What kind of 'trade secret information' could a vpn provider be blackmailed with though? What kind of information could you gleam as the owner of a 'service provider' for such a use? I'm suffering from an apparent lack of imagination here.
Either way, this looks pretty messy and as a NordVPN user, I'm surprised how amateurish this all seems.
I used NordVPN for about a year a couple of years ago and I found their quality of service unsatisfactory. I've been using ProtonVPN for about a year now and I've been very satisfied. But that's just my personal experience and YMMV.
> Within an hour of this in-person and unannounced visit, the same TorGuard
contractor received unsolicited correspondence from an employee at NordVPN. This
correspondence stated that NordVPN had received certain of TorGuard’s confidential and trade
secret information and requested to set up an instant message chat to discuss this with TorGuard.
Also, according to both parties they communicated with each other with evidence. So all either party has to do to claim their innocence is submit the emails/communications they claimed to have.
The DDOS part I'm very weary about. What evidence does torguard have that NordVPN was the one carrying out the DDOS attacks? I'll admit I haven't thoroughly examined the entire document, but they don't really seem to state how they know NordVPN was behind the attacks, they just list the dates they were attacked. Given the nature of DDOS attacks, they could be from anyone.
I'm more inclined to say they don't know who it was, but pointing fingers, and Black Friday to maximize the potential damages reward.
The legal case also says "unknown individual"; so they could be a run-of-the-mill reporter or something.
A lot of what Torguard is saying in the case is pretty benign. An email from header can be faked, trade secrets, if left on the open web... aren't really secret anymore.
Nord isnt in a clean place either. Their response is making claims that the legal case doesnt even touch.
The end result if you actually fall for their bullshit is that your IP space will be listed in every RBL until the end of time, and will have a bottom 5% rank in every IP space reputation/antifraud system until the heat death of the universe.
Every time I've been approached by these clowns, I've spent a cursory 3 to 5 minutes trying to find an actual business behind it (names of real humans, street address that isn't just a mailbox, location of real ISP infrastructure equipment at some real IX points) and failed to find anything resembling a legitimate ISP.
Also, is there an "affordable" way to own an IP?
Interesting. I mean, Tor was was originally developed by the Navy as an OSINT tool, and later released because an "anonymity" network only used by the Navy isn't very useful.
More and more often non-state actors are doing what used to be in the purview of intelligence services, so it passes the sniff test.
But without specific evidence all I'll say is "plausible, but unconfirmed" :)
Or oxylabs.io who I think owns luminati?
I'm also aware that many of the VPNs are owned by the same parent companies.
And also that VPNs are ridiculously over marketed. They don't "add security" for most people, they just move who you're trusting from your ISP to the VPN company. Right, like I want to trust a company registered in Panama with no other existence outside of this year not to sell my data.
tl;dr - I don't trust any of them. If I want a "VPN" I just ssh-tunnel into a VPS from an established company that I purchase with a different account. Could the VPS provider do fishy stuff? Sure, but I trust them a lot more then these "VPN" providers.
Between your link, and the luminati faq's, I definitely have more questions then when I started looking at these articles.
I asked, and they are only interested in partners with 100k active users a month. They REALLY REALLY wanted to talk to me over skype. Right, like a legitimate company with that many users is going to use luminati.
The use case of luminati is almost entirely grey/black hat. Their history is laughably sketchy. Unless anybody knows of any apps that use the SDK and ask for permission, I suspect that FAQ page is just for show. Again you have to be a big player to even use it, it's not a stretch to believe they don't "enforce" the consent rule.
For non-state actors my "data" is gone. You'd need a warrant to get data from my VPS provider, so for most of the common threats I'm pretty anonymous to non-state actors.
Maybe you don't want your employer to see everything you search? Interestingly for programmers the ssh-tunnel is perfectly explainable, especially if you do most of your browsing in the clearnet, and only some over your ssh-tunnel.
If your threat model includes state actors (doing something illegal hmmmm?) then I would recommend doing something a bit different, but for what most people are using services like Nord for ssh + vps should be fine.
EDIT: If yall are torrenting then just get a 10$/mo seedbox, you'll thank me later.
