There are lots of reasons to use a VPN to encrypt your Internet connection. Here are Golden Frog’s top 3!
1. No one likes a snoop
VPNs protect your privacy and prevent ISPs from monitoring and controlling your online communications and browsing activity.
2. What happens in your email, should stay in your email
VPNs encrypt your Internet connection, securing your connection on public Wi-Fi hotspots and mobile networks to prevent hackers and third parties from snooping.
3. Freedom rules
VPNs bypass firewalls and content restrictions to provide a free and open Internet for everyone.
The VPN industry is abuzz with talk of a recent study, “A Glance through the VPN Looking Glass: IPv6 Leakage and DNS Hijacking in Commercial VPN clients.” Conducted by a group of researchers from Sapienza University and Queen Mary University, this well-done study explores attack vectors against many of the most popular VPN providers, including Golden Frog’s VyprVPN.
While a study like this may initially seem like a deterrent from using a VPN, “perfect is the enemy of good.” Using a VPN is still safer than using nothing at all. In response to the study, here are 3 things Golden Frog wants you to know.
1. Golden Frog’s VyprDNS provides strong DNS hijacking protection.
A DNS run by the VPN provider is really important. A DNS run internally on the provider’s own network, like Golden Frog does, is even better. VyprDNS is hosted and controlled by Golden Frog as part of our mission to reduce reliance on 3rd parties, such as 3rd-party DNS services. VyprDNS provides exceptional privacy and security to users and is included with every VyprVPN account. The more external networks you remove from the system, such as 3rd-party DNS, the smaller the attack vector becomes.
2. VyprVPN apps protect against IPv6 leakage.
Providers with self-developed apps can deliver better control over security. Golden Frog’s apps take active efforts where possible to prevent IPv6 leakage, something that is difficult for providers that merely provide 3rd-party clients or simple configuration wrappers.
3. You are NOT anonymous when you use a VPN.
Golden Frog has been frustrated with VPN companies that advertise an anonymous VPN service. That’s why we published our “I am Anonymous When I Use a VPN – 7 Myths Debunked” article, and it’s good to see the researchers echo our concerns. Even when using a VPN, you must trust your VPN provider with the data exposed by your usage. Transparency creates trust. For over 6 years, we have been open and honest about the information we do and do not record to maintain a fast, reliable VPN service and how we protect customer information.
While the study reveals potential vulnerabilities in VyprVPN, it also notes that our attack profile is very small. We are currently looking into the issues raised in the study, and expect short-term fixes to be released as quickly as possible.
We also quarrel with the researchers claiming that TOR is a better option than a VPN. Golden Frog’s vision is to provide privacy and security for everyone, not just the technical elite. We focus on creating a modern, easy-to-use service that anyone can use. Simply login and connect. TOR is difficult to setup, has slow speeds and doesn’t make you anonymous. Even Tor admits that it can’t solve all anonymity problems. We don’t want Internet users to sacrifice performance or ease of use in order to protect themselves on the Internet.
“Nearly every press article that lists tips for being more secure online recommends using strong passwords and a VPN service,” said Sunday Yokubaitis, president of Golden Frog. “Through our partnership with Dashlane, we are allowing their privacy-minded customers to try our VPN service so they can determine if it’s the right tool for them to further protect themselves against hackers and data snoops. Furthermore, we’re thrilled to offer our customers access to the premier password management service in the industry.”
Dashlane securely stores passwords and other common personal information, such as email addresses and phone numbers, providing users with a seamless browsing experience with fast logins and easy form filling. With Dashlane Premium, users can sync and backup data across an unlimited number of PC, Mac, iOS and Android devices, share passwords with trusted contacts and get VIP support. Dashlane does not record the “master password” or any hash/derivative of it on its servers, so data can only be decrypted by the customer.
VyprVPN encrypts users’ Internet connections and enables them to thwart the data snooping and inspection of Internet traffic that is regularly practiced by governments and commercial ISPs. By encrypting the “last mile” (the connection between the user’s device/computer and the Internet backbone), users can better ensure their online privacy and open up an uncensored and secure Internet, no matter where they are in the world. Golden Frog owns the hardware at all their VPN server locations and manages its own network to deliver fast and reliable VPN connections.
“Dashlane and Golden Frog share a common mission: to offer people an easy, flexible way to protect themselves online no matter what device they use, and no mattter where they are in the world,” said Dashlane CEO Emmanuel Schalit. “Customers who take advantage of this partnership will arm themselves with two of the best services for the dangers of the online world.”
Exclusive Deal for VyprVPN Customers
Golden Frog is proud to announce that our partner, Dashlane, is offering VyprVPN customers an exclusive special. VyprVPN customers can get 6 months of Dashlane Premium, the world’s best password manager, for FREE by visiting this page and claiming the exclusive special offer.
What is a password manger and why do I need one?
A password manger, like Dashlane, uses encryption to store your passwords in a secure password vault. Instead of using the same few passwords for every online account – which is a hacker’s dream come true – Dashlane automatically generates a unique, complex password for each account, and remembers them all for you. Without using Dashlane to protect your passwords, hackers and 3rd-party snoops can use the same few passwords you use everywhere to log in to your private accounts, putting your identity at risk.
Dashlane is a simple solution that:
Secures your online identity across all your devices.
Remembers all your passwords for you, so you can stop forgetting and resetting passwords.
Logs you into your websites automatically, so you can stop typing your passwords.
Easily creates strong, secure passwords with a single click. No more remembering complicated, unique passwords and worrying if your passwords are really secure, random or unbreakable.
Automatically notifies you when a data breach occurs on a site you belong to, so you can use Dashlane to change your password instantly with a single click.
What makes Dashlane different?
“Dashlane values user privacy and features architecture, which prevents anyone, including Dashlane, from accessing users’ personal information.” – TheNextWeb
“…Dashlane is extremely secure, keeping your information private and encrypted.” – PCMag, Editors’ Choice
“The app fills in password, payment, and shipping specs with nearly twice the accuracy of its competitors.” – Popular Science
“Unlike other password managers, Dashlane encrypts your personal info and account passwords with AES-256 on local machine, and then syncs your account details with its online server, so that you can access accounts database from anywhere.” – Addictive Tips
What do you get with this Dashlane exclusive offer?
6 months of Dashlane Premium for FREE, for first time users
Dashlane is free to store and secure unlimited passwords on one of your devices. It frees you from the scribbled notes, spreadsheets and file folders you use to remember all your accounts. Dashlane simplifies secure storage of ALL your passwords – for life! Logging you in with a click, filling forms in a second and enjoying the security of automatically-generated passwords that can’t be guessed or cracked.
Dashlane Premium takes that power and multiplies it across all of your devices, making passwords and secure account access available on your phone, tablet, laptop, work computer and even on the web – everywhere you go! You’ll never forget another password.
You’ll never be at the office and think “I can’t pay that bill, I’ll write a note to do it at home,” because you’ll have your account info securely saved on your phone or work computer. You can take action when you need. With Dashlane on all your devices, all you need to do to keep them in sync and up-to-date everywhere is . . . nothing. Sync and backup are automatic and completely secure.
As a premium customer, you get premium support! Move to the front of the line and get a real person to help you with any issue you have. Dashlane’s VIP email address gives you same-day access to the help you need.
Last week, China’s government released a new draft of their cybersecurity law. Consistent with past regulations, the law gives the government expanded control over the Internet in China, granting the Cyberspace Administration of China and its director the authority to make sweeping Internet policy decisions.
While this is nothing new for the country, it is worrying to see the government’s control increase and to see existing censorship practices put into writing. The draft law upholds the longstanding content restrictions in China (pornography, political material, foreign sites and many domestic sites). It also includes a mandate for service providers to shut off Internet access during “major social security incidents,” and a requirement that companies store user data in locations within China.
“Laws of this nature are anathema to the continued operation of the Internet: they represent a move towards nation based “intra nets,” inhibit the proper operation of cloud computing platforms, and represent a disturbing trend towards regulation of content using technical measures,” said David Snead, Co-founder and Chair, Public Policy Working Group at I2 Coalition.
The proposed law may also have effects on foreign business. Although those effects aren’t yet clearly defined, they are concerning for the marketplace.
“Competition cannot occur when governments intercede in the marketplace to suppress foreign competitors and benefit local incumbents. Whether such intervention is in fact motivated by “public morals” concerns or is merely protectionism clothed as such, is ultimately irrelevant if it violates international commitments,” said Matt Schruers, Vice President Law & Policy, CCIA.
As a company committed to a free and open Internet, Golden Frog also finds these regulations alarming. Even more alarming are some similarities in the law to policies currently being debated in the United States.
“It’s interesting that China wants encryption backdoors, too,” said Sunday Yokubaitis, President of Golden Frog. “In some ways the USA is beginning to look more like China than Europe, especially as we continue to balance economics issues with national security interests.”
After a very successful public beta, the VyprVPN Router App is now available! Quickly and easily encrypt all the devices on your home network by equipping your router with VyprVPN. Our Router App even allows you to choose which devices use the VPN and which ones don’t.
Getting Started Is Easy
Follow these step by step instructions for equipping your router with VyprVPN*
Log in with your Golden Frog username and password
Done!
We always want to give users as much control as possible when it comes to their online privacy and security. That’s why we are happy to announce a new feature available for VyprVPN for Android – Connection Per App!
Connection Per App lets you control your VPN connection behavior on a per-app basis. Being able to fine tune your VPN behavior with Connection Per App allows you to optimize your overall device performance.
Want your banking app to use the VyprVPN connection but not any of your gaming apps? Want all of your apps to trigger VyprVPN to connect whenever you launch them? Now you can!
We’re happy to announce that VyprVPN for Android users can now use Port Selection! Configure which port the OpenVPN and Chameleon protocols should use for more reliable, successful connections.
Why Use Port Selection?
Before, VyprVPN used the default port when attempting to make a VPN connection. Occasionally the port will be blocked or throttled, compromising our users’ ability to successfully connect and encrypt their Internet connection.
Port selection allows users to access a wide range of UDP ports so that they can defeat this intentional port blocking or throttling. Manually or automatically scan for open ports to get more consistent and successful VyprVPN connections.
MyRepublic subscribers can get VyprVPN with 1 GB of free, recurring data usage per month, and get 25 percent off an annual VyprVPN subscription, which is $75 (USD) per year after applied discount.
“Internet users come to MyRepublic because they expect more out of their ISP,” said Cedric Gouliardon, CTO and Head of Product of MyRepublic. “They know we are an ISP that empowers the consumer. VyprVPN is a natural fit in the ecosystem of services we provide – a fuss-free and reliable way to help keep their online activities private, secure and safe.”
Golden Frog owns the hardware at each of its 54 VPN server locations around the world. It manages its own network to deliver fast and reliable VPN connections. VyprVPN encrypts users’ Internet connections and enables them to thwart the data snooping and inspection of Internet traffic that is regularly practiced by governments and data snoops. By encrypting the “last mile” (the connection between the user’s device/computer and the Internet backbone), users can better ensure their online privacy and open up an uncensored and secure Internet, no matter where they are in the world.
“Commercial ISPs around the world have been getting away with throttling user traffic, not providing the speeds they advertise, gathering and monetizing their customer’s private data, and providing poor customer service for far too long,” said Sunday Yokubaitis, president of Golden Frog. “That’s why it’s so pleasing to see an upstart like MyRepublic that provides a plethora of services to optimize the customer’s online experience. I think its customers will find VyprVPN to be a nice addition, and will be pleased they are able to get a reasonable level of online privacy without sacrificing performance.”
A blockbuster story at The Intercept Thursday revealed that a joint team of hackers from the National Security Agency and its British counterpart, the Government Communications Headquarters (GCHQ), broke into the systems of one of the world’s largest manufacturers of cell phone SIM cards in order to steal the encryption keys that secure wireless communications for hundreds of mobile carriers—including companies like AT&T, T-Mobile, Verizon, and Sprint. To effect the heist, the agencies targeted employees of the Dutch company Gemalto, scouring e-mails and Facebook messages for information that would enable them to compromise the SIM manufacturer’s networks in order to make surreptitious copies of the keys before they were transmitted to the carriers. Many aspects of this ought to be extremely disturbing.
First, this is a concrete reminder that, as former NSA director Michael Hayden recently acknowledged, intelligence agencies don’t spy on “bad people”; they spy on “interesting people.” In this case, they spied extensively on law-abiding technicians employed by a law-abiding foreign corporation, then hacked that corporation in apparent violation of Dutch law. We know this was hardly a unique case—one NSA hacker boasted in Snowden documents disclosed nearly a year ago about “hunting sysadmins”—but it seems particularly poetic coming on the heels of the recent Sony hack, properly condemned by the U.S. government. Dutch legislators quoted in the story are outraged, as well they should be. Peaceful private citizens and companies in allied nations, engaged in no wrongdoing, should not have to worry that the United States is trying to break into their computers.
Second, indiscriminate theft of mobile encryption keys bypasses one of the few checks on government surveillance by enabling wiretaps without the assistance of mobile carriers. On the typical model for wiretaps, a government presents the carrier with some form of legal process specifying which accounts or lines are targeted for surveillance, and the company then provides those communications to the government. As the European telecom Vodaphone disclosed last summer, however, some governments insist on being granted “direct access” to the stream of communications so that they can conduct their wiretaps without going through the carrier. The latter architecture, of course, is far more susceptible to abuse, because it removes the only truly independent, nongovernmental layer of review from the collection process. A spy agency that wished to abuse its power under the former model—by conducting wiretaps without legal authority or inventing pretexts to target political opponents—would at least have to worry that lawyers or technicians at the telecommunications provider might detect something amiss. But any entity armed with mobile encryption keys effectively enjoys direct access: they can vacuum up cellular signals out of the air and listen to any or all of the calls they intercept, subject only to internal checks or safeguards.
There are, to be sure, times when going to the target’s carrier with legal process is not a viable option—because the company is outside the jurisdiction of the United States or our allies. Stealing phone keys in bulk is certainly a much easier solution to that problem than crafting interception strategies tailored to either the specific target or specific uncooperative foreign carriers. Unfortunately, the most convenient solution in this case is also a solution that gives the United States (or at least its intelligence community) a vested interest in the systematic insecurity of global communications infrastructure. We hear a great deal lately about the value of information sharing in cybersecurity: Well, here’s a case where NSA had information that the technology American citizens and companies rely on to protect their communications was not only vulnerable, but had in fact been compromised. Their mission is supposed to be to help us secure our communications networks—but having chosen the easy solution to the problem of conducting cellular wiretaps, their institutional incentives are to do just the opposite.
Finally, this is one more demonstration that proposals to require telecommunications providers and device manufacturers to build law enforcement backdoors in their products are a terrible, terrible idea. As security experts have rightly insisted all along, requiring companies to keep a repository of keys to unlock those backdoors makes the key repository itself a prime target for the most sophisticated attackers—like NSA and GCHQ. It would be both arrogant and foolhardy in the extreme to suppose that only “good” attackers will be successful in these efforts.
