🆕 Software Suggestion | OVPN #2031
Labels
No Label
🔍🤖 Search Engines
approved
dependencies
duplicate
feedback wanted
high priority
I2P
iOS
low priority
OS
Self-contained networks
Social media
stale
streaming
todo
Tor
WIP
wontfix
XMPP
[m]
₿ cryptocurrency
ℹ️ help wanted
↔️ file sharing
⚙️ web extensions
✨ enhancement
❌ software removal
💬 discussion
🤖 Android
🐛 bug
💢 conflicting
📝 correction
🆘 critical
📧 email
🔒 file encryption
📁 file storage
🦊 Firefox
💻 hardware
🌐 hosting
🏠 housekeeping
🔐 password managers
🧰 productivity tools
🔎 research required
🌐 Social News Aggregators
🆕 software suggestion
👥 team chat
🔒 VPN
🌐 website issue
🚫 Windows
👁️ browsers
🖊️ digital notebooks
🗄️ DNS
🗨️ instant messaging (im)
🇦🇶 translations
No Milestone
No Assignees
1 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: privacyguides/privacytools.io#2031
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Basic Information
Name: OVPN
Category: VPN
URL: ovpn.com
Description
Why I am making the suggestion
...
My connection with the software
I don't believe they've undergone any external auditing.. which is now necessary. I noticed they advertise that Vilfo, incidentally does have a bad track record.
They did have a reply, https://www.vilfo.com/ctrlblog seems that OVPN and Vilfo have some kind of arrangement. I don't believe a product should have ever been released with those problems.
I don't think you should tie Vilfo to OVPN. There is zero requirement to use Vilfo with OVN. You can use Wireguard, or OpenVPN or OVPN's own client.
Furthermore, the Vilfo issue you highlight is 2018 ! That's centuries away in digital speak !
Also as a positive, they are currently subject to quite an aggressive lawsuit where the claimant has hired a pentester to prove they have something to hide (https://torrentfreak.com/anti-piracy-outfit-hires-vpn-expert-to-help-track-down-the-pirate-bay-200821/).
I would suggest that if the pentest company comes up with nothing that would effectively be an external audit ! The fact OVPN are quite happy to defend this case rather than cave in shows a lot for how confident they are in the security.
It most certainly isn't.
External audits methodically test each part of the network. Granted access at certain levels to simulate what would happen if an adversary attained that access.
In the this kind of business you only get one chance to do things properly. You don't release half-baked products.
People argue about things all the time in court, when they are wrong. This isn't an indicator of anything.
Where's the ProtonVPN audit then @dngray !
You can't have one rule for them and another for everyone else. The Proton apps have been audited, not the live service.
Additionally Mozilla employees checked out the service:
Generally I would also put far greater trust in ProtonVPN/ProtonMail as they actually have cryptographers, maintaining a lot of codebases, ie OpenPGP.js etc and are not just deploying some VPN software on servers (which any sysadmin can do).
Additionally they seem to advertise and advise customers to use closed source software.
Also, @udf2457 I've reformatted your issue. In future please use the templates provided, we have them for a reason.