“We are unfortunate to announce that there have been abuses complaints about hacking activities on our U.S. Illinois 1 node. We have been saddened to learn that these actions were harmful to individuals (human beings). As a result, we will open this node again and monitor it with Wireshark for a period of 7 days.The Proxy.shVPN provider admitted that they sniffed the traffic on one of its node located in the United States with unique intent to catch an alleged hacker.
“We have decided to install a monitor on our Illinois 1 node so as to locate the hacker. A few hours after we announced this move to our public, the hacker came to us to apologize. We then completely removed the Wireshark installation.”
“If you are the hacker, please stop your activities and leave our network. You are not welcome here. Our heaven is reserved for those who are not harmful to other human beings. If you do not leave, we will find you and report your activities to NGO and press officers. For all others, the heaven is still safe for you, dear ones. We will completely remove Wireshark after 7 days and restart the node so that everything is erased (RAM-switch). All other nodes are left unaffected by these actions. Update: Wireshark has now been removed/wiped.“
“This situation shows that we are actually really not logging anything and that we will always tell our members when we have to log one of our nodes or our entire network, either for maintenance and small internal affairs such as this.”
“We will only intervene into our traffic when we believe there have been activities infringing our ethical terms – that is when activities harmful to human beings (not corporations or entities) are taking place on our network. In such case, we do not privilege law enforcement agencies but rather communication, transparency and assistance from NGOs.”“
So how does the user know if he can trust his provider?
Sincerely user has no choice, he can only trust the answers they provided on privacy issues, I always suggest to carefully read the VPN service you sign up with, despite I’m conscious that there are no privacy guarantees.
I could be useful to promote the constitution for an independent foundation to do regular audits security and privacy issues of VPN providers …would be an important step forward!
(Security Affairs – Proxy.sh, privacy, VPN)