Hacker News new | past | comments | ask | show | jobs | submit login

I just tested with ExpressVPN via their Kazakhstan endpoint. On 46.244.29.XXX on the ISP A2B IP B.V. I don't seem to be MITM'ed at all, so I can't report anything about the MITM-detector.

Their Kazakhstan endpoint is fake; it's a 'virtual' exit node that's actually in Singapore. This info is buried in their help pages: https://www.expressvpn.com/support/troubleshooting/virtual-s...

This sort of misbehavior is, unfortunately, common to a number of VPN services that claim to have endpoints in many unusual countries. ExpressVPN has sort of owned up to it (but they don't exactly make those disclosures obvious); others have not.


Thanks for the report. Both I and Cloudflare[1] are interested in any updates. If you know your connection is being MITM'ed by your ISP or your government please do the test again if it is safe to do so.

[1]: https://twitter.com/grittygrease/status/1151921809417048064

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact