[an error occurred while processing the directive]
RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
2023/11/13 12:45:30

VPN and Privacy Anonymity on the Internet Anonymizers

.

Content

Anonymizers and VPN services

Anonymizers are special sites, programs or extensions browser that allow you to hide data about a user, his location and the software that is installed on his computer from a remote server.

  • Any traffic passing through an anonymizer (proxy server) will have its IP address instead of the address of the computer from which the request was made;
  • Unlike VPN servers, anonymizers (proxy servers) do not have means of encrypting information passing through them

VPN (Virtual Private Network) is a technology that connects trusted networks, nodes and users through open networks that are not trusted. That is, VPN is a secure Internet access window.

Initially, VPNs were created to allow company employees to work remotely with their corporate servers, regardless of their location. And while a number of companies still use VPNs for this reason, most users use such services to gain privacy on the Internet or be able to circumvent geographic restrictions on access to various sites (such as streaming content) Does[1].

When a user goes online without a VPN, their search history, location, and information about their ISP is available to advertisers, their employer, and government agencies. By and large, VPN protects online information from being accessed by interested parties, but sometimes there can be leaks. VPN leaks can occur for a variety of reasons. Individuals interested in obtaining personal information may use the code to disable the VPN, or simply sometimes the system may not work correctly. When using VPN in your daily Internet activity, it is recommended to regularly check it for leaks.

A tunnel is created between the user's computer and the server with the software installed to create a virtual private network.

  • In these programs, a key (password) is generated on the server and computer for encrypting/decrypting data.
  • A request is created on the computer and encrypted using the previously created key.
  • Encrypted data is transmitted through the tunnel to the VPN server.
  • On the VPN server, they are decrypted and the request is executed - sending a file, logging on to the site, launching the service.
  • The VPN server prepares the response, encrypts it and sends it back to the user.
  • The user's computer receives the data and decrypts it with a key that was generated earlier.

[2]

Risks and inconveniences for the user when using anonymizers and VPN services

  • Faster Internet connection than normal connection
  • The possibility of user data leakage (logins, passwords, bank details, card and payment systems data) when the VPN is incorrectly configured, as well as when passing through the anonymizer.
  • The ability to infect a computer with viruses (through the insertion of malicious code when passing anonymizers).
  • The provider that provides the user with VPN services receives all information about the user's actions during his connection to the Internet

Is it possible to prohibit the use of VPN services by a single provider from a technical point of view?

  • You can recognize and block VPN traffic, but this requires expensive hardware.
  • In the case of smartphones and tablets, you can also restrict access to VPN services according to the "Chinese model" - if Roskomnadzor agrees to exclude VPN services from mobile application stores

How users will bypass the law on anonymizers and VPN services

  • There are so many anonymizers and VPN services that it is unrealistic to block all these resources. It will always be possible to find an unlocked resource that does not comply with the requirements of this law.
  • You can create your own VPN on a rented foreign site (such a service may become popular in the next couple of years).
  • If the Apple Store and Google Market cease to provide the ability to download those applications that do not comply with the requirements of this law, then users will begin to download them from alternative sources such as www.apkmirror.com, http ://m.apppure.com, http://f-droid.org, etc.

Types of VPN leaks

Users typically subscribe to VPN provider services, thinking that the service they pay for will protect their online privacy. But the realization that information can be leaked through a VPN can be scary and alarming. There are three types of VPN leaks that can occur, and therefore the ability to detect them will help users be ready to fix any leaks that they can detect.

IP leak

An IP address is a string of dotted numbers that is assigned by the ISP to specific computers or smart devices. When you go online, your IP address is linked to your searches, clicks, and visits.

Currently, there are two types of IP addresses. The original protocol is called IPv4, and the newer protocol is called IPv6. The new protocol is designed to provide even more IP addresses in the world. Currently, many VPN service providers support only addresses in the IPv4 protocol, which can lead to IP address leaks.

DNS leak

Domain Name Systems (DNS) converts IP addresses to URLs with more familiar domain names and vice versa. This system works so that we do not need to remember the IP address of the site every time we want to visit it.

When you go to Internet sites, your operating system sends a DNS request to retrieve the IP address associated with the desired domain. ISPs can then record every DNS request that comes from your operating system to then get your detailed history of online visits. With VPN, each DNS request will come from your VPN provider's server, not from your ISP's server, which secures your personal information. A DNS leak can occur when your conversion requests come from your personal DNS server, not your VPN provider's DNS server. When such a leak occurs, your browsing history is revealed, as is your IP address and the location of your ISP.

WebRTC leak

Web Real-Time Communication (WebRTC), in essence, allows you to instantly transfer video, voice and messages to your browser.

This is very useful peer-to-peer browser-based communication, but users have discovered that WebRTC opens up certain vulnerabilities in VPN. Similar leaks occur in popular browsers such as Chrome, Firefox, Brave and Opera. With just a few lines of code, any site can reveal your IP address and location.

How do I know if my VPN works?

There are many paid services that allow you to find out detailed information about potential vulnerabilities in your VPN. If you want to explore your personal Internet security, you can check it yourself and manually.

How to check for IP leakage

  • Find your personal IP address by disabling your VPN and typing a request on the Google or Yandex search engine like "find out my IP address." Your IP address associated with your device will be displayed at the top of the page. Make a note of this address.
  • Go to your VPN provider account, log in, select the required VPN server and connect to it.
  • Return to the search engine and type again a query like "find out my IP address." Your new address will now appear on the screen. Check it against your previously recorded IP address.
  • If the new address when connected via VPN matches your address without VPN, then most likely there is a leak of your IP address.

How to check for DNS leaks

  • Connect to your VPN and select a server in another country.
  • Open a site that is blocked for your country (for example, social network, forum or content streaming service).
  • If you were unable to access this web site, then it is likely that there is a DNS leak.

How to check for WebRTC leaks

  • Turn on your VPN and select any server to run.
  • Type in your search engine (for example, Google or Yandex) a request like "find out my IP address." The top of the page will show your IP address linked to your device by your VPN service.
  • Now copy this IP address and paste it into the query field in your search engine, but only type "IP" before the address itself (without quotes). If your location is shown, it may indicate a WebRTC leak.

How can I fix a VPN leak?

If you find a leak in your VPN, then do not panic. There are several ways to fix the leak you have encountered. If you find that such leaks occur often, then think about changing the VPN provider and go to the provider who is better able to protect your online activity.

How to fix an IP leak

A reliable solution for eliminating IP leaks is to use a VPN service that provides full support for IPv4 and IPv6 addresses. You can also add restrictions on the use of IPv6 addresses only in your firewall, but this is a temporary solution to the incident.

How to fix a DNS leak

If you find a DNS leak, there are several ways to fix it that you can try to use. First, turn off your VPN and turn off your WiFi. In a minute, turn on your WiFi and reconnect to your VPN. If this does not help fix the incident, try choosing a different server to connect to in your VPN. Then run the DNS leak test again to check the security of your connection.

How to fix a WebRTC leak

The best way to fix a WebRTC leak is to disable WebRTC in your browser. This can be done in Firefox and a number of other browsers. But Chromium browsers like Chrome or Brave don't have an option to disable WebRTC, so for these browsers, use browser extensions to protect your online privacy.

VPN Leak Prevention Tips

  • Use the above tests to periodically check your VPN.
  • Check that the VPN provider supports IPv6 addresses so that the IP address does not leak
  • Contact your VPN provider and make sure that your service does not allow any DNS leak
  • Disable WebRTC in your browser or add an extension to prevent WebRTC leaks
  • Consider moving to another VPN provider that offers complete protection against leaks and other vulnerabilities

Who's watching us?

We are followed by very, very many, from ordinary not moderately curious hackers to the bigwigs of the world behind the scenes, and they all need something from us. Crooks need your passwords, ip - addresses, confidential information at a smaller age. Intelligence agencies need to know everything about your preferences, whether you accidentally got out of that herd of rams that they obediently manage, whether you do not visit those resources that you do not need to visit. Surveillance on the network has existed since its inception and from the same moment there is a constant struggle between tracking systems and those who oppose them. Those who try to control our capabilities more, but with knowledge and the right multi-level security system, you can solve any tasks from regular surfing to effective underground[3].

Tracking tools can be roughly divided into three levels, but it should be understood that each higher level uses the capabilities of the lower ones, so this is rather similar to a matryoshka.

Level 1

Providers, Trojan bots, polymorphic viruses, rootkits. All these dangers in themselves are quite serious, but if they are not involved by higher systems, they do not pose any particular danger, in terms of criticality for a person, of course, and not for a PC and data on it.

So what do they do:

Providers

They have access to all your data, collect all your registration data, cut the traffic of torrent networks, encrypted traffic. They do all this for their own commercial purposes, so it is not particularly dangerous, but it is much more dangerous what they do as part of the measures to ensure SORM - 2 and SORM - 3 and this is described below.

Trojan Bots Nets

They are a new kind that trojans are combined into networks and it is Trojan networks that stand on most of the infected PCs around the world. The task of the Trojans who got on your PC is different, there are Trojans for fools who require money to be paid and SMS for this they will unlock you, but such a minority, more modern Trojans are cunning, he hides in very hard-to-reach places and does not show themselves in any way. Their main task is to collect data, namely your passwords, your visited pages, your documents. After he transfers this data to the network owner (and the average network from 10,000 PCs), the network owner will either sell your PC (more precisely your IP) for spam or hackers, or use your IP himself. Since you won't take anything from most PCs, the Trojans turn them into proxies for VPN servers and use them for spam or attacks hacker. But for us, the main danger of Trojans is not that they control our PC or steal passwords, but that they expose you to dangerous hacking operations of other people's servers, as well as other illegal cases. But even worse is that many bot network holders sell stolen data to level 2 and 3 systems, that is, they leak all your data to the special services for a penny, and they turn a blind eye to their activities in response.

Polymorphic viruses

The main danger is that they are difficult to detect, in our case it is also that they can be written specifically for a specific site, or for your network, or for your protection system and not one antivirus will calculate such specially sharpened polymorphs Polymorphism (). It is polymorphs that stand guard SORM and Echelon are "state programs," they are not detected by ordinary and, antiviruses firewalls set at the provider and have the opportunity to penetrate your PC at any time. Infection channels are usually home pages of the provider,, billing personal account. It is naive to think that you can ignore this, because if you were unable to break the communication channel, then they will scan your ports and try to penetrate your PC. State polymorphic programs are not malicious, the only thing they do is tell the one who set them all your actions on the network and passwords, they record your activity on a PC. The SORM system has a department that develops such polymorphs, if you are not an extra-class hacker, you cannot avoid infection with a polymorph specially written for you. But there is also opposition to this.

Rootkits

Rootkits are actively used by special services in conjunction with polymorphs. They are a process that hide Trojans and bookmarks from you, are not detected by antiviruses and anti-Trojans, and have complex heuristic polymorphic algorithms.

Department K

Department K is engaged in solving various crimes on the Internet, in some cases it uses SORM for ORM (Operational Search Activities), but as a rule, their clients are hackers, carders grabbing specialists, pirates, etc. But this/these units should also be taken into account, I will not consider the protection against them separately, since if you are taking action against SORM, then automatically and take measures against department K. Department K these are only performers who come already according to known data, and all information is provided to them by SORM.

Level 2

In Runet, there are simply a huge number of sites or organizations with representative offices on the worldwide network, and each of these resources, especially radical ones, illuminate their permanent and temporary users by replenishing the databases of the FSB and the Ministry of Internal Affairs with them. No resource provides good full security recommendations, moreover, many portals are hosted on servers physically located in Russian date centers. How and why these resources are monitored, we will briefly try to tell here.

SORM

Briefly, the SORM system includes three components:

  • Hardware and software part (installed at the telecom operator);
  • Remote control point (installed by law enforcement agencies);
  • Data link (s) (provided by the provider to establish communication with the remote control point).

If we consider the Internet provider as an example, then the operation of the system looks like this. The provider is installing a special device. This device connects directly to the Internet channel, and the provider's equipment for organizing Internet access is already connected to the SORM equipment. As a result, it turns out that all incoming and outgoing traffic will pass through a special device, which means that, if necessary, it will be able to be intercepted by law enforcement agencies.

Main articleSORM (System of operational-search measures)

User tracking aspect

Entering the network, a person immediately falls under the close attention of tracking systems. In our case, SORM - 2, your provider that provides you with access to the network, allocates you an ip or your temporary or permanent address. It is thanks to ip that interaction occurs between your browser and the server, thanks to it you get the information that you see on the monitor.

The peculiarity of network protocols and programs is that all your ip are written in the logs (protocols) of any server that you visited and remain there on HDD for a long time, unless, of course, they are specially erased from there.

The provider has its own ip range, which is allocated to it, and it, in turn, allocates ip to its users. The provider has its own ip address databases, each ip address in the database is tied to the full name of the person who entered into the contract and the physical address of the apartment where the access point is located.

IP can be dynamic (change constantly, or static, that is, constant, but this does not change the essence of the matter, the provider constantly writes your movements. The provider knows on what resource, at what time and how long you were.

All the resources you visited, and he writes in time intervals from 15 minutes to 1 hours, he writes to his database, when switching to any new resource, he is also written (resource ip). This data is provided in the database as numbers and does not take up much space. The database of your logs is stored by the provider according to the law of 3, and by secret agreement with people from SORM - 2 for 10 years.

This is one of the conditions of SORM - 2, without it not a single provider will receive a license from FAPSI for the provision of telecommunications services. Thus, the archive of all ip issued to you for 10 years is stored by the provider, as well as the archive of all your logs (where, when and when you "surfed" in the network) SORM through special equipment has direct access to these databases, and in the SORM-3 system these data are generally directly integrated into this global system.

If, for example, you are interested in the SORM operator, he simply activates one button in the program and the SORM system begins to write all your traffic, everything you transmitted, downloaded and watched, simply using a hardware sniffer scanner on the provider's channel. Physically, the data will be stored at the provider from where they are transferred for analysis to the SORM operator. I note that as a rule, all your traffic is UNENCRYPTED and, if desired, anyone can intercept it, not only SORM - 2.

SORM-2 also installs traffic analyzers on the provider channel, they view information on a set of keywords, on visited resources, on the presence of encrypted traffic, and in all these cases a message is sent to the system that makes a decision in automatic mode what to do next. What is this global level of control I think clearly and draw conclusions about what incriminating evidence is available for everyone. If the agreement is drawn up for your grandmother, then do not think that operational development will be carried out in relation to her, SORM bases are associated with the registration and central base of the FSB and SORM bases on other resources, and you are associated if necessary, there are no fools sitting there.

SORM - 2 on search engines, is directly integrated into the database and views ALL your keyword calls, and also uses ALL your cookie settings that the search engine collects. If necessary, draws up a "picture" of a particular user according to keywords and specific search queries, remembers passwords and logins.

SORM-2 on all major social portals collects mainly your information that you leave and logs page visits, remembers passwords and logins.

SORM-2 in mail servers illustrate all your mail, associate your ip with which you registered this mail. Analyzes and gives a signal if encrypted PGP correspondence is detected.

SORM-2 in e-commerce systems fully scans your PC, is registered in the registry, tied to the MAC address, serial number of the equipment, to the system configuration and ip, and of course to the data that you left during registration. Of course, all this is done by the e-commerce program, but the information that it receives is available to SORM.

SORM 2 in VPN and proxy servers

Not on everyone, of course, but on many (on legal on all), writes logs. A very big problem is the unreliability of the proxies themselves, many proxies in the SORM system - 2, the rest of the official legitimate servers and, according to the law, issue all logs of interest to SORM-2 operatives. That is, at least you will work through 1 or 100 proxy servers, you will be promoted very quickly, just call the service owner or come. Exotic countries will only increase the search time for your ip (but, if you need to do it quickly). It is through the promotion of proxy chains that most of the hackers are caught. All proxies - servers write logs, and this is live dirt (except for specially configured ones).

SORM - 2 in Date centers

SORM-2 is also integrated into all data centers and traffic communication points, if the servers and, accordingly, hosting are located in Russia, which means that you can get an archive of logs and put a Trojan to the database of registered users, only by calling or stopping at the date center, it is in this way hardware, most patriotic sites are tracked, as well as VPN servers or resources on which SORM-2 is not installed directly in the form of equipment. Your admin can rewrite his database at least 100 times, but if he has a Trojan and a channel on the server on the date of the center, then, with all his desire, he will not save either user logs or their addresses or other confidential information. Their own server will only make it difficult for them. For security, you need your own server and your own person on the date center and preferably on the date centers abroad.

SORM - 2 on servers of domain name registrars

Monitors who and what registers, writes ip, automatically punches through the reality of the entered data, if it is determined that the left data - the domain name is posted, if necessary, they can easily close the domain name. SORM-2 also uses a whole network of TOR servers (like other special services) that listen to traffic passing through them.

Level 3

Echelon

Echelon - an order of magnitude more steep system than SORM - 2, but with the same objectives and objectives, the official owner of the CIA uses all lower stages 1 and 2, stands on Google built into Windows in the form of bookmarks, on all routers, in the largest date centers of the world, on all main optical cables, differs in scale and in that, if desired, the operator uses the satellite and looks at you on the monitor in real time, the FSB does not have direct access to it, although it can get on request, although its principles are the same. By and large, Echelon is the global global SORM - 2, this system has much more opportunities and finances around the world. The system controls banking transactions, has the ability to open encrypted messages and communication channels, and interacts very closely with Microsoft and Skype.

What is the difference between a VPN and a proxy?

When you dig into the network settings of your computer or smartphone, you often see options labeled 'VPN' or 'Proxy'. Although in part they do similar work, they are very different. Our article will help you to understand the difference between them and what they are for. You may want to use one of them[4]

What is a proxy?

Usually when browsing the Internet, your computer connects directly to this site and starts downloading pages that you read. Everything is very simple.

And when you use a proxy server, first your computer sends all web traffic to it. The proxy redirects your request to the desired site, downloads the relevant information, and then returns it back to you.

Why is all this necessary? There are several reasons for this:

  • You want to view sites anonymously: all the traffic that comes to the site comes from a proxy server, not from your computer.
  • You need to overcome filters that restrict access to a particular content. For example, as you know, your Netflix subscription in Rossiin will work in the United States. But if you use a proxy server from Russia, it will look like you are watching TV while in Russia, and everything will work as it should.

Although this scheme works quite well, there are still several problems with the proxy:

  • All web traffic that passes through the proxy can be viewed by the proxy owner. Do you know the owners of the proxy server? Can you trust them?
  • Web traffic between your computer and the proxy server, as well as the proxy server and the site is not encrypted, and therefore an experienced hacker can intercept the transmitted confidential data and steal it.

What is VPN?

VPN is very similar to a proxy. Your computer is configured to connect to another server, and the route of your web traffic passes through this server. But if the proxy server can only redirect web requests, then the VPN connection is able to route and provide complete anonymity of all your network traffic.

But there is another significant advantage of VPN - all traffic is encrypted. This means that hackers cannot intercept data between your computer and the VPN server, and therefore your confidential personal information cannot be compromised.

VPN is the safest option

By encrypting and routing all your network traffic, VPN has a clear advantage over the proxy server, offering additional features as well.

VPN Connection Building Protocols

A number of tunneling, authentication, access control, and encryption technologies/services are used to protect data and transmit traffic to VPN. There are several VPN implementations, among the most popular protocols are PPTP (Point-to-Point tunneling protocol), L2TP (Layer 2 Tunneling Protocol), IPSec (IP Security), SSTP (Secure Socket Tunneling Protocol), OpenVPN.

PPTP is a point-to-point protocol that allows you to create a secure connection by creating a "tunnel" in an unsecured network. Securely transfers data between a computer and a server, or between two LANs.

L2TP: Layer 2 (link layer) tunneling protocol. Its main advantage is that it allows you to create a connection not only in Internet networks, but also in networks operating using ATM, X.25 and Frame Relay protocols.

IPSec: A set of protocols to protect IP packet data. Includes protocols for secure key exchange. It is optimal for combining branch networks. Often used in conjunction with L2TP.

SSTP: Microsoft Proprietary Protocol. In addition to Windows, it runs on a number of other operating systems, including Linux and MacOS. Due to its origin, it works stably on most computers, but the closeness of the code inspires many fears.

OpenVPN: This protocol, as the name implies, is distributed with open source. It is supported

VPN on TAdviser

2023

Ministry of Digital Development explained which VPN services are blocked in Russia

In mid-November 2023, the Ministry of Digital Development of the Russian Federation gave an explanation about which VPN services will be blocked. We are talking about products that pose a threat to the security of the Internet.

File:Aquote1.png
Based on the decision of the expert commission provided for in paragraph 10 of the rules, specific VPN services and VPN protocols can be filtered on a mobile communication network for foreign traffic, which are identified as a threat, the Ministry of Digital Development said in its response to the appeal of the New People faction.
File:Aquote2.png

The Ministry of Digital Development explained which VPN services will be blocked

According to RIA Novosti, citing this document, according to a government decree, the difficulty of restricting access to information on the Internet, access to which must be blocked in accordance with the law, is defined as a threat to the security of the Network.

Earlier, the First Deputy Chairman of the State Duma Committee on Information Policy Anton Tkachev sent an appeal to the government, in which he pointed out the position, "in which we state that VPN services that do not comply with Russian legislation will be blocked, and then, in fact, block everything."

Tkachev noted that blocking VPN services supports sanctions pressure on Russians, since VPN may be required for the correct operation of household appliances, including Chinese-made ones. The creation of domestic services, according to the author of the appeal, will not solve the problem, because the owners of the resources "will close them from providers."

On October 3, 2023, Artem Sheikin, a member of the Federation Council Committee on Constitutional Legislation and State Construction, announced that Roskomnadzor will be able to block all VPN services in application stores from March 1, 2024.[5].

167 VPN services and more than 200 mail services blocked in Russia

In Russia, 167 VPN services and more than 200 mail services are blocked. Such data at the end of October 2023 was published by the director of the Center for Monitoring and Management of the Public Communications Network (CMU SSOP) Sergey Khutortsev as part of his presentation at one of the forums dedicated to the regulation of the field of information and communication technologies. Read more here.

The Ministry of Digital Development of the Russian Federation explained to companies how to remove restrictions on the use of VPN

The Ministry of Digital Development of the Russian Federation explained to companies how to remove restrictions on the use of VPN. The agency issued the corresponding instructions on October 17, 2023 in its Telegram channel.

As noted in the ministry, companies that use VPN services in their work for remote access of employees or combining servers into one network may experience difficulties due to blocking prohibited resources. VPN protocols may fall under the restrictions of Roskomnadzor, but the blocking can be removed if the service is needed for working purposes.

The Ministry of Digital Development explained to companies how to remove restrictions on the use of VPN

In order to use the services without any problems, the Ministry of Digital Development recommends contacting Roskomnadzor. Usually the list of firms is transferred to the department through relevant bodies. For example, a telecom operator must first be informed about the problem of the Ministry of Digital Development. If the authorities have not informed Roskomnadzor, then the company itself can contact the service by phone or e-mail. The letter must indicate the name of the company, IP addresses and the types of VPN services and protocols used. Roskomnadzor examines data, adds IP addresses of companies to the white list and unlocks access to services. If after contacting Roskomnadzor, problems with the use of VPN services remained, you need to contact the Ministry of Digital Development.

Earlier in October 2023, Roskomnadzor announced plans to independently block sites that contain information on methods and ways to bypass blocking in Russia.

File:Aquote1.png
According to the draft decree of the government of the Russian Federation developed by the Ministry of Digital Development, Roskomnadzor will independently decide on the introduction of Internet pages containing information on methods and methods of bypassing blocking into the Unified Register of Prohibited Information, the department said then.
File:Aquote2.png

Roskomnadzor will determine the criteria for restricting access to information about blocking bypass.[6]

Russian telecom operators massively block VPN protocols OpenVPN and WireGuard

Russian telecom operators, including MTS, Beeline, MegaFon, Tele2, Yota and Tinkoff Mobile, massively block the OpenVPN and WireGuard VPN protocols, which are popular in the corporate environment, in particular among large companies. This became known on August 7, 2023. Read more here.

Vodafone launches quantum-encrypted VPN

On July 5, 2023, the British mobile operator Vodafone Group and SandboxAQ, a division artificial intelligence of the holding (Alphabet parent structure), Google announced the launch VPN with quantum encryption. More. here

2022

Proton VPN takes servers away from India

On September 22, 2022, Proton VPN, a popular virtual private network provider, removed its physical servers from India in response to new CERT-In requirements requiring such providers to keep user activity logs for five years. Read more here.

India obliges VPN services to store customer data and hand it over to authorities

On May 2, 2022, it became known that for companies engaged in the provision of virtual private networks (VPN) services, India introduced the obligation to collect extensive data on customers and store them for five years or more, according to the new national directive of the Computer Emergency Response Group (CERT-in). This is a policy that is likely to complicate the lives of both VPN companies and users of their services.

The body under the Ministry of Electronics and Information Technology of the country announced that VPN companies in the country will have to store customer names, confirmed physical and IP addresses, activity information and other types of personal information. Those who fail to comply face up to a year in prison under the law cited by the new directive, the Entrackr website first reported.

India obliges VPN services to store customer data and hand it over to authorities

The directive is not limited to VPN providers. Data centers and cloud service providers are also subject to this provision. Businesses will have to store customer information even after the customer cancels their subscription or deletes the account. And in all cases, CERT-in will require companies to report unauthorized access of their users to social media accounts.

Most VPN services have a "no-logging" policy - a public promise not to register, collect or transfer data about the use and browsing of clients' web pages. Leading services such as ExpressVPN and Surfshark only work with servers with RAM disks and other non-accounting technologies, which means that these VPNs will theoretically not be able to track the URLs listed in the directive. If under a new directive, VPNs in India are required to store customer registration details - or monitor and report social media use - many of the companies could find themselves breaking the law simply by continuing to operate.

The Ministry of Electronics and Information Technology said in a news release that the new directive is designed to help the ministry address some of the gaps that prevent it from responding to unspecified cyber incidents and community interactions.

According to the full directive of the ministry, VPN companies will have to collect and report the following information:

  • Confirmed customer names, physical address, email address and phone numbers;
  • The reason why each customer uses the service, the dates they use it, and their pattern of behavior;
  • The IP address and e-mail address used by the client to register with the service, along with the registration time stamp;
  • All IP addresses issued to the VPN client and the list of IP addresses used by the client base as a whole.[7]

2021

Tor website blocking bypass service blocked in Russia

In early December 2021, the Tor website blocking bypass service was blocked in Russia. According to the Roskomsvoboda project, user complaints about the inaccessibility of the network come from Moscow and other regions of Russia. Read more here.

Data of 45 million users of free VPN services put up for sale

In early November 2021, a database of 45.5 million users of free VPN services of FreeVPN.org and DashVPN.io owned by ActMobile Networks was put up for sale on the darknet.

The data leak is reported by Kommersant with reference to the Information Leaks Telegram channel. The database contains data from 2017 to 2021. You have specified user email addresses, encrypted passwords, registration dates, profile updates, and the last login.

Data from 45 million users of free VPN services appeared on sale

Telegram channel "Information Leaks" noted that user data has been in the public domain for a week. Later, on November 3, 2021, the channel reported that all other personal data that was stored on the MongoDB server was leaked to the network. Russia These include 795,792 records of users' personal information.

Leakage or sale of data from VPN services is no longer an accident, but an almost guaranteed scenario for using any unprotected service, says Alexander Dvinskikh, an information security expert at CROC. According to him, if a person uses a free service, then he must understand that, most likely, he himself is the product.

Such companies collect and repeatedly resell information about which sites the user visits, what is interested in, what purchases he makes, the expert clarifies. In addition, VPN applications still have information about e-mail and IP addresses of users, which allow you to identify the owner of this data directly, explains Alexander Dvinskikh.

He added that the merged database of VPN users is interesting not only for attackers, but also for special services - for example, to investigate cyber incidents in which those who use these services in illegal actions on the Internet were noticed.

Boris Sharov, general director of Doctor Web, says that the only secure VPN service is corporate. The expert recalled that the user does not know where his data goes and who owns this or that service.[8]

Hosting provider VPN services agreed to block access to pirated sites

Hosting-provider VPN services agreed to block access to pirated sites. This became known on October 12, 2021.

In recent months, a group of independent film companies have filed a series of lawsuits against VPN providers and their hosting companies.

Hosting provider Sharktech has settled a copyright lawsuit filed by several film companies. The companies accused the service of not taking action against VPN providers, some of whose subscribers were engaged in movie piracy. As part of the agreement, Sharktech agreed to block pirated sites including Pirate Bay, YTS and RARBG.

In recent months, a group of independent film companies have filed a series of lawsuits against VPN providers and their hosting companies. The creators of films such as Hunter Killer and the Dallas Buyers Club accused these services of condoning piracy.

Film companies alerted Sharktech to this pirating activity with various copyright infringement notices that had little impact.

File:Aquote1.png
Sharktech was unable to remove subscribers or accounts associated with these IP addresses and did not take any meaningful action in response to these notices, the film companies said in the complaint.
File:Aquote2.png

According to Sharktech, the company does not consider itself associated with pirates, since it provides services to VPN companies that provide services to end consumers, and the presence of pirates among the latter is extremely difficult to prove. The hosting provider compared the situation with a demand for the airline to stop providing transportation services to the postal service, since some of its customers can send something illegal by mail.

Negotiations to resolve the situation began in September 2021 and now film companies and Sharktech have filed an application to dismiss the case. The two sides agreed on a confidential settlement.

However, Sharktech is not alone in facing legal action. The VPN service VPN.ht also settled a copyright infringement lawsuit filed by a group of independent film companies in early 2021. As part of the deal, the VPN provider agreed to block all BitTorrent traffic and log IP address information on its servers in the United States.

The companies accused the VPN provider of promoting the pirated Popcorn Time app among its users, noting that the VPN.ht 's IP address was repeatedly used to distribute pirated films. After the initial complaint was filed, the copyright holders increased the pressure. They received a temporary restraining order ordering PayPal to block the assets of Wicked Technology Limited, an operating company VPN.ht.

In addition to blocking traffic, BitTorrent VPN.ht also agreed to store logs of IP addresses that are associated with their servers in the United States. These logs must be stored for at least a year and must point to specific users.

Lawsuits against VPN providers began in September 2021. A group of independent film companies filed a lawsuit in federal court in Virginia (USA) against four VPN providers (Surfshark, VPN Unlimited, Zenmate and ExpressVPN), whom they accused of widespread copyright infringement. In particular, the plaintiffs accused providers of allowing their subscribers to bypass the geographical limitations of streaming services such as Netflix, including positioning services as a means of anonymously downloading infringing content. Thus, the plaintiffs said, VPN services are responsible for "direct, facilitating and indirect" copyright infringement[9]

Blocking VPN in Russia turned into problems for legal services

After Roskomnadzor he began to actively block VPN services, users faced problems accessing, Avito World of Tanks and World of WarShips, Twitch and games. BitTorrent Writes about this "" in the Kommersant issue of September 9, 2021.

In the past five days, users of the platform for online broadcasts of football tournaments FlashScore have not worked the application through some mobile operators.

