Hacker News new | past | comments | ask | show | jobs | submit login

So if the VPN providers are not entirely honest about where their servers actually are, what about their other claims, such as no logging?



They can submit to independent audit. ExpressVPN and IVPN have been audited by Cure53.[0,1]

0) https://www.expressvpn.com/blog/browser-extension-audit-and-...

1) https://www.ivpn.net/blog/ivpn-no-logging-claim-verified-by-...


Devils advocate. A VPN provider competent enough could make it appear they aren't logging during the time of an audit and then go "back to normal" afterwards.


True, but I've known Nick Pestell (IVPN CEO) for several years, and am confident about his integrity.


One note from the IVPN report is telling--not so much about IVBN, but of the limitations of an audit:

> While Cure53 has faith in the proper handling of privacy and the absence of logging on the IVPN project, the auditors empirically only confirm that the systems that they had access to displayed no evidence of logging.

Also keep in mind that the audit specifies the situation at a single point in time. There is no way to tell if things changed the next month. Or if law enforcement installed something that nobody could talk about.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: