Search the Community
Showing results for tags 'pia'.
Found 2 results
steven36 posted a topic in Security & Privacy NewsVPN provider Private Internet Access, which has a strict no-logging policy, has proven once again that it is unable to link online activities with a user's identity. The conclusion, which was revealed as part of a hacking trial in San Jose federal court, is the second time that the provider's claims have been successfully tested in public. In April 2017, San Francisco resident Ross M. Colby was arraigned in U.S. District Federal Court in San Jose following an FBI investigation into alleged hacking offenses. The 34-year-old was accused of hacking into several local media websites owned by Embarcadero Media Group including the Palo Alto Weekly and the Almanac. He was charged with intentional damage to a computer, attempted damage, and misdemeanor computer intrusion. According to the indictment, Colby illegally accessed Embarcadero Media email accounts in July 2015. Then, in September 2015, several of the company’s websites were hacked to display the Guy Fawkes image associated with Anonymous. The message “Unbalanced Journalism for profit at the cost of human right. Brought to you by the Almanac” was also left behind. Facing more than two decades in prison and fines totaling several hundred thousand dollars, Colby pleaded not guilty and was freed on bail. On May 29, 2018, Colby’s trial began in federal court in San Jose. Palo Alto Online has been reporting (1,2) on the case, which has thrown up something of interest to VPN users. According to evidence provided by FBI Special Agent Anthony Frazier, between July and September 2015, IP addresses operated by VPN provider Private Internet Access (PIA) were used to access email accounts and systems belonging to Embarcadero Media. A former Colby roommate claims that the pair discussed computer security and frequently had discussions about the use of VPNs. He had even helped Colby set one up, he said. Last Friday, the San Jose Federal Court also heard that Colby told his roommate that he’d hacked a news website for pay. Also giving testimony was John Allan Arsenault, general counsel for London Trust Media, the owner of Private Internet Access. According to Almanac News, Arsenault told the Court that some VPN companies, PIA included, do not retain logs of customers’ Internet activities. This means they are unable to produce useful information in response to a subpoena. Arsenault told the Court that PIA accepts several payment methods, including cryptocurrency, but doesn’t keep records of customers’ names and addresses. The only thing the company holds is the email address used when the customer signs up. There was no record of Ross Colby signing up to PIA with his two known email addresses, Arsenault said. “We’re limited to search by what the government gives us. Just because we can’t find it doesn’t mean they didn’t use the VPN service,” he said. “Someone could create a throw-away (email) account to subscribe to us,” he added. But while PIA could not connect Colby’s IP addresses to any illegal activity, the same could not be said of other companies. Evidence presented to the Court showed that in addition to the PIA addresses that were used to access the Embarcadero Media email accounts, an IP address belonging to Comcast was also used on 20 occasions. Records provided by Comcast showed that John Colby, Ross Colby’s father and a retired Massachusetts state trooper, was assigned that particular IP address between June 2015 and October 2015, the date of the FBI’s subpoena to Comcast. John Colby further testified that his son stayed with him for about 10 days in July 2015, a period which coincided with the email breaches at Embarcadero Media. Evidence provided by the FBI also showed that an IP address used by Ross Colby at his home in San Francisco was used to access Embarcadero accounts, as was an IP address registered to a cafe frequently used by Colby. The case highlights some important points for those interested in Internet security. The most interesting for privacy advocates is that this is the second time that Private Internet Access’s “no-logging” policy has been tested in court. Such claims are notoriously difficult to prove but PIA has now passed twice with flying colors. However, the big lesson is that if an Internet crime is serious enough to involve the FBI, IP address evidence will be just part of the equation, with testimony from family and associates playing a major role too. The final decision on Colby’s plea lies with the jury, which is yet to render its decision. Source
All Private Internet Access Settings Explained The guide provides explanations for all settings and features of the Private Internet Access client for the Windows operating system. Private Internet Access is a popular VPN provider. The company has a strict no-logging policy which have been verified in court this year. Customers may download one of the available clients for their operating system. The Windows client ships with a list of features that you may enable to improve your privacy and security while being connected to one of the company servers. The following guide lists and explains all settings that the Windows client version of Private Internet Access provides currently. We have used the latest version of the client, version 0.65, for that. We will update the guide when features change. If you notice that before us, let us know in the comments so that we can update the article. Private Internet Access VPN Settings You can open the settings by right-clicking on the Private Internet Access icon in the Windows system tray area. Please note that you can only access the settings if you are not connected to the VPN at that time. If you are, you need to disconnect first before you can do so. The client uses three configuration pages of which one, simple, is not of much use. Advanced Settings The advanced settings page, which you see on the screenshot above, lists several options that you want to check out and configure. Username: your PIA username Password: the associated password of the account. Start application at login: whether the VPN software is started on Windows boot. Auto-connect on launch: whether the software connects to the VPN server when it is started. Show desktop notifications: whether notifications are shown on the desktop (e.g. on connection or disconnect). Region: The region you want to connect to. Tip: You can run speed tests for any server region to find out how well it performs. Connection type: Select UPD or TCP as the connection type. Default is UDP. Remote port: Set to auto by default, but you may specify a port there. Local port: Set a local port. Request port forwarding: The port that is being used is shown when you hover over the PIA icon in the system tray area. This can be useful to set it up in applications. PIA MACE: This is a new feature of Private Internet Access. It acts as a blocker for advertisement, malware, trackers and other undesirable elements. You have no control currently apart from enabling or disabling the blocker. VPN Kill Switch: This terminates the Internet connection if the connection to the VPN drops. Useful if you don't want your "real" IP address to be logged by services you connect to while using a VPN. IPv6 leak protection: This disables the use of IPv6 while connected to the VPN. Use small packets: If you notice connection issues, e.g. connections that drop frequently, you may want to enable this option to see if it resolves that issue. Debug mode: You may be asked to enable debug mode by PIA support. The log is written to C:\Program Files\pia_manager\log. While it is up to you and your requirements what to enable on the settings page, it is usually a good idea to enable all features but PIA MACE and Debug mode. Encryption A click on encryption displays options to set various encryption related parameters. Data Encryption: Select one of the available encryption standards. Available are AES-128, AES-256 and None. Data Authentication: Select one of the available cryptographic hash functions. Available are SHA-1, Sha-256 and None. Handshake: Encryption used to establish a secure connection with Private Internet Access servers. Pia uses TLS 1.2. The default is RSA-2048. The selection depends largely on your requirements. Want maximum protection? Select AES-256, SHA-256 and RSA-4096. Want all speed and no safety at all? Pick None, None and ECC-256k1. The default recommendation is AES-128, SHA-1 and RSA-2048. The client displays warning if you choose none for data encryption or data authentication, or when you chose ECC for Handshake. Now Read: Private Internet Access rubyw.exe connections explained Source