File:Aquote1.png
We could do little (although we tried very hard), but it seems that all the problems are over, "the company told the publication.
File:Aquote2.png

After blocking VPN services in the Russian Federation, users of game resources had problems

The developers of World of WarShips on September 6 published an appeal to users, which says that Internet providers began to block VPN services using DPI equipment. In the process, many UDP ports were affected, including those used in the game. In their opinion, the situation affected both large providers and many local ones.

File:Aquote1.png
Closing UDP ports leads to World of WarShips being unable to enter the game and disconnect from the server during a crash, the company said in a statement.
File:Aquote2.png

Wired Internet providers also have problems, confirms the small operator in the Pskov region "March." In his official VKontakte group on September 5, 2021, he said that the inaccessibility of a number of services is associated with attempts by Roskomnadzor to block VPN.

On September 3, 2021, it was reported that Roskomnadzor decided to restrict access to six VPN services that are used to bypass locks. Речь идет о Hola VPN, ExpressVPN, NordVPN, Speedify VPN, KeepSolid VPN Unlimited и IPVanish VPN. Roskomnadzor explained that the use of these services "leads to the preservation of access to prohibited information and resources, creates conditions for illegal activities, including those related to the spread of drugs, child pornography, extremism, and so on."[10]

Roskomnadzor began blocking VPN services

On June 17, 2021, it became known that Roskomnadzor it had begun restrictive measures against VyprVPN and VPN Opera VPN services (owned by Chinesethe Norwegian Opera). More. here

Russia has developed a way to counter the use of VPN services by terrorists

At the end of April 2021, it became known that Russia had developed a way to counter the use of VPN services by terrorists and offered it to the world community.

As Nikolai Murashov, deputy director of the National Coordination Center for Computer Incidents (NCCC), said at an online briefing, a Russian counterterrorism initiative was put forward, the introduction of which on communication channels will avoid the negative consequences that the use of VPN services by terrorist and other criminal organizations entails.

Russia presented a solution to counter the use of VPN services by terrorists

According to Murashov, the method proposed by Russia by the end of April 2021 is very actively discussed at international platforms. It is necessary to introduce such measures on a global scale, he said.

The deputy director of the NKCKI did not disclose the essence of the mechanism created in the Russian Federation to counter the use of VPN services by terrorists. He only noted that citizens use VPN services constantly, so far there are no restrictions on this.

The term Virtual Private Network (virtual private network) is becoming more widely known, since VPN can in principle bypass site blocking. Criminals often use VPNs because such services greatly complicate user identification on the Internet.

By the beginning of 2021, more than a quarter of Internet users in the world use VPN. The main motives for its use: to gain access to social networks and news services (34%), maintain anonymity when accessing the Internet (31%), hide information from the authorities about visiting sites (18%) and gain access to the Tor network (17%). In Russia, fines threaten the owners of search engine sites and those who own VPNs, are engaged in their technical support, hosting. Russians are not fined for using VPN.[11]

2019

Global Web Index

According to the Global Web Index, more than 35% of Internet users use VPN "daily or almost daily." This is prompted by individuals to avoid the attention of the Big Brothers (not only the state, but also commercial companies) or the desire to go to resources, which the state for some reason blocked. Moreover, such a desire exists not only among residents of Asian and Middle Eastern states (leaders in VPN development are Thailand, Indonesia, Saudi Arabia), but also among citizens from countries of developed democracy. For example, according to the top10vpn.com website, the second place in terms of downloads of mobile versions of VPN solutions is in the United States (74.5 million), in the leader, Indonesia, only slightly more (75.5 million). Russia in this indicator is in 9th place (10.9 million), between Great Britain and Pakistan.

VPN service blocked twice in Russia won

The prosecutor's office of the Russian Federation abandoned the claim against the VPN service HideMy.name, in connection with which the court in Mari El dismissed the case. The prosecutor's office does not explain the reasons for the refusal. HideMy.name belongs to inCloak Network Ltd, which recently successfully protested in court the blocking of the service. Known earlier as HideMe.ru, but later renamed HideMy.name, the service is popular in Russia[12].

Mikhail Bautin, a lawyer for the Center for Digital Rights, representing inCloak Network Ltd, submitted a written response to the lawsuit to the court. In the recall, the defendant asked to refuse the claim. Such data are contained in the ruling of the Medvedevsky District Court of the Republic of Mari El, writes Roskomsvoboda. Another representative of inCloak Network Ltd, identified as Ivanov VK, did not object in court to the dismissal of the case.

As a result, the court accepted the refusal of the assistant prosecutor, terminated the proceedings in the case and informed the parties that the proceedings on the same subject and on the same grounds in the future would be impossible to resume.

Kaspersky Lab VPN service began blocking sites banned in Russia

In early July 2019, it became known that the Kaspersky Secure Connection VPN service began to block sites banned in Russia. The service was connected to the prohibited information registry to filter users' access to resources in it.

Avast closes VPN service in Russia due to Roskomnadzor restrictions

On June 13, 2019, it became known about the closure of the service Avast SecureLine VPN Russia due to restrictions. Roskomnadzor The agency requires VPN services and anonymizers to block access to sites from the "black list" and prevent users from visiting these resources.