One option is to use basically any provider + prepaid visa cards. Just access the website over tor or a VPN you semi trust. Sure it's technically traceable but not without a lot of trouble.
Keep in mind that once the VPS provider is issued a subpoena they still have access to your connecting computer's IP. They then have to issue a subpoena to your ISP for your account information. The only way to hide your IP is to use a proxy or a vpn... Oh wait, yeah that's the issue. See 
I personally just recommend using whatever you'd like, Vultr, DO, scaleway, etc. Feralhosting isn't anonymous but they uh... don't care what you really use it for cough torrents cough.
 If you're REALLY trying to be fully anonymous then you'll need to put on your blackhat. I would start with planting a raspberry pi in a business, library, coffeeshop, etc. You can use that IP as a starting point. You won't want to use only that one IP most likely, so you're going to need more proxies/servers, most common method is botnets. This really isn't worth the trouble to 99.9999% of people.
Edit: I guess I'm estimating there are ~7,000 people in the world who it's worth the trouble to do.... Actually that might be accurate, cool! :D
Honestly I don't think the extra step is worth it since the VPS will still know your origin IP in the event of a subpoena anyway.
You could try https://privacy.com but ironically I doubt it'll help much in terms of privacy. (I use privacy for
convenience, as it essentially mitigates your card numbers being leaked - they're locked to the vender and you can impose spending limits)
Unfortunately I doubt there's many people who want 100% privacy that you'd want as customers if you're a VPS provider. I know Vultr accepts crypto but you have to prove your identity first (still great if you're a crypto advocate as privacy isn't the only benefit).
Otherwise you're stuck with resellers and grey-market providers. You could try "bulletproof" hosts from various uh-greyhat-forums but trusting those is very mehhhhh.
VPS providers can log connections and you won't really know how long they retain the data until it matters.
EDIT: I realized this question might be confusing in this context. I'm not talking about torrenting large files (which you wouldn't want to do over Tor). I'm just wondering if it's possible to run a VPS with 100% anonymity.
I'm thankful that linustechtips seems to evaluate their VPN sponsors at least. I believe they dropped tunnelbear in favor of PIA because of similar concerns.
PIA has cross pollination with IP blocks owned by Micfo subsidiaries as well. They're all like 2 degrees away from each other.
"35. The DDoS attacks directed against TorGuard were based upon the Information—
the nature and way they occurred and were timed made it patently obvious that the attacker had obtained the Information from Collective 7 and was utilizing it as a roadmap for DDoS attacks."
If those were infrastructure IP's, and not otherwise public, that would certainly make more sense as to how Torguard believes Nord was responsible.
I know they used the timing like Black Friday as evidence that it was a competitor carrying out the attacks, but they have lots of competitors, so I was really confused as to how they settled on Nord as the attacker.
1) Someone supposedly "gave" them the URL. They do not state how they found it, or how it was related to TorGuard. So who gave it to them? The Collective 7 hosting company? It appears Collective 7 was selling "Residential Solutions for VPN Providers":
2) Did they ask TorGuard to censor Youtuber "Tom spark reviews"? It seems he is critical of them:
Tom Spark was also doxxed by the ProtonMail Reddit rep for posting videos they did not like:
Found the link here:
So it doesn't surprise me that NordVPN (Proton) wants this Youtube Streamer's videos and blog taken down.
Shouldn't NordVPN and Proton uphold user privacy and fight against internet censorship? They are doing the exact opposite here and that is very troubling.
I was able fact-check his claims, since I am from the city where Tesonet is based, and found none of them to be completely false or baseless. It turned out to be an open secret in the local tech community.
I think it's a normal practice in every industry to try to find out who your competitors really are. Whether that information should be made public or not is a different question, but it doesn't make it inherently false. Instead of naively believing in carefully crafted rebuttals, people should try to verify the facts by themselves.
Even taking into account the insanity of legalese that lawsuit was... wordy, at best. Poorly organized and repetitive would also apply.
Is TorGuard related in any way to the “tor” project?
