on servers hosted in different datacenters all around the world (currently in 25 countries). These servers do not log any kind of user data and are all running within ramdisks on dedicated servers. Perfect Privacy website UNSPYABLE 1. We keep no logs whatsoever. 2. USA and UK VPN services are provided via our USA offices which also includes our billing system. Our offshore VPN network (Cyprus, Czech Republic, Denmark, Egypt, Hong Kong, Iceland, Netherlands, Panama, Russia, Sweden and Switzerland) is physically isolated from our USA operations and shares no connection to it. 3. We don’t monitor anything. If we receive notice of criminal activities we will use non invasive techniques (without logging) to try and determine who the user is and terminate their access. None of the previous paragraph applies to P2P activities which are allowed on all servers except in the USA and UK where packet filtering is used. 4. No. 5. Our offshore servers where P2P is allowed are in countries and data centers that do not forward such notices. If we were to receive such a notice we would reply to it appropriately. Since we don’t log anything our reply would not include any information on the user. 6. If we were to receive a request from an authority having jurisdiction we would cooperate with them. However since we keep no logs of anything we have very little to provide them. Anything we have to provide them such as customer names can be gotten from the customers credit card company or the payment processor much more efficiently and without us even knowing about it. Bitcoin is one of our payment options and can help minimize access to such information. This has never happened. 7. We believe announcing such a thing in advance would cause the effectiveness of such a plan to go to zero should the need arise. 8. It is allowed on what we define as our offshore servers (see question 2). It is not allowed on USA and UK servers due to the issues involved. There is no benefit to the user to use USA or UK servers over the offshore servers for P2P. Therefore we do not believe this to be any limitation to our users. 9. Bitcoin, Amazon Payments and PayPal. Our online VPN authentication servers contain no customer personal information. We keep customer email addresses offline in case we need to contact the customer for some reason. We do not keep any other personal information regarding the transactions. Obviously the payment providers have a record of the transaction as well that is beyond our control. 10. We use OpenVPN with 256 AES encryption, SHA512, 4096 bit RSA and TLS 256 AES which provides perfect forward secrecy. For maximum privacy we recommend our multi hop servers. However, due to the multiple hops they will not be the fastest for P2P or streaming applications. We don’t recommend software kill switches as they are subject to failure. We recommend that users block all ports on their router except for 1194 OpenVPN and then use the VPN to provide access to the Internet. This creates the perfect “kill switchâ€. ISP DNS leaks are most easily eliminated by changing all DNS servers on the users devices to ones not associated with their ISP. 11. We pass DNS traffic through intermediate servers to Google DNS. We believe using our own DNS servers is less private than farming out the DNS requests via intermediate servers to Google and mixing them with the billions of other DNS requests Google handles daily. All requests to Google DNS appear to originate form one of our offshore servers and don’t correlate to the user. 12. No, we use trusted ISP’s in all the countries we prove service in. (Cyprus, Czech Republic, Denmark, Egypt, Hong Kong, Iceland, Netherlands, Panama, Russia, Sweden and Switzerland) Plus US and UK. In addition, server hard drives are encrypted to prevent tampering or any data recovery should the physical server be accessed. Unspyable website HIDE.ME 1. No, we don’t keep any logs. We have developed our system with an eye on our customer’s privacy, so we created a distributed VPN cluster with independent public nodes that do not store any customer data or logs at all. 2. We are a Company based in Malaysia with no legal obligation to store any user logs at all. 3. We believe that it is not our responsibility to monitor user activities, consequently, we don’t throttle or block any kind of traffic. 4. Yes we use Zendesk and LivechatInc in which we do not store any customer data that could be mapped to our customer database. Furthermore this information cannot be linked to your VPN usage and online activities. 5. Since we don’t store any logs and/or host copyright infringing material on our services, we’ll reply to these notices accordingly. 6. Although it has never happened,in such a scenario we won’t be able to entertain the court orders because our infrastructure is built in a way that it does not store any logs and there is no way we could link any particular cyber activities to any particular user. In case we are forced to do so, we would prefer to close down rather than putting our users at stake who have put their trust in us. 7. Since we are not operating under US law, in Malaysia there is no such thing as the Patriot Act. So far we haven’t been served with a court order or any governmental request and if it was the case we would be transparent with our customers that might have been affected by such court order. 8. There is no effective way of blocking file-sharing traffic without monitoring our customers which is against our principles and would even be illegal. Usually we only recommend our customers to avoid the US & UK locations for filesharing but it is on a self-regulatory basis since these countries have strong anti-copyright laws in place. 9. We support over 200+ international payment methods, including Bitcoin, Paypal, Credit Cards, Bank transfer and UKash. All payments are handled by external payment providers and are linked to a temporary payment ID. This temporary payment ID can not be connected to the users VPN account/activity. After the payment is completed, the temporary payment ID will be permanently removed from the database. 10. Our users’ privacy is of utmost concern to us. Our windows client has the features such as kill switch, Auto Connect, Auto Reconnect etc which makes sure that the user is always encrypted and anonymous. Even though if one of our customer decides not to use the client, in our community there is a big variety of tutorials to help our customers to protect themselves against any sort of leaks. After all, modern VPN protocols that we all support – like IKEv2, OpenVPN and SSTP, are considered secure even after the NSA leaks. We follow cryptographic standards and configured our VPN servers accordingly in order to support a secure key exchange with 4096-bit keys and a strong symmetric encryption (AES-256) for the data transfer. 11. We do not operate own DNS servers since all outgoing connections are already encrypted and free DNS servers like OpenDNS or Google Public DNS are not censored in any way, so we can ensure that our customers are still anonymous using these services and enjoy a censorship free browsing. Operating own DNS servers would put our infrastructure at risk since an attack could affect all our customers that are currently connected to our VPN servers. 12. We operate 27 server locations in 19 different countries. However we do not own physical hardware, there is an intrusion detection and other various security measures in place to ensure the integrity and security of all our single servers. Furthermore we choose all third party hosting providers very carefully, so we can assure that there are certain security standards in place (ISO 27001) and no authorized person could access our servers. Among our reputable partners are Leaseweb, NFOrce, Equinix and Softlayer. Hide.me website SHADEYOU VPN 1. ShadeYou VPN does not keep any logs. The highest level of privacy is a main mission of ShadeYou VPN. Everybody can read our Privacy Policy. To use our service only a username and e-mail are required. No personal or real data is required. 2. ShadeYou VPN company operates under the jurisdiction of the Netherlands. 3. We absolutely do not monitor any traffic or user activity. Even if we receive a serious abuse notification we can’t start monitoring our users because it will violate the main mission of ShadeYou VPN. 4. Yes, we are using Google Apps as our email service provider. But we do not send or request any private or personal information via mail. Also the option of Live Support is available and works based on SiteHeart service where personal information isn’t required. 5. The abuse team of ShadeYou VPN answers as follows: a) we do not store any illegal content on our servers; b) all of our users agrees with our privacy policy while registering, so we warned that illegal actions are prohibited and at this time we are not responsible. c) we have no any personal data of our users or any logs of their activities that can be shared with third-parties because we simple do not store it. 6. Sharing any personal data of our users is absolutely impossible since we do not store it and do not keep any logs. Yes such kind of situation has happened but there is not even one existing case when we have shared any information about our users with any 3rd parties. 7. Warrant canaries are new to us. We have not used one before since we are sure that all our users are safe. But we can start using it as an additional option to make our users sure that they are totally secure while using our service. 8. BitTorrent and any other file-sharing traffic is allowed on all our servers. There’s only one exception, and that’s for users who use a trial version. 9. ShadeYou VPN uses payment systems including PayPal, Perfect Money, Webmoney, Qiwi, Yandex Money, Easy Pay, Ligpay, UnionPay, AliPay, MINT, CashU, Ukash also accept payments via Visa, Master Card, Maestro and Discover. Ofcourse Bitcoin is available. 10. We strongly recommend to use OpenVPN since it is the most safe and uses the strongest encryption (TLS Protocol with 1024-bit key length and AES-256-CBC crypto-algorithm). We do not support “Kill switch†at the moment but we will propose alternative solution when our new DNS servers will be launched. 11. At the moment we use Public DNS 8.8.8.8 and 8.8.4.4 and currently we are working hard on implementing our own DNS servers with a secured channel. 12. All our servers are collocated around the world in DC’s of different leading hosting companies. Our VPN network covers: USA, United Kingdom, Sweden, Ukraine, Netherlands, Russia, Spain, Hong Kong, Germany, France and Canada. Romania will be added soon. ShadeYou VPN website SECUREVPN.TO 1. We don’t log any individually identifying information. 2. Each server is handled with the jurisdiction at the servers’ locations. 3. There are no tools which monitor our customers. We have techniques which don’t require any logging to prevent the abuse our service. 4. Our website has been completely developed by ourselves and we don’t use any external services. 5. We will reply to DMCA takedowns but we cannot be forced to hand out information, because we don’t log anything. 6. This hasn’t happened yet but if we were forced to identify one of our customers at a specific server location, we would drop this location immediately. Under no circumstances are we are going to log, montior or share any information about our customers. 7. No, we don’t offer something like that. 8. Yes, it is allowed on all servers. 9. We offer a wide range of anonymous payment methods like Paysafecard, Bitcoin, Litecoin, Dogecoin, Worldcoin, EgoPay and Perfect Money. All payments are processed by our own payment interface and therefore no third party payment processor receives any information. 10. We would recommend OpenVPN, available in UDP and TCP mode. We are using AES-256-CBC for traffic encryption, 4096 bit RSA keys for the key exchange and SHA-512 as HMAC. These settings offer you the highest grade of security available. We offer a tool called “VPN Helper†which provides security features like a DNS Leak Protection, IP Leak Protection and IPv6 Leak Protection. Some weeks ago the development of our own VPN client, which will also include those security features, started. 11. At the moment we are using the nameservers of OpenDNS. We will offer our own DNS servers soon. 12. We rent 24 servers in 19 different countries and are continuously expanding our server park. The server locations are France, Netherlands, Switzerland, United Kingdom, Canada, USA, Bulgaria, Costa Rica, Germany, Kosovo, Latvia, Lithuania, Moldova, Romania, Russia, Spain, Sweden, Taiwan and Ukraine. For us it is impossible to have physical control over all widespread servers. SecureVPN.to website HOTSPOT SHIELD 1. AnchorFree and Hotspot Shield’s top priority is to provide privacy to our customers. We do not store any logs that can be used to associate a connection to a user. 2. Anchorfree operates in the US under US jurisdiction and outside the US under Swiss. 3. We have a security team dedicated to monitoring abuse, specific details are confidential, but we can assure our users that we do not use logs to monitor and mitigate abuse. 4. Yes, we do work with an external email service and support tool however, none of the user’s information can be tied back to their activities while using Hotspot Shield. 5. We do not host content and are unable to remove any of said content. Additionally, our top priority is the privacy of our users and therefore we do not log or monitor our users and are unable to identify any users of our service. 6. It is not technically possible to effectively identity or single out one active user from a single IP address. We have received a valid court order. 7. Since we don’t have the information to provide to the agencies we do not require to have it. 8. We believe in an open and uncensored internet, we do not discriminate against any kind of traffic. 10. We’re biased here, but for a good reason, we think the most secure VPN connection is Hotspot Shield VPN which uses proprietary VPN protocols. Our encryption algorithm favors AES-128 more than other standards for its cryptography properties, performance and hardware support which is available for consumer devices and server platforms. We have a patent pending solution for kill switches for Android clients and we are working to improve it and include into all of our applications. Our users never risks of DNS leak because all traffic (including DNS requests) are protected by the VPN tunnel. 9. In the US we accept Credit Cards and PayPal. Internationally we accept the most popular local payment methods like Mobile Payments, Prepaid cards, eWallets, Bank Transfers etc. Our users’ payment information cannot be linked to their individual user accounts. 11. Yes, we have hundreds of dedicated servers around the world. 12. We own all of our infrastructure. We do not outsource anything. We have virtual locations in the US, UK, Canada, Australia, Japan, Germany, India, Hong Kong and China. Hotspot Shield website RAMVPN 1. We log absolutely nothing. Even without logs there can be small amounts of meta-data leftover in RAM memory of the TCP/IP stack on the server’s operating system. After seeing the rising trend of server seizures in 2014, it can no longer be assumed that simply not logging can protect the users. To mitigate this, we run the VPN service itself on a virtual machine within an encrypted RAM container, and combine this with physical tamper resistance just to be sure. 2. The business itself is under USA jurisdiction and as such we are not subject to any mandatory data retention laws whatsoever. 3. None. We have no way of monitoring traffic. If abuse is reported to our abuse department through the proper channels and is discovered to be a valid complaint, we may temporarily block outbound network traffic to the target being abused (usually the source of the abuse complaint) using basic firewall configurations. We would be completely unable to find the origin of such abuse in relation to one of our users. We can’t even revoke a user account if we want to. 4. We do not engage any third parties for email or support-related hosting at this time. 5. We do not host content there would be nothing for us to remove, plain and simple. 6. We are unable to identify an active user of our service to begin with. The service was inherently built from the ground up to make identification of a user impossible from a technical perspective, even for us. Due to consumer protection laws, we must abide by our advertised inability to track users. A request such as this has not ever happened. 