[HN Gopher] Kape Technologies buys ExpressVPN for $936M
___________________________________________________________________
Kape Technologies buys ExpressVPN for $936M
Author : schleck8
Score : 136 points
Date : 2021-09-16 15:05 UTC (7 hours ago)
(HTM) web link (alternativeto.net)
(TXT) w3m dump (alternativeto.net)
| dannylandau wrote:
| Considering that the whole executive team at Kape is Israeli,
| then no one should be surprised, even if domiciled in UK. I'm a
| fan of ExpressVPN.
| croes wrote:
| "Kape Technologies was originally found under the name of
| Crossrider in 2011 developing advertising apps until they changed
| their name in 2018.
|
| However, their software was treated as malware by companies such
| as Malwarebytes and Symantec begging one to ask, how can such a
| company despite rebranding itself change the shoddy culture that
| it had?
|
| But the connections don't end there. The very first CEO of
| Crossrider, Koby Menachemi, happened to be once a part of Unit
| 8200 which is an Israeli Intelligence Unit in their military and
| has also been dubbed as "Israel's NSA." Teddy Sagi, one of the
| company's investors was mentioned in the Panama Papers which were
| leaked in 2016."
|
| https://www.hackread.com/israeli-firm-kape-technologies-expr...
| vmoore wrote:
| > How can such a company despite rebranding itself change the
| shoddy culture that it had
|
| This is the nature of VPN companies. You _must_ do your
| research. Sadly most consumers don 't do their research and
| blindly trust that the VPN provider has their best interests at
| heart.
|
| Should that mean we trust a provider that has _zero_ scandalous
| pasts? Hardly. Treat every VPN provider as if they peddled
| malware in the past I say.
| peeters wrote:
| I switched to ExpressVPN when PIA was transfered to an owner I
| was skeptical of. Whom can one recommend now?
| sillysaurusx wrote:
| NordVPN! But only because Internet Historian's ads are too
| effective. In fact, it's been a saga. https://www.youtube.com
| /watch?v=iFZ_N1Faf_E&ab_channel=vonFu... is probably my
| favorite, but there are like 40 more. (https://www.youtube.co
| m/watch?v=0p9J9cI0t7M&ab_channel=vonFu... etc.)
|
| But if you need security, roll your own VPN. You can set up a
| Digital Ocean droplet as one. It's a pain, but you only need
| to do it once.
|
| I'm not sure there's much of a persuasive reason to use any
| of these big providers. That's why they always fall back on
| claims of security - unsophisticated users always fall for
| it.
| Hamuko wrote:
| NordVPN doesn't have an entirely spotless record.
|
| https://www.theverge.com/2019/10/21/20925065/nordvpn-
| server-...
| fragmede wrote:
| Whats your threat model, that a Digital Ocean droplet is a
| viable VPN host? It's trivially tracebackable to you.
| sillysaurusx wrote:
| How so? All you see is that a random DO droplet is
| pinging your service. You'd need a legal request to get
| any further info about the droplet. And in that
| situation, it's equivalent to any other VPN service that
| will comply with legal requests.
| Xavdidtheshadow wrote:
| A good VPN won't _have_ logs, so they _can't_ comply with
| legal requests (instead of won't)
| sillysaurusx wrote:
| Do you really trust that? With your life?
|
| This is precisely the point that the threat model bares
| its fangs. You can ignore it, but you should be aware
| that you're putting all your faith in that service.
|
| A hypothetical Good VPN doesn't exist in China, for
| example, because they're legally not allowed to do what
| you suggest. Many of us don't live in China, but some do.
| Even outside of China, is it really true that a VPN
| service will simply give LEO the finger when they ask
| "Who was downloading child porn off your servers?" I'm
| skeptical they can.
| penagwin wrote:
| He is talking about government level threats, DO provides
| no benefit.
|
| I'll add that rolling your own means you're the only one
| exiting that IP address, so if your threat model involves
| websites profiling you and/or alternative accounts that
| won't help.
| sillysaurusx wrote:
| Where did someone mention government level threats?
|
| If the threat model is a government, Tor is the only safe
| solution, and only after extensive training and
| safeguards. Using anything else is actually-crazy.
| james_pm wrote:
| TIL PIA was acquired by Kape as well. I had no idea until I
| looked at their site to see who bought ExpressVPN and saw the
| PIA logo.
| moeadham wrote:
| ProtonVPN has a decent product and management team.
| iampims wrote:
| Mullvad
| rapind wrote:
| This or Mozilla which backs onto Mullvad.
| temp8964 wrote:
| This reminds me of a Chinese company 360 (www.360.cn). It used
| to be a malware company and then turned into a antivirus
| company.
| Macuyiko wrote:
| Indeed, and if you've ever used a machine in China with that
| crap installed you know how well that went.
|
| Speaking of China, it has always been strange how well
| ExpressVPN worked there even during high pressure moments
| where all other vpn operators bit the dust, with some already
| wondering a few years ago if there wasn't something more
| shady going on. Eventually I ended up using some self managed
| shadowsocks servers and it's been a while, so no idea what
| the current state of affairs is, but I'm even less convinced
| to use them now.
| temp8964 wrote:
| I think any VPN service not blocked in China must have
| backdoors.
| mnahkies wrote:
| I've never been to China, but I'm curious - is it possible
| to connect to EC2 instances in us/eu? Anything stopping an
| SSH tunnel or wireguard to such a machine?
| SSLy wrote:
| ML-backed DPI on the great firewall that cuts you off
| after some time. Plethora of methods to wrap traffic in
| non-suspicious protos have been made.
| Forbo wrote:
| Here's hoping the change is genuine and not just a
| surveillance front.
| temp8964 wrote:
| The founder/ceo of 360 is a totally opportunist. He enjoys
| several political titles. He would love to be a
| surveillance front.
| trutannus wrote:
| I mean, those are transferrable skills.
| ianmiers wrote:
| I don't think tagging people as ex 8200 is very helpful. Israel
| has mandatory military service and at this point if you have
| aptitude or are in a high school computer club in Tel Aviv or a
| few other places, you probably end up in 8200 for your service.
| For that matter, half the people who say there were in 8200
| were either 1) listening to telephone calls 2) relegated to
| writing memos about the data people did hack and get. Of
| course, there are things one could have done that would raise
| serious questions. See, e.g., the issues raised for the people
| we know who worked on DualEC_DRBG.
|
| On the other hand, there are other sketchy things about express
| VPN.
| nayuki wrote:
| Interesting how this news juxtaposes with Mullvad VPN's
| announcement of staying independent.
| https://mullvad.net/en/blog/2021/9/16/ownership-and-future-m... ;
| https://news.ycombinator.com/item?id=28551960
| mbesto wrote:
| As pointed in the Mullvad thread on HN - their announcement is
| very likely a marketing move due to the perceived distrust of a
| new owner.
| 0-_-0 wrote:
| They are trying to capture the people leaving from Express
| VPN. There probably was a small exodus when PIA was bought
| and they learned from it. Meanwhile, I'm a happy PIA customer
| and just got a new 3 year contract.
| wackro wrote:
| Your choice is your own, but what made you want to stay
| with PIA after the takeover?
| fencepost wrote:
| I let my PIA account expire after the purchase, but
| there's a reasonable argument for "any shadowy figures
| siphoning their info aren't in my threat model."
|
| If you're Joe Schmoe who just wants to not get nastygrams
| over using Popcorn Time or a tweaked Kodi box pulling
| movies from torrent sites, you may be a lot more
| concerned about hiding your usage from your ISP than you
| are from some foreign government that doesn't care about
| you. For that user, PIA (or ExpressVPN, or NordVPN, or
| whoever else is out there) may be a perfectly viable
| option.
| 0-_-0 wrote:
| I'm not convinced that Kape is a worse owner, the
| evidence was weak. In addition, they sell privacy. If
| they stop respecting privacy they go under. If they start
| storing data they legally have to hand it over when being
| asked by law enforcement, which would expose that they
| stored it.
| beambot wrote:
| > If they start storing data they legally have to hand it
| over when being asked by law enforcement, which would
| expose that they stored it.
|
| Not necessarily.
|
| https://en.wikipedia.org/wiki/Parallel_construction
| bombcar wrote:
| But we've been shown that _storing_ data is only part of
| it; if you continue to use the service law enforcement
| can force them to log _you_.
