Semi-private VPN 'just plain stupid'

Powered by SC Magazine
 

No excuse for handing over alleged LulzSec logs, Pirate Bay founder says.

The co-founder of torrent website The Pirate Bay has torn into virtual private network (VPN) service Hide My Ass! for handing over logs on an alleged LulzSec hacker to the FBI.

Hide My Ass! kept logs on all customers, including the alleged hacker, and had handed those over to British law enforcement following requests from the FBI which was tracking LulzSec.

Cody Kretsinger, 23, the alleged member of the LulzSec group, was charged with conspiracy and unauthorised impairment of a protected computer.

He is accused of participating in a week-long SQL injection attack, ending in early June, against the Sony Pictures site. The compromise resulted in the theft of data belonging to roughly one million users, some of which was publicly posted.

Hide My Ass! surrendering of logs drew criticism from Privacy International and threats from the loose-knit Anonymous collective, which had affiliations with LulzSec.

The service defended its acquiescence to the requests. In a statement it said users were “naive” to think online criminals would be protected from law enforcement under its service.

"Our VPN service and VPN services in general are not designed to be used to commit illegal activity," Hide My Ass! said.

"It is very naive to think that by paying a subscription fee to a VPN service, you are free to break the law."

Peter Sunde, co-founder of BitTorrent website The Pirate Bay and paid VPN service iPREDator, said Hide My Ass! was wrong to keep logs and hand it over to police.

The Pirate Bay launched iPREDator in 2009 in response to new Swedish laws that gave copyright enforcement organisations more power to demand access to the personal details of alleged file downloaders.

“Having semi-privacy is just plain stupid, and not being upfront about what happens with your data is just plain wrong,” Sunde said.

“We've built our own reputation by really standing up for what we believe in and we fight for the same things still.

"It's obviously all about trust though, and I hope that people will stop trusting Hide My Ass! and other shady outfits.”

Sunde said iPREDator did not store logs and asked users to provide minimal personal details when signing up for the service.

The service was operated in Sweden and governed by local laws (pdf) that iPREDator said required authorities to prove a case could achieve at least a two year jail sentence before user IP addresses could be obtained.

Pirate Bay kicks ass of VPN service for hacker sell-out

Pirate Bay founder says no excuse for handing logs to law enforcement

The co-founder of torrent website The Pirate Bay has torn into VPN service Hide My Ass! for handing over logs on an alleged LulzSec hacker to the FBI.

The VPN service had kept logs on all customers, including the alleged hacker, and had handed those over to British law enforcement following requests by the FBI which had been tracking LulzSec.

Cody Kretsinger, 23, the alleged member of the LulzSec group, was charged with conspiracy and unauthorised impairment of a protected computer.

He is accused of participating in a week-long SQL injection attack, ending in early June, on the Sony Pictures site. The compromise resulted in the theft of data belonging to roughly one million users, some of which was publicly posted.

The move to hand over logs triggered criticism from Privacy International and threats from the loose-knit Anonymous collective, which had affiliations with LulzSec.

Kick My Ass! defended its acquiescence to the requests. In a statement it said users were “naive” to think online crime would be protected from law enforcement under its service.

“xxx”, xxx said.

Peter Sunde Kolmisoppi, co-founder of BitTorrent website The Pirate Bay and paid VPN service iPredator, said Kick My Ass! was wrong to keep logs and hand it over to police.

Having semi-privacy is just plain stupid, and not being upfront about what happens with your data is just plain wrong,” Kolmisoppi said.

“We've built our own reputation by really standing up for what we believe in and we fight for the same things still. It's obviously all about trust though, and I hope that people will stop trusting Hide My Ass! and other shady outfits.”

Kolmisoppi said iPredator does not store logs and requests users provide the bare minimum level of personal information when signing up for the paid service.

The Pirate Bay VPN service was operated in Sweden and governed by local laws that require authorities to prove a case could achieve at least a two year jail sentence before user IP addresses can be obtained.

Copyright © SC Magazine, Australia


Semi-private VPN 'just plain stupid'
 
 
 
Top Stories
Meet FABACUS, Westpac's first computer
GE225 operators celebrate gold anniversary.
 
NSW Govt gets ready to throw out the floppy disks
[Opinion] Dominic Perrottet says its time for government to catch up.
 
iiNet facing new copyright battle with Hollywood
Fighting to protect customer details.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  26%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 337

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  57%
 
No
  43%
TOTAL VOTES: 140

Vote