7. We currently have no warrant canary. 8. We don’t block any traffic at all other than attack traffic (related to abuse complaints), and even those blocks are temporary. 9. PayPal, credit card, or Bitcoin. These are barely linked to an “accountâ€, because the only thing we keep on file is an email address. The payment information itself is NEVER linked directly to any VPN authentication credentials. Users even have the option to use a non-billing email address to have their keys signed with and credentials delivered to. For those who are extra paranoid, we recommend using an anonymous email service and anonymous payment method (such as bitcoin) to ensure we have absolutely no details about you. 10. RSA2048 and blowfish encryption. No, we do not currently provide kill switches or DNS leak protection. 11 Our DNS servers run on the local VPN network and proxy to our host node. Our host node will then respond from its cache, or if it does not have the record, look the information up using Level3, OpenDNS, or OVH Canada. 12. We have firmware control over our physical servers, however we outsource our data-center usage through OVH hosting. While we currently only have servers based in Canada and US, our expansion plans include Germany, China, France, Italy, and more. We are adding new nodes frequently. RAMVPN website FROOTVPN 1. FrootVPN takes the privacy of all of its users serioulsy and therefore we do not store any logs and we do not monitor any traffic in our network. 2. We operate in Sweden. 3. As we do not monitor any traffic and our system is built to protect the identity of our users. However if we do receive any legit abuse if it’s necessary we can block IP and port. 4. We have setup our own mail servers which we manage our self. Only our staff has remote and physical access to these servers. We use opensource helpdesk OTRS which is hosted on our own servers. 5. We do not host any content on our servers, therefore sending DMCA notices to us is kind of pointless as we cannot identify any customers. If we do receive such a request we just send back our privacy policy. 6. As we do not keep any logs or monitor any traffic, we are unable to identify any customer. 7. No. 8. We only block SMTP as we do not like spam and our providers do not like it either. All other traffic is allowed such as file sharing. 9. We use multiple payment system, such as PayPal, paysafecard, ukash and more. Each invidual payment system may require you to enter personal information to be able make a purchase from them. However we do not store any personal information or transaction number in our database. 10. We offer both PPTP, L2TP and OpenVPN. We recommend to use OpenVPN as it offer the highest encryption and is by today the most secure VPN. With OpenVPN you can use AES256 cipher and 2048 bit DH key. 11. We use our data center DNS servers, which is 80.67.0.2. We however do plan migrate to use our own DNS servers during this year. 12. We own all our hardware ourselves and they have all be installed and configured by our staff. We only lease rack unit and bandwidth from our Internet provider. Only our staff has physical access to our servers. All our servers are located in Sweden. FrootVPN website LOKUN 1. We keep as little information as possible, both legally and technically. We do not store information that can map you to one of our IP addresses. In our database, we keep: usernames, hashed passwords and the corresponding salt, account status and email (if given). We keep a record of when a user connects and total number of connected users. 2. Icelandic jurisdiction. 3. No special tools have been needed to handle abuse so far, these issues will be dealt with on a case-by-case basis. We use email to handle abuse notifications. 4. Third parties storing plaintext emails isn’t a problem we can solve by picking email hosting providers. Instead, we prefer that users use encrypted emails to communicate with us. We use Zendesk and Google Apps because of technical merit. 5. We have never received such a notice. 6. We do not store the information required to do this and would be unable to comply. We would simply cease operations if placed under gag order or similar. 7. Yes. 8. Yes. 9. We currently accept: Credit cards, Icelandic bank transfers and Bitcoin. Other methods of payment can be requested. A payment is not linked to a user account. Payment processors do not know the username being paid for. We are legally required to store all sales receipts, in the case of a random tax audit. Sales receipts contain the date of purchase and the amount. We do not store what username the payment was made on behalf of. 10. We only use OpenVPN and we do not have our own client. 11. Yes. 12. All our servers are hosted in Iceland and we host with trusted parties; DataCell and GreenQloud. We have a mix of own hardware and virtual servers. Data is never saved to disk. Lokun website ASTRILL 1. Our mission is to protect users privacy online, therefore we don’t keep logs. 2. Our company is registered in Seychelles so it’s virtually impossible or very complicated to get any data about our customers through legal system. 3. … 4. All the tools we use are proprietary. We use our own email servers and helpdesk software for communication with customers. 5. P2P applications are allowed on our network, on designated servers, where DMCA complaints from copyright trolls are trashed. 6. We have not received any properly filed legal request to date about disclosing information about our customers. The exact procedure is determined by our attorneys. 7. … 8. We provide servers with P2P applications support and on these servers P2P complaints are, as legally invalid, trashed. 9. We accept many payment methods, all credit cards, paypal, alipay, perfect money and bitcoin are just some of popular methods we support. 10. For best security we recommend OpenVPN protocol with AES-256 bit, Camellia 256-bit, Cast 512-bit and BlowFish 512-bit. We also offer StealthVPN as additional layer of security on top of Open VPN which makes it virtually impossible for ISPs to recognize OpenVPN protocol, throttle it or block. StealthVPN allows connections to any port of user choice (1-65535), both UDP and TCP. We support DNS leak protection and kill switches. 11. … 12. We run our own network of VPN servers in 54 countries which we have full control over. Astrill website NEXTGENVPN 1. No such logs are ever kept. 2. Rep. of Seychelles 3. In house custom tools that we will not disclose for obvious reasons. 4. None. 5. They are ignored. 6. Never happened. 7. Irrelevant in our case. 8. Yes. On selected destinations only. 9. Payments are handled by a different company without any direct links to users accounts. 10. OpenVPN – AES256. DNS leak protection and automatic reconnect are provided. 11. Yes, we maintain our own DNS services. 12. We have direct control of all infrastructure servers and most of VPN remote gateways. Some VPN gateways are third party hosted. Gateways : US,NL,UK,BE,FR,ES,PT,UA,CH NexTGenVPN website STEGANOS 1. We do not store any user data, neither regarding IP-addresses nor time stamps. 2. We operate under German jurisdiction, where no data retention law is in force. Therefore, currently there is no legal basis in Germany that forces Steganos to store user data. This means that we do not have any information to share with third parties or court. 3. In order to protect our users from abuse we keep our servers safeguarded against malware and abuse-software, for example by constantly providing security updates and blocking unnecessary ports. We do not monitor any activities of our users, but retain the possibility to block ports which are reported to be used exceptionally often for abuse (e.g. spamming). 4. We use Google Apps within our company. Our support service additionally uses Zendesk, which logs some user information. As these are stored on different servers, they cannot be used for user identification though. 5. After receiving such a notification, Steganos takes seizure according to its own measures that we consider appropriate. In general, this would be the restriction of access to the copyright protected work, but not the blocking of a user. 6. Steganos has taken a strong stance for data security and protection for years and defended customer information against any disclosure. This means that we try to prevent the identification of our users and even go to court, if necessary, like in 2009. Back then the data retention law imposed by EU was in force in Germany. Nevertheless, Steganos refused to release the IP-address of a user to the lower regional court of Bamberg and successfully proceeded against this court order. 7. As our company is not based in the US, we do not need any warrant canary. 8. BitTorrent is not actively blocked as of now. 9. Our customers can pay easily and securely via Paypal, Credit Card (Mastercard, Visa), bank transfer, check or Giropay. All billing information is stored on different servers and cannot be linked to users by any means. 10. We recommend OpenVPN with 256-bit AES encryption and therefore work with it in our product “Steganos Online Shield VPN“. As we believe it to be the most secure option, we are also currently planning on implementing it in our VPN tool “OkayFreedom†(which uses 128-bit blowfish as encryption algorithm so far). We neither offer tools regarding kill switches nor DNS leak protection as of now. 11. We use Google Public DNS server, which we consider unproblematic. It is not only the biggest public server with over 130 billion requests per day and works fast, but also does not store personally identifiable information nor IP-addresses permanently and all temporary logs are deleted after 48 hours at the latest. 12. We offer servers located in 12 different countries, which are: Egypt, France, Germany, Great Britain, Japan, Mexico, Romania, Singapore, Spain, Switzerland, Turkey and the USA. Therefore we collaborate with several third party providers that reside in these countries, for example 1&1 Internet AG in Germany, hosttech GmbH in Switzerland and SAKURA Internet Inc. in Japan. Despite we do not have physical control over the VPN servers there, we always take security measures like installing our operating system directly on these servers. It is to mention, that all login servers are placed in Germany where we have full control over them. STEGANOS VikingVPN website 1. No. Logging of that kind would be foolish for us. It would be a betrayal of our customer’s trust, and it would ultimately give us more legal liability than we want to have. 2. We currently have servers operating in the United States, Netherlands, and Romania. We chose these locations as sites that would honor our zero data retention policies for VPN services. The company was incorporated in the United States. 3. We don’t use tools to monitor and mitigate abuse. However, if credit card fraud is reported, we will immediately terminate the offending account. 4. We use Google Apps for email. We do not consider any email service to be secure at this time, and we advise privacy minded users to use PGP encryption with us, as that is currently considered the best method of email communication by the privacy community. Our PGP key is available on request. 5. We haven’t received a VALID DMCA notice yet. Anyone sending us a notice gets a fully copy-paste of our DMCA policy, reminding them of the conditions for a VALID DMCA notice. 6. It hasn’t happened. If it were to happen, we would be unable to comply because our infrastructure doesn’t allow us to collect that kind of information. If a court ordered us to modify our infrastructure in order to allow it to collect that kind of information, our warrant canary would activate. 7. Yes. We have a dead man’s switch warrant canary that is managed by two admins. If the canary is tripped, the front page of the site changes dramatically to warn users of a possible compromise. 8. Yes. We don’t block any ports. 9. Our payment gateway is TSYS for all credit card transactions. We also accept Bitcoin and Darkcoin. For the Credit Card transactions, we only retain the necessary data for the transaction. For Bitcoin and Darkcoin transactions, we only use an email address, which is for support purposes only. 10. We recommend only using Open Source VPN clients, as any closed source client could have backdoors or unknown security vulnerabilities. For our users, the maximum security encryption is the default encryption, and users can’t change it. Most people can’t be expected to know which encryption schemes are going to keep them safe 30 years into the future, nor should they be expected to know that. At VikingVPN we use RSA4096 for the handshake, AES-256-CBC for symmetric encryption, SHA1 for data integrity checks, and a 2048-bit HMAC cipher for hardening against man-in-the-middle attacks. For the session/control channel, we use 4096-bit DHE which renegotiates hourly with new keys, creating perfect forward secrecy. 11. We use OpenDNS in the US and FreeDNS in the EU. Utilizing a local DNS would not assist with privacy as all DNS requests are tunneled through our VPN and out to the public DNS servers, additionally, using a local DNS gives us a single point of failure for a DDOS attack, and would make the network vulnerable. 12. Our servers are leased by thoroughly vetted partners. We have tight control over the hardware, and we only allow our servers to be hosted in high quality datacenters with multiple layers of physical security such as 24 hour security staff, biometric scanners, and cabinet-level security. Most importantly, we do not use virtual servers or cloud services for hosting our VPN network. We operate with bare-metal servers only using our custom configuration. Torrentfreak
  15. 4K Blu-ray is officially on the way. According to Victor Matsuda, Chairman of the Blu-ray Disc Association Global Promotions Committee, the BDA expects the specs for 4K Blu-ray to be finalized in the first half of 2015, paving the way for commercial availability by the end of the year. This means we can expect to see actual 4K Blu-ray movies and players available in stores by Christmas next year. Apart from the jump to 4K resolution (3840 × 2160p) we can also expect 4K Blu-ray to support higher frame rates (up to 60fps), an expanded color gamut along with high dynamic range (HDR), as well as HEVC/H.265 encoding to compress 4K movies more efficiently and allow for higher bit rates. The group is currently exploring the possibility of increasing the disc capacity to 66GB or 100GB. The news was confirmed by representatives on the show floor at IFA 2014 in Berlin, which opened its doors to visitors today. 4K movies will be coming to Blu-ray discs and hard drives.
  16. 2015 AsiaTorrents Banner Contest Deadline: 31 JANUARY 2015 (11:59 PM GMT). Shortlisting: Completed (Shortlisted Banners) Voting: Soon We have shortlisted the banners for 2015, Congratulations! View Shortlisted Banners!
  17. - 70s MOVIES - for every uploaded on "Movies of the 70s" in February 2015 you will receive 5 Gb, another 3 Gb if not yet on the site + 1Gb for every collection item (type, actor, actress, director, producer - complete list on collections) - All these - Movies of the 70s - uploads are free leech in February 2015- As Always you have to claim your reward by PM to Rudieger
  18. Do not forget Every series in 2015 , the first part of the season for free to download, after checking the validity Staff withdrawals . The distribution of course pay attention to these torrents of it! 1st Staff
  19. Merry Christmas & Happy New Year 2015 On behalf of all the staff i want to wish all of you a wonderful Christmas and a happy New Year. Best of wishes to everyone and a big thank you for helping us keeping the site alive with all your support through this year. Hope to see you all in the new year with a blast. Lots of love, Invite Scene Staff