| CaveTech wrote:
| This is blind trust, you are relying spotting wrong doing
| after it happens, at which point you would already be
| compromised.
| 0-_-0 wrote:
| Is there any other way?
| throwawaymanbot wrote:
| >> they sell privacy<< Lol theyll sell YOURs more like.
| [deleted]
| chrisco255 wrote:
| While we're on the subject, are there any alternative VPNs people
| recommend?
| gazby wrote:
| Mullvad tends to be the highest recommended VPN provider.
|
| https://mullvad.net/
| Cribbin wrote:
| For most use-cases I can't really see any reason not to go with
| Mullvad: https://news.ycombinator.com/item?id=28551960
|
| https://mullvad.net
| TedDoesntTalk wrote:
| FoxyProxy
| LeoPanthera wrote:
| I'm saddened to see that "thatoneprivacysite", once a
| comprehensive database of VPNs and their policies, now
| redirects to some scammy-looking "review" site that that pimps
| ExpressVPN right at the top of the front page.
|
| A shame.
|
| It looks like the next-best guide that hasn't been corrupted by
| referral money is privacytools.io, which currently recommends
| Mullvad, ProtonVPN, and IVPN.
| https://www.privacytools.io/providers/vpn/
| yegor wrote:
| Shameless self promotion:
| https://blog.windscribe.com/consolidation-of-the-vpn-industr...
| approxim8ion wrote:
| Love Windscribe. At a time when I wasn't able to afford a
| subscription, they were one of the very few services with a
| free plan that didn't look shady.
|
| I have since been a happy paying customer and also
| recommended it to a couple of my friends.
| schleck8 wrote:
| IVPN and Mullvad have a good reputation
| DaiPlusPlus wrote:
| OpenVPN running off your own NAS. Why would you use anything
| else?
|
| (Except for getting around geo-blocking, of course)
| seabrookmx wrote:
| Pretty sure a large chunk of these VPN users are just using
| it to avoid DMCA notices when torrenting. Rolling your own
| VPN doesn't get you around this.
| Fnoord wrote:
| Wireguard, better throughput and latency. Mullvad accepts
| Wireguard, btw.
| nirvdrum wrote:
| My NAS runs in my house. While I do have a VPN to connect
| when away, I don't particularly care for my ISP seeing all my
| traffic or being tracked by the entire web. I use Mullvad to
| try to achieve some semblance of privacy.
| DaiPlusPlus wrote:
| > I don't particularly care for my ISP seeing all my
| traffic or being tracked by the entire web. I use Mullvad
| to try to achieve some semblance of privacy.
|
| But VPNs don't enhance your privacy though - you're trading
| your ISP's snopping for your VPN operator's snooping - and
| TLS makes it all irrelevant.
| [deleted]
| mrkramer wrote:
| VPN service is worth $1bn?! I'm not sure about that. They must
| have a lot of users then.
| superflit wrote:
| there is something more going on.
|
| So much change in recent times.
| judge2020 wrote:
| A lot of users and in-video sponsor spots that will never go
| away (YouTubers can edit them out using YT Studio but the
| sponsorship contract might impose restrictions on if/when they
| can remove it).
| robertlagrant wrote:
| They'd better keep the name, or that's a lot of Youtube videos
| that will need rerecording.
| LeifCarrotson wrote:
| That's really all they're buying, right? The advertising
| budget, the name recognition, and the existing user contracts
| are the important things.
|
| The software isn't anything special, and the hardware and
| network connections to actually run the VPN are probably a very
| small part of their margins - certainly not worth nearly 1
| billion dollars.
| kurthr wrote:
| Actually, it was one of the few VPNs that regularly worked to
| connect past the firewall in more rural China (outside
| Beijing/Shanghai/Shenzhen). Don't personally know (or have as
| much interest) about the state of things now.
| kaesar14 wrote:
| Is it easier to get past the firewall in super urban China?
| Why is that?
| tyingq wrote:
| The much heavier traffic and variety of traffic in urban
| areas probably means looser rules. Even if just to reduce
| the noise for the great firewall admins.
| azinman2 wrote:
| It's not about heavier traffic. China literally has
| different rules for different parts of the country,
| different ISPs, different wireless providers (especially
| foreign versus domestic), etc.