Answer: No, The reference to "tor" in TorGuard relates to "torrents" and guarding one’s privacy when using bitorrent. We are not related in any way to the “tor” project however the company does support through donations.
This whole thing sounds sketchy AF for NordVPN. While not technically illegal, just approaching a competitor's employee unsolicited at their home (!?) has red flags all over the place.
According to TorGuard's blog post they stole information from an install script that was allegedly used at C7 hosting:
An installer script could easily give an attacker insight into internal TorGuard IP addresses that would otherwise be hidden.
My guess is these internal IP addresses from whatever was stolen were targeted with DDOS.
That's easy. A VPN provider has access to all kinds of juicy information, such as who their customers are and what they are up to online.
They may have been compromised already, they may sell user data. There are all kinds of things that could be going on that would definitely be stuff they could be blackmailed with.
Whether any of that is the case remains to be seen.
Edit: Perhaps the unimpeded sale of these "hacked" accounts leads indirectly/directly back to someone inside NordVPN? A dirty "trade secret" they wouldn't want revealed..? Seems farfetched but they have not proven themselves trustworthy in the past.
They could find internal targets for DDOS to disrupt the competing VPN service so users get kicked off or can't login. If you can't use what you paid for most would ask to cancel.
Ddos attacks like this occur in any competitive space, but what bothers me here is the hosting company Collective seven appears to have betrayed a client's trust for competitive gain.
With such dishonest practices by hosting providers these days it makes me wonder what is really going on.
I mean... How are you involved? Why would NordVPN allegedly blackmail TorGuard to get you to stop posting negative things? What leverage does TorGuard have over you?
They are also in the news a lot for various things and I make sure to cover it whereas other VPN affiliates don't (most VPN affiliates are aligned with 100% based comission VPNs like Nord).
I summarized the entire story with 3 videos if anyone wants the full story. Or the latest take on Nord's blog post here (which I believe to be complete bull) :https://www.youtube.com/watch?v=icD3Bva7xtY
-Speed: During my testing with PIA and TorGuard, PIA was consistently 50% faster.
-App: The TorGuard app is lacking in features and poorly designed.
-Price: It's substantially more expensive than most providers.
-Reputation: They've had not too great a reputation for a while now
I do not believe that you are an objective party here.
According to comments on his review they've also added Google trackers/capchas to their login page, something you wouldn't see on a reputable provider.
Give me a break...
App - The app's design is fine, a bit old school, but easy to use and updated within the last year. It also has a ton of security features (app + network switch), streaming IP integration, and the list goes on.
Price - It's the same price as PIA now, and with my discount code "tomspark" which isn't unique really, since TG has thousands of 50% off codes floating around, its $5 a month compared to $10 a month with PIA...
Reputation - TG's reputation has been flawless. They don't make any false claims and are honest about their jurisdiction, as well as a no logs policy.This is why so many VPNs try to buy them out (as claimed in the TG lawsuit document)..The fact they are sueing another VPN for blackmailing them is a good thing IMO. They are showing some balls. The fact so many VPNs are trying to DDOS TorGuard as well, shows they are doing something right.
So yes, I am an objective party. I have been reviewing VPNs since 2015, and have re-reviewed more than 20+ VPNs this year alone.
Not to mention TorGuard only has an affiliate commission rate of 30% which makes it lower than most any other VPN in the industry (proving that I am not a sellout like other reviewers).
In regards to price, no one in their right mind should pay for a VPN monthly.
PIA is $84 for two years.
For one thing, I don't think nordvpn would care about the 5k bug bounty.
From reading https://restoreprivacy.com/torguard-nordvpn-lawsuit-blackmai... it seems like there are quite a few serious allegations that are so absolutely ridiculous that it has to be nonsense or so ridiculous they're likely to be true.
Also, suing the wrong company is a big oversight. That's really sloppy work and doesn't inspire a lot of confidence.
You just posted a link to a blog that rates NordVPN as it's #2 rated VPN, and hasn't even reviewed TorGuard yet, so that source is not credible at all.
We're not comparing service quality so I don't understand what them not having reviewed TorGuard has to do with anything.
FWIW, I think the link posted was clearer and fairly objective.
I 'll also add that the other video you made: https://www.youtube.com/watch?v=lwHssMNEWMg is more useful because it addresses some questions I had like why NordVPN would think to remove your video through TorGuard and if they had reached out to you directly.
All in all, very strange situation and I am interested to see how this pans out.
News has to be objective. He doesn't mention how A) NordVPN was given a file instead of the file being given to TorGuard first which is extremely weird, B) NordVPN does not mention showing up to TG's house C) Why would NordVPN help TG fix a bug when the two companies have been butting heads for years now? D) NordVPN admits in the blog post that they started the conversation in hope TG would stop "defaming them" which is basically an insinuation of blackmail. E) NordVPN has not denied any actual relationship to Collective Seven yet. I could continue down the alphabet, but you get the picture (watch my video on it).
You're not biased at all are you Mr. TorGuard Affiliate?
Mr. TorGuard Affiliate that lists only one VPN (TorGuard) on his website as "God Tier", what a joke.
They have ISP-level arrogance, without the lock-in. I have no idea how they're still in business.
So I'd be very inclined towards believing this story.
I imagine it's good marketing. They sponsor a lot of Youtube videos.
This story doesn't make me happy with NordVPN or TordGuard as a service however.
Reading NordVPN's side of the story, I wouldn't be inclined to believe either story until the truth has been pulled apart in court. 
I have a TorGuard account, and I use the VPN an awful lot - it's the default connection on the machine I'm currently writing on. Been using for a couple of years, and never once have I seen trouble or even inconvenience, save the obstacles a few sites choose to set up based an ip address. Nor with billing. They mail me an invoice. I pay. Stuff just works.
Your own VPN is the correct answer. If you have a fast enough symmetric link at home then just run a small machine there (or your router/sec appliance may support it) or else get a ~$5 VPS from OVH/DigitalOcean/Scaleway/Amazon/Google/MS or whomever you like and run WireGuard on it. Or if you want something more turnkey with IKEv2 support (if you have devices that can't use WG) then check out Algo .
But there is likely no need for or reason to use a "VPN provider" if all you're looking to do is shift your virtual entry point to the internet from the edge, and lots of good reasons not to. The only real exception would be if latency is a major concern, you travel very widely and don't want to deal with any extra hassle setting up a solution to move between regions. In that case might be worth keeping an eye on CloudFlare's "Warp" solution , which will probably be about as good as it gets in that regard since they've got infrastructure worldwide and will be able to route well.
But I'd definitely suggest checking out running WG (alone of via Algo) yourself. It really is straight forward.
A VPN with a focus on WiFi protection. MacOS and iOS only for now, I'm working on Android and Windows too. Send me an email for a test account if you'd like to try it out: firstname.lastname@example.org
For do it yourself the best option is algo.
even if you have to splurge in one country or another with bad monopoly cases (e.g. visiting the usa) it's still better than using a combination of open wifi + shady vpn (all of them)
> NordVPN threatened to release TorGuard’s confidential and trade secret information that was obtained by NordVPN from Collective 7— who, in turn, obtained this information during the time TorGuard utilized Collective 7 as a service provider. NordVPN threatened to release this information unless TorGuard forced or coerced a third party into silence, as this third party was publishing legitimate criticisms of issues associated with NordVPN’s business practices.
If true this reflects very poorly on NordVPN. How much criticism did they manage to suppress successfully until someone sued for blackmail?
Given C7 is involved as well I’m very confident it’s true.
NordVPN has sent legal threats to many Youtubers and bloggers anytime they don't like what's written.
NordVPN and ProtonVPN are enemies of free speech and open internet.
So nord is shitty for digging up dirt on torguard because they were mean to them online and torguard is shitty for having these vulnerabilities in the first place. Are there any vpn services run by a company that is neither slimy nor incompetent?
A bunch of hackers in Sweden. You can pay without exposing any information about yourself and they support wireguard (even help pay for and doing their own development on it).
I meet some of them personally on hacker conferences as well and they knew what they were talking about.
It's been the only VPN provider that has ticked all my boxes.