  20. A huge police raid in 2006 failed to permanently take down The Pirate Bay yet what appeared to be a more discreet attack in early December has done much more damage and gathered more headlines. We take a look back on one of the torrent scene's most significant months on record. tpb-logoMay 31, 2006 was a momentous day for everyone involved in the BitTorrent scene. The Pirate Bay, one of the world’s most famous torrent sites, was smashed to its knees. Dozens of police, acting on information provided by the global entertainment industries via local anti-piracy group Antipiratbyran, raided Swedish datacenter PRQ and seized all of the site’s hardware. But like a phoenix rising from the ashes, three days later The Pirate Bay was back online utilizing a backup that Fredrik Neij, aka TiAMO, had made of the site. In a public speech heralding the site’s return, Neij excited gathered crowds in Sweden. “It’s a pleasure to announce that the Pirate Bay is back online. In your face, Hollywood,†the Swede declared. TPB was back. In the years that followed The Pirate Bay grew in size and reputation, an apparently unstoppable behemoth supported by a hard-core following renewed determination. But while the masses enjoyed the spoils of the site for years to come, in November 2014 history caught up with Neij when he was arrested at the Laos/Thai border, shipped back to Sweden and locked in a prison cell. Several weeks later, on a December morning more than eight years after the original raid, Antipiratbyran – now known as Rights Alliance – showed the world that they also have extremely long memories when it comes to The Pirate Bay. Following a new investigation and presentations to the authorities, police descended on a datacenter in Nacka and once again ripped The Pirate Bay offline. The events of 2006 and the Megaupload case aside, never before had so much attention been focused on the shutdown of a file-sharing site. Tens of millions of worried Pirate Bay users sat in disbelief as the hours passed by. Some thought the downtime was related to technical issues. Others believed news of a fresh raid was a hoax. It was neither. As file-sharers and interested observers absorbed developments, one train of thought persisted through most conversations. Hadn’t The Pirate Bay become raid-proof? Wasn’t its virtual server setup immune to the attentions of the police? Who was in charge of making the backups this time around and why isn’t the site back online already? piratesaintThe days passed and it became increasingly clear – this wasn’t The Pirate Bay of 2006. Times – and people – had changed. The team that had driven the site to glory during the last decade had long since parted ways and the collective defiance of Piratbyran (the Pirate Bay’s founding group) had dissipated following a decade of pursuing still unsurpassed culture sharing ideals. “We were not that surprised by the raid. That is something that is a part of this game. We couldn’t care less really,†a Pirate Bay insider informed TF in the wake of the shutdown. “We have however taken this opportunity to give ourselves a break. How long are we supposed to keep going?†So what could be done to fill the vacuum before any Pirate Bay return? Interestingly it was previous efforts to limit the availability of The Pirate Bay in countries such as the Netherlands, United Kingdom and elsewhere that provided the springboard. Sites and domains that previously acted as mirrors and proxies to TPB suddenly transformed themselves into clones of the famous site. Some early efforts were controversial, with fears over impostors and malware unsettling the masses. Others (such as ThePirateBay.com.ua) became the closest representation of what the site once was, with user names and a high percentage of comments now restored. But despite the claims and suggestions, not a single one of these sites is the real Pirate Bay resurrected. Nevertheless, many have flourished simply by virtue of similar looking domains and a half decent torrent index. However, one of the most interesting developments was launched by the team responsible for launching isoHunt.com clone, isoHunt.to. TheOpenBay project is an attempt at open-sourcing a Pirate Bay-like site, and not without success. The initiative has resulted in hundreds of mini TPB clones and the sky-rocketing of the project to the top spot on developer platform Github. OpenBay has real potential and provides an easier route into the torrent scene for budding admins, but ultimately this platform provides an alternative, not a replacement, to The Pirate Bay. The disappearance of The Pirate Bay has been somewhat of a roller-coaster. Emotions have been running high all month, with hopes for a return and/or a worthy replacement at the forefront of millions of users’ minds. Dreams of a grand return were boosted four days before Christmas when the original Pirate Bay domain – ThePirateBay.se – burst back to life. While the famous front page was missing, an elaborate pirate flag has waved on the site ever since. Alongside other cryptic hints, the flag is keeping the pirate spirit alive and hopes of a resurrection with it. At the time of writing The Pirate Bay has been down a record-setting three weeks. In all of its history the site has never been offline for such a long time which raises some obvious questions. Will the site ever return or is the delay down to important technical issues which need to be overcome in order for the site to come back up and stay up? Whatever the reason, it now seems that 2015 will begin without The Pirate Bay and if that is to be the case, somehow the community needs to come to terms with that. Will things ever be the same? Perhaps not. But file-sharing did not begin with The Pirate Bay and will not end with it either.
  21. Earlier today, we gave you seven exclusive reasons why you're going to want to own a PlayStation 4 in 2015. But as Microsoft proved in 2014, they can hold their own when it comes to exclusive games offered on their console. It's all relative, but I personally feel that Xbox One had the better exclusive lineup this year. But what about in 2015? We've already made quite the case for PS4, but can Microsoft match Sony's gaming muscle? Below are 5 exclusive Xbox One games we're excited to play in 2015. Crackdown (3) The first Crackdown was launched by Microsoft Studios for Xbox 360 back in 2007. Featuring an open-world filled with over-the-top action and extreme weapons, it was well-received and widely regarded as a nice alternative to the Grand Theft Auto franchise. Details are still scarce regarding the new Crackdown, which was announced during Microsoft's E3 2014 Press Conference, but a trailer that accompanied the reveal seemed to showcase the same elements that made the original so popular. Rise of the Tomb Raider Tomb Raider Crystal Dynamics Tomb Raider reboot was a huge hit and one of the biggest games of 2013, despite what its publisher Square Enix had to say. If you plan on continuing Lara's journeys in Rise of the Tomb Raider, though, you're going to need an Xbox One, as Rise of the Tomb Raider is a timed exclusive. Sure, it may -- and probably will -- eventually make its way to PlayStation 4, but we don't know when that'll be. If anything, this is Microsoft's temporary answer to PlayStation's Uncharted franchise. Fable Legends Mouse over video for audio CLOSE Fable Legends Fans of the popular Fable series are going to want to own an Xbox One in 2015, as the latest installment, Fable Legends, makes its debut. Designed primarily with an emphasis on cooperative multiplayer gameplay, this role-playing game pits four heroes against a villain trying to prevent the group from completing objectives. Quantum Break quantum break Described by developer Remedy Entertainment's Sam Lake as a "fusion of a cinematic action game and a top-of-the-line live-action show," Quantum Break looks to blur the line between television and gaming. Officially labeled as a third-person, cover-based action game, Quantum Break sees you wielding unique powers in which you can bend and warp time to outmaneuver and outwit the enemy. What's really cool, though, is how your actual gameplay will impact the show. And in turn, the show will give you tips and inform you on how to play the game. Halo 5: Guardians Halo 5 Guardians Halo 5: Guardians, the newest installment of Microsoft's flagship franchise, makes its debut exclusively on Xbox One in 2015. Do I really need to say more about this? If a new Halo isn't reason enough to go out and buy an Xbox One this year, then I don't know what else Microsoft can do to convince you. If you already own an Xbox One and a copy of The Master Chief Collection, then you can get a sneak peek at Halo 5's multiplayer right now.
  22. With the start of a new year comes the promise of what could be. Major upcoming titles and huge industry events are just two of the things people think of when it comes to a new year. For the Wii U, Xbox One and PlayStation 4, 2014 was a phenomenal year from a hardware and software standpoint. There were so many great stories and trying moments for thousands in the gaming industry, but it's time to start looking forward. 2015 looks to be one of the biggest in gaming, as was 2014, and to help prepare you for what is coming next, here's a look at what some of the industry's biggest publishers need to do in order to ensure success over the next 12 months. Microsoft Microsoft Permission given to use photo by Microsoft Microsoft If you have been paying clear attention to gaming this past year, then you have to admit that Microsoft had one of the best years of the three hardware firms. Yes, Nintendo had an exceptional one as well, but 2014 was crucial for Microsoft and the Xbox One. After a rocky launch of the Xbox One, Microsoft rebounded phenomenally with outstanding game releases and exceptional console bundles. This holiday saw Microsoft release three outstanding Xbox One exclusives: Sunset Overdrive, Forza Horizon 2 and Halo: The Master Chief Collection. Among others that have launched on the system, these three have helped bring in new Xbox One gamers and foreshadow some incredibly promising things for the future. Looking at the console itself, a price drop was needed so Microsoft dropped the Kinect and slapped a $399 price tag on the device. This, in addition to the remarkable $349 holiday price cut, has boosted sales for a console that struggled to sell a year ago. For 2015, continuing to publish quality games is going to be crucial for Microsoft. Games like Halo 5: Guardians, Fable Legends, Rise of the Tomb Raide, among others, will be important in Microsoft continuing its success. Sales of the system have skyrocketed and that will most likely continue, so long as messaging stays consistent and games remain exceptional. 2014 was a massive year for Xbox and should Microsoft produce another year like this past one, look out Sony and Nintendo. Nintendo Nintendo Permission given to use photo by Nintendo Nintendo Nintendo is a company that so many people want to love and support, but many need further justification before doing so. It's a matter of fact that the Wii U has some of the best exclusives of any other platform. Just about every exclusive Nintendo publishes for the Wii U is a critical hit, but that hasn't been good enough to bring sales up to par with competing systems. The firm has done so much right with the 3DS and for 2015, they only need to continue making great games for it. The outstanding Wii U exclusives will continue to bring in more gamers to the console, and that is something Nintendo must not stop doing. That said though, the company needs to find ways to bring in more third party support because it just isn't there. The lack of support is a turn off for many prospective buyers. It's true that most third party publishers aren't sure what to do with the Wii U and creating a game specifically for the system is a legitimate financial risk. Nintendo needs to change that and get third party games back on their platform. Continuing to sell more Wii U systems is a way to do that, but so is convincing third party companies that bringing a major AAA release to the Wii U isn't going to damage their bottom line. Accomplishing that may be done by de-emphasizing the Gamepad or by focusing on the Wii U Pro controller, but one thing is for sure, they need to have a larger presence from third party publishers if they hope to revive the Wii U in 2015. Sony Sony Permission given to use photo by Sony Sony The PlayStation 4 has had the best start of any of the three new-generation consoles on the market today, that is a fact. What's puzzling is how Sony hasn't been able to capitalize on that further with great games. 2014 did see some decent releases like inFamous: Second Son, The Last of Us: Remastered, LittleBigPlanet 3 and DRIVECLUB, but it was a less than stellar year for the publisher. inFamous: Second Son and LittleBigPlanet 3 were good, but not great. The Last of Us was a remaster and DRIVECLUB was released two months too early. The firm undeniably won the mind-share war with Microsoft and Nintendo by providing brilliant messaging and offerings surrounding the PS4, but that is not enough to ensure console sales for an entire generation. That is done through publishing great games. In 2015, Sony needs to have a better year from a publishing standpoint. Game delays thinned 2014's offerings a bit, so when you look forward into 2015, Sony has a major opportunity to reestablish dominance in the first party software space. Games like Bloodborne, The Order 1886, Uncharted 4 and more are scheduled to launch in 2015. It goes without saying that these games need to deliver top-of-the-line experiences because gamers will eventually turn to other platforms if not. Messaging can't makeup for sub-par games. Should Sony return to publishing some of the best games this industry has to offer, the PS4 will continue to enjoy top-notch console sales. EA EA Permission given to use photo by EA EA The launch of Battlefield 4 was a disaster, but since then, EA has made some major changes to their philosophy. Games are no longer being pushed out before they are ready. The delays we have seen have been for the sake of quality and it shows. Proof of this philosophy and proof of it working is Dragon Age: Inquisition. The game was originally scheduled to launch this past October, but the firm push its launch back about a month. We don't know what would've been different had it been launched in October, but we do know the Dragon Age: Inquisition that launched in November was excellent. It in fact won one of our Game of the Year awards. Being more open about the games they are working on has been a breath of fresh air in an industry that prides itself on surprises and secrecy. EA's new commitment to quality and transparency is something that resonates with consumers. Should EA continue their string of quality games with the upcoming release of Battlefield: Hardline and others, 2015 could be a huge year for the publisher. We fully expect Hardline to perform well, and if Star Wars: Battlefront ends up doing the same, should it release in 2015, it'll be just what the doctor ordered for EA. There's a lot we don't know about for what's coming from EA in 2015, but we do know if they don't break their commitment to quality, the new year will be a great one. Warner Bros. Warner Bros. Permission given to use photo by Warner Bros. Warner Bros. Warner Bros. had a humble, yet exceptional year in 2014. Their biggest release was Middle-earth: Shadow of Mordor and it was a critical, commercial success. This upcoming year has a lot of bright spots on the horizon for the publisher. The publisher has the right scent of what most gamers want these days, open-worlds. If you don't think this is the case, just look at their upcoming slate of titles like Batman: Arkham Knight, Dying Light, The Witcher 3: Wild Hunt (North America publisher) and Mad Max. Open-world games are experiences players want the most and the market proved that this past holiday season. The three games that won our Game of the Year honors were all open-worlds (Dragon Age: Inquisition, Shadow of Mordor and Sunset Overdrive). Knowing what consumers do and do not want is important in this industry, as is producing quality games. Warner Bros. has their hand on what gamers want and if they can continue to publish high quality open-world experiences in 2015, success with continue to be at its grasp. Square Enix Square Enix Permission given to use photo by Square Enix Square Enix In 2014, Square Enix was just getting its feet under itself in the new-gen space. Remasters were a major theme for the firm with games like Tomb Raider and Sleeping Dogs coming to the PS4 and Xbox One. They did bring Thief, Lara Croft and the Temple of Osiris and Murdered: Soul Suspect to the new-generation of gaming, but fans want to see more from their biggest franchises. With 2014 being the year of remasters for Square, 2015 will need to be a year for launching new games. Titles like Just Cause 3, Rise of the Tomb Raider and Life is Strange are all scheduled to arrive in 2015, with Final Fantasy XV and Kingdom Hearts III possibly coming as well. We know a new Hitman game is in development, but we'll most likely not see that launch this year. This coming year will mark a coming out party for the biggest brands the firm has to offer. Successful and timely launches will be important, but only when they are ready for launch. Kingdom Hearts III and Final Fantasy XV are going to be marquee launches and they cannot afford any slip ups with these adored brands. Square Enix has positioned itself to release some of the year's most unique, influential and fun games in the industry. The firm has a strong lineup coming next year, and if they all measure up to the hype, 2015 will be a major stepping-stone. Activision Activision Permission given to use photo by Activision Activision Activision had an interesting year with the launches of Skylanders Trap Team, Call of Duty: Advanced Warfare and of course, Destiny. These three titles have seen phenomenal commercial success, but not all of them were critical hits. Skylanders was more of what fans wanted in a great way, and Advanced Warfare is perhaps the most accessible Call of Duty yet. The brilliant matchmaking system and introduction of exo-jump suits have made this year's iteration one of the best. Then there is the launch of Destiny. Greeted with mixed reviews and reactions from fans, Destiny was by far the most polarizing game we saw release in 2014. Bungie has established the game as a major franchise and managed to gain a major base of players, but it was not an overwhelming hit. There is still work to be done for the game to reach its full potential. In 2015, Activision needs to resist complacency and maintain an eye of the tiger mentality. Yes, Destiny was a commercial success, but the game needs to improve to make it as memorable as Bungie's past games have been. Call of Duty and Skylanders need to both continue to evolve as well. Having only three major brands means that there is no room for error. If one of these games stumbles, perilous outcomes will appear. Activision has three of the biggest franchises in the gaming industry today, and if they can continue to find tangible ways to improve those games, they will remain atop. Ubisoft Ubisoft Permission given to use photo by Ubisoft Ubisoft Ubisoft was perhaps one of the busiest publishers in the year 2014. Publishing AAA games the likes of Watch Dogs, Assassin's Creed Unity, Far Cry 4 and The Crew showed the company's commitment to the PS4 and Xbox One. Over the past few years, one of the traits we've associated with Ubisoft games is quality. While 2014 didn't completely sully that reputation, it was a reminder of what the company needs to continue to do; release games when they are ready. Assassin's Creed Unity is a great game, without the bugs that is. Had Ubisoft decided to hold off on launching this game for a few more months, people would look at it in an entirely different way. This is a great game, but the bugs and issues with it proved that it just wasn't ready to be released. This is part of the danger of letting finances and market expectations drive business decisions. Maybe Unity had no other option but to launch in November due to what may be coming in 2015, but we do know it shouldn't have. 2015 is a major year for Ubisoft and we'll probably see another three or four games launch from them. Games like The Division and Rainbow Six: Siege are so important for Ubisoft to get right. Releasing them before they are truly ready could be damaging from a long-term standpoint. Assassin's Creed Unity was a slip-up, but The Division and Siege would be a de-railer should they stumble too. This would be highly uncharacteristic of the publisher and that is why many are giving the firm a pass on Unity. 2015 is a chance for Ubisoft to redeem itself and show the consumers why they have the reputation of creating some of the best games around.
  23. Is it a specific game? Consistent online connectivity? More Sequels? More innovative titles? After the last few days, more consistent online connectivity is certainly high on my list, but I am also looking forward to more innovative games – the kind of games that will sneak up on me and surprise me. Of course, there are a lot of sequels I am excited about as well, like The Legend of Zelda Wii U, Batman: Arkham Knight, and Halo 5.
  24. Future's so bright. 2014 was packed with some outstanding games, but even a cursory glance at some of the games confirmed for 2015 shows that the next 12 months could outshine the previous year when it comes to high quality experiences. And while 2014 saw the steady rise of the Xbox One and PlayStation 4 (and the quiet resurgence of the Wii U), 2015 looks like it will be the year where the new consoles truly shine and finally deliver on their promise. PCs, too, remain a stronghold for unique and amazing gameplay experiences, and will undoubtedly continue to be an outstanding platform for gaming in the new year. So which 2015 confirmed releases are the GameSpot team most looking forward to? Evolve Evolve Coming February 2 for PC, PS4, Xbox One Every team-based shooter claims to require camaraderie and coordination, to the point that boasts of mandatory teamwork can often be dismissed as simple buzzwords.Evolve’s alpha test proved that “teamwork†is not just a marketing term in this case, but an inescapable need. The game’s asymmetrical, monster-versus-squad action is electrifying, and makes playing every class an absolute blast. Don’t dismiss Evolve as another been-there-done-that competitive shooter: there’s something truly special here. -- Kevin VanOrd Bloodborne Bloodborne Coming March 24 for PS4 It would be disingenuous to suggest that one of the reasons we’re so thrilled by Bloodborne is that it so closely resembles From Software’s previous games in the Souls series. Those games rose to excellence through their weighty combat, their stiff challenge, and their oppressive atmosphere. That we will be able to say the same about Bloodborne is almost certain. But we’re also thrilled by how the game so clearly makes a statement apart from the Souls games. It’s a different kind of world with different kind of weapons, and boasts a newfound fluidity of motion that makes combat newly fresh. -- Kevin VanOrd Mighty No. 9 Mighty No. 9 Coming April 2015 for PS4, Xbox One, Wii U, PC, Vita, 3DS Without a new Mega Man game in sight and the franchise locked behind Capcom's doors, Keiji Inafune's Mighty No. 9is promising to fill the void. A class-style action-platformer with colorful bosses whose power you can absorb, Mighty No. 9 is both a throwback to its predecessor and a glimpse of what can happen when fans help shape a game. Through a successful Kickstarter campaign and constant communication with its backers, those who really want Mighty No. 9 are helping to shape it, and developers are listening at every step of the way. We're excited to see this return to form for Inafune and get our hands on a game truly tailored to its fans. -- Alexa Ray Corriea The Witcher 3: Wild Hunt The Witcher 3: Wild Hunt Coming May 19 on PC, PS4, and Xbox One The Witcher 2 planted the seed. It depicted one of the most beautiful and brutal places you can explore within the whole of games, and planted within it an intriguing political story and a vicious combat system that made shedding blood feel physically and emotionally exhausting. The Witcher 3: Wild Hunt’s exponentially larger world and new characters would seem to bear the fruits of that initial seed. A stunning and vast landscape, filled with difficult decisions and colossal creatures, awaits us, and it’s difficult not to tremble when you imagine the possibilities. -- Kevin VanOrd Batman: Arkham Knight Batman: Arkham Knight Coming June 2 for PS4, Xbox One, PC Developer Rocksteady is back to finish off what they started with the extremely well received Arkham series. The bits and pieces of what we've seen so far of the game have been stunning, due in no small part to the increased horsepower of the PS4 and Xbox One. And the inclusion of the Batmobile seems to be more than just a neat gimmick--the Batmobile looks like it's been integrated into a lot more than just getting Batman from point A to point b in style, and seems to be useful in solving puzzles and even as a partner during Arkham Knight's brutal fistfights. I can't wait to see how the whole things blends together next year. -- Randolph Ramsay Rise of the Tomb Raider Rise of the Tomb Raider Coming 2015 for Xbox One Lara Croft's rebirth in early 2013 was met with high praise. This new Lara appealed to us because she was younger, softer--still learning the skills and hurtling through the experiences that would hone her into the powerful and confident Lara we've known since 1996. Trailers for Rise of the Tomb Raider show a Lara both broken and strengthened by the experiences of the first game, and we're excited to see her character grow and the exotic locales she'll conquer in the next game. -- Alexa Ray Corriea Metal Gear Solid V: The Phantom Pain Metal Gear Solid V: The Phantom Pain Coming 2015 for the PS3, PS4, Xbox 360, Xbox One, PC Though some may have only spent two hours playing through Metal Gear Solid V: Ground Zeroes' story mission, I put 10 times the hours into exploring the full range of the game's open-world stealth mechanics. I came away convinced that this is one of the most solid foundations ever for a stealth-action game. Seeing how this plays into the far more massive scale of Metal Gear Solid V: The Phantom Pain, along with the game's fascinating new buddy system and adversarial multiplayer base-infiltrations, is something I cannot wait to do. -- Daniel Hindes Star Fox Wii U Star Fox Wii U Coming 2015 to Wii U It's a new Star Fox game. What's not to be happy about? Shigeru Miyamoto's focus for the past several years appears to have been centered on Mario and Pikmin, so when he confirmed his new secret project is a Star Fox title for the Wii U, we were figuratively over the moon. Not much is known about this game yet, but as the first Star Fox appearance not in a Super Smash Bros. game since the Nintendo 3DS port of Star Fox 64, we're still excited. We'll be doing barrel rolls in anticipation until this one comes out. -- Alexa Ray Corriea Star Wars Battlefront Coming 2015 for PS4, Xbox One, PC My Star Wars excitement is swelling once again with the recent teaser trailer for Star Wars: The Force Awakens, and that those high hopes extend to the big Star Wars game we'll be getting next year: Battlefront. DICE's reboot of the multiplayer shooter series already looks gorgeous, with brief glimpses of the ice planet Hoth and forests of Endor seen at E3 2014. But what I want to know more than anything is: how will it play? What kind of game modes will we see? Will DICE opt to include a full-fledged singleplayer campaign as well? And perhaps most importantly, will we see any new locations and vehicles from the upcoming trilogy? My S-foils are locked in anticipation. -- Daniel Hindes Halo 5: Guardians Halo 5: Guardians Coming 2015 for Xbox One The Halo series is one of my favorites in all of gaming, and I'm eager to see what 343 Industries can pull off with its first new Halo title developed for Xbox One. On the story side, we're finally seeing a compelling new character in Agent Locke, an aggressive-sounding Spartan tasked with hunting down Master Chief. Locke will be a playable, "primary" character in Halo 5, and I'm excited to see how Locke's involvement affects Chief's saga. Best of all, though the full Halo 5 game won't be out until next fall, its multiplayer beta--which will let you try out the many new and exciting player abilities--rolls out next week. I know how I'm spending my Christmas break. -- Eddie Makuch The Legend of Zelda Wii U The Legend of Zelda Wii U Coming 2015 for Wii U At E3 last year, Nintendo revealed a Link in very different attire. And the recent The Game Awards presentation unveiled a breathtaking open world that makes the possible scope of the game's world looks expansive and more comparable to Western RPGs like Elder Scrolls. These brief teases make us excited to learn more. But it's Nintendo's agonizingly metered release schedule and record of releasing carefully crafted experiences that mean, whether it's the best in the franchise or just merely OK, it's the Wii U game that everyone will be talking about. --Justin Haywald Tom Clancy's The Division Coming 2015 for PS4, Xbox One, PC Ubisoft has garnered criticism this year for utilizing a very specific open-world formula across multiple genres. Thus far, Tom-Clancy-branded games have avoided many of that formula’s tropes, and The Division looks to hew more closely to the philosophies that separate Ghost Recon andSplinter Cell from the pack. There’s still much we don’t know, but if previous showings are an indication, The Division could smartly replicate the sense of joining a small band of cohorts and journeying into a devastated New York City, hoping to survive and even thrive. Destiny has popularized the dynamic-world multiplayer shooter. We’re excited to see how Tom Clancy’s The Division refines and riffs upon a soon-to-burgeon genre. -- Kevin VanOrd Uncharted 4: A Thief's End Uncharted 4: A Thief's End Coming 2015 for PS4 Uncharted is the series that redefined developer Naughty Dog. Previously known primarily as the creators of Crash Bandicoot, they're now the studio behind some of the most cinematic and well-paced action games on any console. It's almost a given that Uncharted 4 will continue the company's legacy of creating graphical showcases. And there's no doubt that it'll be another exciting, Indiana Jones-like adventure full of big set pieces and snappy dialogue. But if it also successfully integrates the combat refinements and nuanced, character-driven storytelling from The Last of Us, Uncharted could possibly be the developer's magnum opus. -- Justin Haywald No Man's Sky No Man's Sky Coming 2015 for PS4, PC This game with have limitless potential. That's the promiseNo Man's Sky seems to be making. Each and every time this amazing-looking game has been shown thus far, I'm left in awe at the sheer audacity of what it looks like it may be bringing to the gaming world. A huge, living galaxy which countless planets, procedurally generated lifeforms, and an invitation to simply explore and discover. If No Man's Sky can match even half of my expectations, then it'll be an outstanding achievement. If it can meet them all, then it'll be a revolutionary game. -- Randolph Ramsay Persona 5 Persona 5 Coming 2015 for PS3, PS4 With the series approaching its 20-year anniversary and its cult following still going strong, it's hard not to get wrapped up in the hype for the next Persona game. Set to launch next year for both PlayStation 3 and PlayStation 4, Persona 5 looks--from its sole teaser trailer--like it will take the beloved role-playing franchise into a new setting with possibly more mature characters (the character in the teaser looks to be wearing a college uniform). After a dozen re-releases and spin-offs from the last numbered title, the critically acclaimed Persona 4, fans are slavering for another adventure. -- Alexa Ray Corriea
  25. Microsoft has launched a "Countdown to 2015" sales promotion for Xbox, offering a series of daily deals onXbox 360 and Xbox One titles. As the promotion's name suggests, Microsoft will unleash a new deal every day until January 1, 2015.Starting things off today are some discounts on various Lord of the Rings games. Microsoft's Countdown to 2015 sale also applies to various Xbox TV and movie programming. You can see all of the video content on sale through the Xbox Video website. Below are today's Xbox One and Xbox 360 deals. Notably, you don't need an Xbox Live Gold membership to enjoy the savings. Xbox One Deals Available Today (December 22) Only: Trials Fusion: Deluxe Edition (full game and DLC pass) -- $20 Xbox 360 Deals Available Today (December 22) Only: Slender: The Arrival -- $5 Trials Fusion -- $10 Trials Fusion DLC Pass -- $10 Previous deals have included: December 16 Lego: The Hobbit (Xbox One) -- $20 Middle-earth: Shadow of Mordor (Xbox One) -- $40.20 Middle-earth: Shadow of Mordor DLC Pass (Xbox One) -- $16.74 Lego: The Hobbit (Xbox 360) -- $9.89 Lego: The Lord of the Rings (Xbox 360) -- $5 December 17 Costume Quest 2 (Xbox One) -- $10.04 Costume Quest 2 (Xbox 360) -- $10.04 Tropico 5 (Xbox 360) -- $26.79 December 18 Outlast (Xbox One) -- $8 Moto GP 14 (Xbox 360) -- $26.79 MX vs. ATV Supercross (Xbox 360) -- $20.09 December 19 Murdered: Soul Suspect (Xbox One) -- $16.50 Murdered: Soul Suspect (Xbox 360) -- $12 December 20 Metro Redux Bundle (Xbox One) -- $33.16 Metro Last Light (Xbox 360) -- $10.19 Saints Row IV (Xbox 360) -- $11.89 December 21 Contrast (Xbox One) -- $7.50 Guacamelee: Super Turbo Championship Edition (Xbox One, Xbox 360) -- $7.50 Nutjitsu (Xbox One) -- $3.25 RBI Baseball 14 (Xbox One, ,Xbox 360) -- $5 Stick it to the Man (Xbox One) -- $5