| tyingq wrote:
| That doesn't mean that "volume/variety" isn't also a
| driver for different rules.
| azinman2 wrote:
| Where do you get that from, and what would be the
| technical basis?
| tyingq wrote:
| >what would be the technical basis?
|
| Just the sort of thing you see in the real world. It's
| much easier to lock down access for a network with less
| people using it.
|
| A network with more people starts to find all the edge
| cases where your lock-down rules break legitimate things,
| which results in calls to your boss from people with the
| clout to make you change stuff.
|
| Similar for reporting, alerting, etc. Volume and variety
| of traffic can force you to be more lenient in larger
| networks. Or lose any real effectiveness because your
| signal/noise ratio is now bad.
| kube-system wrote:
| Pure speculation, but I would guess that it may make
| practical sense for the party to relax the firewall in
| places where access to internet resources abroad could be
| more necessary for economic reasons.
| wyager wrote:
| I always had a hard time getting past the GFWoC in
| Shenzhen, even with wg tunnels to my own servers.
| kurthr wrote:
| I don't remember the specifics, but there were a lot of
| different packet types (eg UDP not just TCP) and
| protocols that ExpressVPN used to negotiate and transfer
| data. I'm sure there was quite a bit of cat-mouse, but I
| also assumed that there might be a symbiotic (or more)
| connection between Chinese security and ExpressVPN. I
| just wanted things to work, and didn't care so much about
| the actual "privacy" of the tunnel.
| blablablub wrote:
| With wg sending keep alive packets every 30 seconds it is
| one of the easiest protocols to block. Quite surprised
| you got any connection at all.
| robertlagrant wrote:
| Yes, I think so. It's a large sales and marketing company
| which happens to rent VPN :)
| fierro wrote:
| these are valid questions to ask but I'd be wary of falling
| into this _very common_ trap that I see on HN, which is
| dismissing the sophistication of a product based on, well,
| nothing really. Given that another company was willing to pay
| $1b, and given that this is a free market, do you think it 's
| more likely that ExpressVPN was simple and "not special", or
| that there is actually some substance there?
| qeternity wrote:
| It's a bit like saying "but getting to the moon is just a
| bit of metal and fuel".
|
| Execution is everything. And there are no guarantees when
| it comes to execution. That's what the cost of acquiring an
| otherwise "simple" business is: the cost to guarantee
| successful execution of a business/product plan.
| saurik wrote:
| Let's presume you are correct; is they idea that they are
| then special in a way that PIA isn't? This is just like
| when your local supermarket gets purchased by a company
| that owns other nearby supermarkets to be folded into their
| brand: they want the location and the customers that visit
| it, not some interesting innovation they heard you have
| been hiding for how to run your supply chain.
| LeifCarrotson wrote:
| I think that's a false dichotomy.
|
| You're suggesting that either ExpressVPN was a really good
| business with sophisticated secret sauce, strong technical
| chops, and capital assets probably worth $1B (validated by
| people with lots of money being willing to pay for it), or
| that I and other HN commenters are wrong about the
| sophistication and it's really worth peanuts because
| OpenVPN can be run on most routers or any Linux box.
|
| The latter is obviously false, but the former is not
| necessarily true - instead, what I and other users are
| pointing out is that they're really selling is their users,
| and implying that the buyer expects to be able to extract
| more than $1,000,000,000.00 of value from them. As you
| pointed out, you see this sort of comment when a social
| network or many other kinds of startups with lots of users
| are sold.
|
| The point is that the users are the product in this
| transaction.
| ionwake wrote:
| For this much money they are after the data right? Or am I being
| too overly dramatic
| fuj wrote:
| It says it will double their customer base to 6M. Considering
| ExpressVPN's subscription is $100/y, we're looking at around
| +$300M/y revenue. I really doubt selling data is worth more
| than that or even worth jeopardising that revenue.
| ve55 wrote:
| I'd hope not, but I don't think it's a necessary conclusion.
| Most subscribers to VPN companies pay $5 or more a month and
| use almost zero bandwidth (basically just opening Facebook and
| Twitter here and there), and so it's easy to throw literally
| thousands of them onto a single high-throughput dedi. The ones
| with good marketing are very high-margin companies with a high
| LTV.
