The section from the "About" page of Tesonet (26 Apr 2018), which was suddenly removed in June 2018 after the connection between ProtonVPN and Tesonet was made public by the co-founder of PIA:
"For the latest project, Tesonet is working together with an international brand from Switzerland to create a security product that helps users protect their network traffic. As part of this technical partnership, we are collaborating on datacenter and network infrastructure that can easily supply 10 Gbps worth of bandwidth to users around the world. The product is developed using the latest authentication encryption methods and the best practices in the security world."
As late as September 2018, NordVPN and ProtonVPN still become affected by the same extremely rare Windows security bugs at the same time, even though the CTO of ProtonMail claimed here on Hacker News, that they used Tesonet, a data mining company, for developing ProtonVPN, a free VPN service, only as "an office space provider".
> Everyone in Vilnius, Lithuania knows, that both, NordVPN and ProtonVPN, are being developed here by the people related to Tesonet
This is not true. Proton has staff in Geneva, Zurich, Skopje, Vilnius, and San Francisco. Years ago, we did sublease office space from Tesonet (one of the biggest IT firms in Vilnius) as alleged above, but there is no connection today.
ProtonVPN is fully developed (and owned) by Proton Technologies AG, the Swiss company that also operates ProtonMail. This can be verified in the Swiss commercial registry, which also lists all our directors: http://ge.ch/hrcintapp/externalCompanyReport.action?companyO...
3 and 4 are the only things I can see with any weight to them, yet they were brought up by a competitor (red flag), and vague enough not to be considered "evidence".
5 and 6 prove absolutely nothing. Both of these products use OpenVPN, which is what the vulnerability was in.
The vulnerability has nothing to do with Tesonet and I have not seen proof otherwise. Presumably other VPN services that also use OpenVPN could have encountered the same vulnerabilities. What makes you think that both having the same bug, because they use the same open-source system, is any kind of "proof"?
It's interesting how one can seem to provide a huge body of quotes and evidence for something- yet the majority of it easily deflates when viewed directly. We're gonna need more than this, much more. I'm not willing to 100% disbelieve you or dismiss your concerns outright- but if you're trying to convince people, this is a pretty weak effort.
You've made these claims before, you say ProtonMail's response is inadequate- could you elaborate on why? I thought it was relatively thorough and convincing, but am willing to see any holes poked in it
- ProtonVPN UAB lists Tesonet's CEO as a director [after: the company's name was changed multiple times in 2 months, and the director's name was hidden from the public view]
- ProtonVPN UAB is operated from Tesonet's HQ in Vilnius, Lithuania [after: the company's address was changed to a co-working space's located a few streets away, which doesn't require to relocate to use it]
- ProtonVPN UAB uses previous Tesonet's technical employees [after: still true]
- ProtonVPN uses IP address blocks that belong to Tesonet [after: these IP address blocks were assigned to ProtonVPN]
- ProtonVPN Android mobile app was signed by Tesonet [after: still true]
The ProtonMail's response on reddit was modified multiple times and locked, to prevent people from picking the holes in the narrative.
 https://news.ycombinator.com/item?id=17258203 ["showdead" must be enabled in settings to see the entire thread]
There are even photos from Mozilla's visit to Proton HQ in Geneva:
Proton does have an office in Vilnius (one of 6 offices globally), but the bulk of our staff works in our two Swiss offices.
Is Tesonet's CEO still the director of ProtonVPN UAB, more than 2 years after the incorporation in July 2016? I can no longer check it myself, because the public record is now hidden. But it was still true in June 2018.
And how do you feel about partnering on a free VPN service with a company, which has been sued for multiple patent infringements in "Large-scale web data extraction products and services with residential proxy network" by the founders of another free VPN service, HolaVPN, who have publicly admitted to using it for exactly that?
These are nothing but facts backed by sources anyone can verify by himself.