That said it would be a feasible yet simple story to fabricate. The details aren't that important, just saying "we found a file with ip addresses that had services open with no password" is plausible but also not that specific.
Seems like all they need to do is publish their communication now that the vulnerability has been fixed?
Anecdata, but from couple stories from people who worked/interviewed at VPN providers - I believe that in couple years we'll start see same horror stories of private data issues, like we are having with social network and internet ad businesses today.
EDIT: apparently my anecdata is not anecdotal . When it's race to the bottom for consumer pricing - your bandwith is resold (or at least there's capability to do that) for botnet purposes.
The plain fact is that you don't know what they are doing, it's impossible to know.
If they ever find a way for an introspective verification/validation of configurations coupled with the connection itself (or whatever mumbo jumbo), then we can talk again about middle-men's trust.
For example, when I tried Kodi (as a non-piracy living room media box starting point) a couple years ago, one of the reasons I gave up on it was that it seemed almost every Web search for technical questions would be filled with hits for VPN affiliate pitches. I also found forums, such as on reddit, filled with shilling, drama, and intrigue about VPNs, including some prominent ones. Then there was the related scandal of Facebook targeting children with a "VPN" surveillance channel, and there's really no assurance that many VPN providers aren't doing a similar thing.
I suspect there are some legitimate VPNs, but I decided I actually trust free Tor more than any random VPN, for some casual degree of protection against snooping open WiFi and ISP.
> It all started when we received information that led us to finding a TorGuard server configuration file lying in the open on the internet.
It's highly doubtful that's some random person will send some security vulnerabilities about a company to another unrelated company. It's more probable that NordVPN had its own team trying to hack or at least test Torguard defenses. That makes the DDoS allegations more believable.
When I had a small web-crawling/automation business we'd get quite few emails like that oferring all sorts of datasets and security holes for sale. We never responded (people already have a hate boner for web-crawlers lol).
Maybe someone with more gray/black hat infosec knowledge could comment on plausability on this but honestly I wouldn't underestimate black hat sales skills :)
I've heard such shady stuff about NordVPN that I would never trust them with their data, also would never trust any other VPN provider.
EDIT: I thing I've found it:
I was informed before not to use NordVPN for their (anecdotal) shady practices, but the fact that ProtonMail is in this crap too - I do not know who to trust anymore when I am buying "privacy" online.
ProtonVPN in particular has been vetted by third parties such as Mozilla, and is operated very transparently as outlined here: https://protonvpn.com/blog/is-protonvpn-trustworthy/
The location of Proton offices for example, has always been publicly disclosed, the directors of the Swiss parent company Proton Technologies AG, and the company's CERN roots, etc, are all in public record.
The fact that hundreds of Twitter bots were used to spread the allegations is rather strong evidence that there was indeed a smear campaign. Details about this here: https://protonvpn.com/blog/is-protonvpn-trustworthy/
EDIT: After some brief hunting I found a HN comment with some scattered information about them possibly being based in Lithuania . Not sure what to think about that personally.
If you are having an issue, it would be worth stating:
• Do you have the above-mentioned CA in your trust store?
• What OS/browser are you using?
• Are you using any middle service, be it local (like virus scanning) or network-level (like a middlebox/proxy)?
Wouldn't this only just barely cover court/lawyer costs?
Apparently its a torguard-vulnerability. To tag a vulnerability as 'trade secret',
and the fact that the disclosure process involved threats (allegedly) is a very bad reflection on both of them. Why should I trust either of them to handle security vulnerabilities responsibly in the future?
Collective Seven (C7) is related to a very long list of VPNs, including Nord, yet NordVPN has denied knowing them.
> Anyhow, how is that Nord the bad guy now and everyone forgets the fact that they just wanted to let torguard know about their own vulnerability to fix?
It looks bad because they tried to force censorship in exchange for a non vulnerability. Torguard has a bounty program but instead Nord sent someone to the Torguard employee's house and tried to intimidate them into silencing a Youtuber.
It appears Nord knew what they had was not a vulnerability but still wanted use it as leverage for taking down the Youtuber's videos. This is censorship at it's worst.