| superflit2 wrote:
| Maybe not only "data" but ""meta-data"" that is more important.
| Closi wrote:
| Eh, their revenue was $279 million, and profits at $75m. Growth
| at 30% p.a. so it really depends how long-term their investment
| outlook is and how much they believe growth will continue.
|
| Particularly considering they own multiple VPN providers, so
| can probably squeeze overheads to increase margins, and also
| that much market control might allow you to increase prices
| across all brands you own due to reduced competition (as long
| as you don't tell anyone that's what you are doing - naughty
| naughty).
|
| Of course foreign governments are already at the heart of all
| these VPN providers anyway.
| cptaj wrote:
| With the rise of dictatorships worldwide and the complete
| inability of liberal democracies to fight back, I would guess
| there's a lot of growth in this market
| m00dy wrote:
| Kape technology? sounds like another shell company from NSA
| krono wrote:
| This is like your kids' daycare being taken over by the local
| pastor who, not long ago, was caught in the act with minors under
| his care (and since promised to do better - with nothing much to
| show for it).
| jstummbillig wrote:
| I am so very confused with the recent ubiquity of VPN. I
| understand VPN. What happened that everyone needs or is at least
| being convinced they need VPN? Why has it become a product worth
| being marketed to consumers on every channel? Is this a bubble?
| Is it a money laundering scheme? Seriously, what is going on?
| ElectronShak wrote:
| Accessing geo-restricted content is probably one of the
| reasons. A lot of VPN services use this line while advertising.
| Hamuko wrote:
| Accessing geo-restricted content is a minority of the VPN
| advertising that I come across. Most of the VPN marketing I
| see is a combination of "security and privacy", "online
| banking", "hackers", "private data", "snooping ISPs".
| Philip-J-Fry wrote:
| They won't advertise that they can access geo-restricted
| content like Netflix because Netflix is constantly cracking
| down on VPN providers and blacklisting IPs. But it's
| definitely one of the bigger use cases.
| btkramer9 wrote:
| I've always thought it was like a smoke shop. They say
| their products are for tobacco but everyone knows what its
| really for. Same with VPN, they say it's for all those
| things above but accessing geo-restricted content seems
| like the real reason.
| Hamuko wrote:
| Well, if I see a list of "good privacy-focused VPNs" on
| like TorrentFreak, then I'm pretty sure that they mean
| "these VPNs are good to route your torrent traffic
| through". But I do actually doubt that people watching a
| video on YouTube are going to get the "watch Japanese
| Netflix on ButtVPN" subtext when the advertising blurp is
| "ButtVPN protects your online banking against hackers".
| It's not like it's actually illegally to promote a VPN
| for bypassing geoblocking, so if that was the main driver
| of customers, they'd really use it a lot more often.
| input_sh wrote:
| They can't promise that because companies like Netflix
| constantly blacklist their IPs. They can make a general
| statement like "view geolocked content", but being
| specific and then not delivering will lead to a lot of
| resentment from new users.
|
| Well it's either that or make every user an endpoint to
| go around the IP blacklist like that one provider did,
| but I can't remember which one.
| Philip-J-Fry wrote:
| Bypassing country firewalls. Accessing Netflix content from
| other countries. Protecting yourself when torrenting.
|
| It's also sold using the same scare tactics that Anti-Virus is
| sold. By making people think their connections are insecure
| unless they use a VPN. So it pulls in a lot of the less tech
| savvy people who will most likely just use it for Netflix and
| further encrypting their traffic.
|
| I don't think it's a bubble because countries are trying to
| implement all these weird laws and monitor the internet more
| and more. The UK for example wanted to introduce identity
| checks for consuming Porn. They can't do that when you can VPN
| to some other country.
| mbesto wrote:
| > Accessing Netflix content from other countries.
|
| Are there any VPN services that actually do this? AFAIK all
| of them get blocked (i.e. they are known IPs). I've even
| tried to spin up a Digital Ocean server to route my traffic
| and Netflix blocked it.
| penagwin wrote:
| Yes! However it gets a bit complex, as they're using dns
| based geofencing so there's some extra steps.
| mbesto wrote:
| Can you expand? Which VPN allows you to get Netflix to
| another geolocation.
| ccn0p wrote:
| It seems to me that, at least speaking for the US, there is a
| massive demographic that is becoming increasingly skeptical and
| weary of "big tech", and VPN companies have targeted this
| demographic with panacea solutions to stop big tech's ability
| to track you, etc etc. ExpressVPN has been all over the air
| waves in conservative radio.
|
| Although I don't mind people practicing safe hygiene, little do
| they know a VPN has very little to do with big techs ability to
| actually vacuum up data about them.
| ccn0p wrote:
| also... the VPN seems to be the modern day antivirus of
| personal security.
| sophacles wrote:
| I set my DNS to 8.8.8.8 and 1.1.1.1.
|
| When nxdomains resulted in me landing on some page from my ISP,
| I started using a VPN. I'm perfectly fine with my ISP snooping
| my traffic IFF all they get is gibberish.
| nlitened wrote:
| For someone living in Russia, having a VPN is essential for
| browsing if you want uninterrupted access to all international
| websites at full speed.
|
| And I think that number of countries with internet restrictions
| is growing, not shrinking.
| switch007 wrote:
| Where to begin. I don't trust my ISP not to interfere with my
| packets. In the UK, things like google and imgur get proxied
| through a centralised filtering engine, ISPs hijack your dns,
| throttle your traffic based on your activity, blacklist sites
| using DNS. Who knows what they'll record for the government and
| the retroactive laws they may pass?
| vmception wrote:
| Since GDPR in 2018, simply reading the news requires a VPN.
|
| Many other benign aspects of life need it too, if the same
| conveniences are desired with no adjustment.
|
| It's nice if you haven't noticed.
| InvaderFizz wrote:
| There are quite a few overlapping targets for VPNs: - People
| that use Torrents - People that travel (geo-restricted content,
| country level blocking of services/sites) - Local firewalls
| that block things for no good reason. - People that think a VPN
| keeps them safe from "bad guys".
|
| I recently engaged in some infrastructure consulting work for a
| small startup(10 people). They're 100% distributed, no office,
| everything operates out of Google Drive, Docs, and Gmail.
|
| One of the first questions they asked was if they need a VPN to
| keep their corporate communications and file transfers secure.
| jcadam wrote:
| Didn't know this. And I'm an expressvpn user. Anyone know of any
| good alternatives?
| smiley1437 wrote:
| Mullvad
| [deleted]
| forgithubs wrote:
| If that would happen to my VPN service, I would disconnect in a
| heartbeat.
| qwertyuiop_ wrote:
| Signal is a Qinetq front
| boramalper wrote:
| Also:
|
| > ExpressVPN says in a statement that it knew the 'key facts' of
| the employment history of one of its executives, Daniel Gericke.
| On Tuesday Gericke was revealed in court records to have worked
| on the UAE's hacking and spying operation
|
| > https://www.vice.com/en/article/3aq9p5/expressvpn-uae-hackin...
|
| https://nitter.net/josephfcox/status/1438127822883729412
| [deleted]
| 0-_-0 wrote:
| "Daniel has a deep understanding of the tools and techniques
| used by the adversaries we aim to protect users against, and as
| such is a uniquely qualified expert to advise on defense
| against such threats. Our product and infrastructure have
| already benefited from that understanding in better securing
| user data,"
| penagwin wrote:
| Yeah it's a tricky one isn't it? On one hand many of the best
| security researches are ex-state employees, and many of them
| go from that into the private sector. On the other hand it
| makes it sound like they are friendly with potential
| adversaries.
| boramalper wrote:
| People are also against to see an ex-spy employed by a
| company that promises (to some degree) to protect their
| customers from the abuses of such governments--there is
| also a moral angle to it. "Daniel has a deep understanding
| of the tools and techniques used by the adversaries"
| because, well, he was one of the adversaries. It's like a
| private security company employing a former criminal.
| mindcrime wrote:
| _It 's like a private security company employing a former
| criminal._
|
| I mean... would you hire Kevin Mitnick's company? Lots of
| people do (apparently, considering they've been in
| business this long), but yet he's a former "criminal". It
| really is a tricky analysis. Who knows hackers better
| than a former hacker? But how can you trust a "former"
| hacker? Hmm...
| boramalper wrote:
| I agree that the analysis is tricker though I disagree
| that Kevin Mitnick is an appropriate example--Mitnick is
| quite innocent in the scale of what Gericke's employer
| (Signals Intelligence Agency [SIA]) has done[0][1], even
| if we were to exaggerate Mitnick's crimes.
|
| [0] https://en.wikipedia.org/wiki/ToTok_(app)#Surveillanc
| e_tool_...
|
| [1] https://www.reuters.com/investigates/special-
| report/usa-spyi...
| mindcrime wrote:
| That's the reason for the quotes around "criminal" above.
| Mitnick turning "white hat" just happened to be the first
| (roughly) analogous example that popped to mind.
| duped wrote:
| I feel like the threat model for consumer VPNs doesn't
| include state actors
| croshan wrote:
| You don't? I don't think activists only use TOR, I'd
| imagine they layer a VPN on as well, they're not mutually
| exclusive.
| fragmede wrote:
| The threat model for "I want to watch Netflix in a
| different country than the one I'm in" is totally
| different from "I'm Edward Snowden and the CIA wants my
| ass". Consumer-grade VPNs protect against the first
| "threat" alright, but it's a totally different ball game
| to protect against an APT like the NSA/CIA, who will
| break into your VPN company's office in the middle of the
| night and replace all of the computer keyboards with
| exact replicas that have a keyloggers inside in order to
| get access to your data.
|
| See also: https://news.ycombinator.com/item?id=25914734
| [deleted]
| KoftaBob wrote:
| I'm noticing a trend here:
|
| 1. NSO Group aka the "use our tool to hack activists/political
| opponents"-as-a-service company, is founded by *former members of
| Israeli intelligence and their Unit 8200*.
|
| 2. Kape Technologies, whose software is labeled as malware by
| companies such as Malwarebytes and Symantec, founded by *former
| members of Israeli intelligence Unit 8200*
|
| 3. Black Cube, the spy-for-hire company that the likes of Harvey
| Weinstein hired to collect dirt on those suing him: founded by
| *former members of Israeli intelligence Unit 8200*
|
| Needless to say, it's looking like using HolaVPN, an Israeli P2P
| VPN (founded by, you guessed it, *former members of Israeli
| intelligence*), is a colossally bad idea.
|
| I'm fully aware that Unit 8200 alumni are very prolific when it
| comes to founding tech startups in Israel in general, but that
| doesn't change how brazen their industry is when it comes to
| selling sophisticated spyware to very bad people/governments.
| belter wrote:
| Here is another trend/hint...go to LinkedIn and search, how
| many ex-Unit 8200 now work doing Software Development at
| ...Apple.
| flixic wrote:
| Looks like we have a VPN duopoly forming:
|
| - Kape with Cyberghost, PIA and ExpressVPN
|
| - Tesonet with NordVPN, and allegedly a couple more most known,
| but there is no strong proof, so I'd rather not list them here.
| majani wrote:
| Hidemyass was the only one that has nodes in all the countries
| the entire world last time I checked
| blablablub wrote:
| Nice. The NSA has to spend billions to wiretap the internet and
| fish for valuable data. Kape only spends 1B and has probably a
| much higher percentage of traffic they are interested in. And the
| best thing is the users are actually paying them...
| NautilusWave wrote:
| So what VPNs does Kape own now, besides ExpressVPN and PIA? The
| article stub mentions a buying spree but the full article seems
| down.
| rocky1138 wrote:
| Mullvad is great. No conflicts of interest, just a happy user.
| NiekvdMaas wrote:
| Cyberghost was their first VPN service
| schleck8 wrote:
| - Cyberghost
|
| - PIA
|
| - ZenMate
|
| - ExpressVPN
|
| And unless I interpret the article incorrectly, they bought all
| of these over the last 3 years.
|
| They also bought VPN review sites (affiliate marketers as I
| prefer to call them) and changed the rankings, according to
| this article:
|
| https://restoreprivacy.com/kape-technologies-owns-expressvpn...
| NautilusWave wrote:
| Conflict of interest is a totally legit business strategy!
___________________________________________________________________
(page generated 2021-09-16 23:01 UTC)