Main article Avast SecureLine VPN

Roskomnadzor forced to unlock the world famous VPN service

The HideMy.name project, one of the largest VPN services, previously known as HideMe.ru, achieved in the Supreme Court of the Republic of Mari El the cancellation of the blocking decision, as reported by the agency's portal. HideMy.name was added to the register of banned sites, which is supervised by Roskomnadzor, in July 2018, and the basis for this was the decision of the Yoshkar-Ola District Court. The lawsuit was filed with the local prosecutor, however, which is noteworthy, the defendant in the case was not representatives of the resource at all Roskomnadzor[13] employees[14]


The judge's decision to include HideMy.name in the list of sites blocked by Russia was influenced by the theoretical possibility of each user of this service gaining unlimited access to extremist materials, including Adolf Hitler's book "My Struggle" (Mein Kampf). In addition, representatives of the resource answered, the lawsuit mentioned a certain anonymizer, who was absent from the site at the time the case was initiated.

The verdict in this case was challenged on May 23, 2019 in the republican court of Mari El by the joint efforts of representatives of the HideMy.name, as well as lawyers of Roskomsvoboda and the Center for Digital Rights. The court completely overturned the earlier decision, but nevertheless sent the case for reconsideration.

VPN services refuse to join FGIS

International companies providing VPN services are not ready to fulfill the requirements Roskomnadzor for connecting to the Russian register of prohibited sites for filtering traffic, reports at the end of March 2019. "" Roskomsvoboda It is clarified that the exception was only the Russian VPN service from "," Kaspersky Lab which announced that it would comply with the law.


Roskomsvoboda monitors the situation and maintains the current state of the list of services that have already responded. Currently, this list is as follows:

  • TorGuard - in the list of ILV, failure + removes servers from the Russian Federation;
  • VyprVPN - in the list of ILV, failure;
  • OpenVPN - in the list of ILV, failure;
  • ProtonVPN - not in the ILV list, failure;
  • NordVPN - in the list of ILV, failure + removes servers from the Russian Federation;
  • Private Internet Access - not in the ILV list, failure;
  • Trust.Zone - not in the list of ILVs, failure + removes servers from the Russian Federation;
  • VPN Unlimited - in the list of ILV, failure;
  • Kaspersky Secure Connection - in the list of ILV, consent;
  • Hide My Ass! - ignore;
  • Hola VPN - ignore;
  • ExpressVPN - ignore;
  • Windscribe - not in the list of LV, failure;
  • Ivacy VPN - not in the ILV list, failure;
  • TgVPN is not on the list of ILVs, there is fundamentally no refusal of servers in the Russian Federation.

That is, out of twelve answers - eleven failures, in three cases the intention is announced to remove the servers from the Russian Federation

Connection requirements were sent to 10 services: NordVPN, Hide My Ass!, Hola VPN, Openvpn, VyprVPN, ExpressVPN, TorGuard, IPVanish, Kaspersky Secure Connection and VPN Unlimited. Of these, only Kaspersky Secure Connection agreed to the requirements of Roskomnadzor;

Roskomnadzor requires VPN services to start blocking prohibited sites

For the first time, Roskomnadzor demanded that owners of VPN services (Virtual Private Network) connect these services to the Federal State Information System (FGIS), which contains information about prohibited sites, RBC reported in March 2019 with reference to notifications sent by ten VPNs: NordVPN, Hide My Ass!, Hola VPN, Openvpn, VyprVPN, ExpressVPN, TorGuard, IPVanish, Secure, Secure VPN and Secure VPN.

The materials posted on the website of Roskomnadzor itself specify that the appeals were sent at the initiative of the power services: "The requirements for connecting to the FGIS to VPN services and" anonymizers "are sent on the basis of an appeal to Roskomnadzor of the federal executive body carrying out operational-search activities or ensuring the security of the Russian Federation."

It is also reported that earlier requirements of this kind were not sent to VPN services and anonymizers. RBC clarifies that according to the norms of the current legislation, Roskomnadzor cannot send such requirements on its own initiative - only on the basis of an appeal from the FSB or another body carrying out operational-search activities.

After receiving the requirements, VPN services and anonymizers are required to connect to the FSIS and start blocking sites banned in Russia, according to current lists. It takes 30 days to fulfill the requirements. If the requirements are not met after this period, the services themselves can be blocked.

According to RBC, the owners of anonymizers with Russian roots, such as 2ip and Chameleon, announced their readiness to connect to the FSIS even before sending the appeal, most foreign services announced their intention to ignore such a requirement.

Every fifth VPN app on Google Play is a potential source of malware

On January 22, 2019, it became known that the most popular free VPN applications Google Play Store in contain problems that can threaten safety users. According to a study conducted by Metric Labs specialist Simon Migliano, one in five applications is a potential source of malware, and ON a quarter of the analyzed programs contain vulnerabilities related to leaks DNS user requests. More. here

2018

Trend Micro warned about the danger of using Hola VPN

One of the most popular free VPN services downloaded millions of times poses a privacy threat by not properly hiding users' digital fingerprints, researchers warn[15][16][17][18].

We are talking about the Hola VPN service, with about 175 million users around the world. According to a new report by Trend Micro, Hola VPN has a number of serious security problems, and one of the main ones is the lack of encryption.

In particular, during an active session, the connection to the super node is not encrypted, and an attacker can intercept the transmitted traffic using a man-in-the-middle attack. In addition, the lack of encryption can lead to a leak of IP addresses, which the authorities can use to track citizens in countries with a totalitarian regime.

When a user opens a new tab in a browser while using Hola VPN or enters a domain name in the address bar, the resource is accessed directly from its real IP address. Unlike other VPN services that route traffic through an encrypted tunnel, Hola VPN is not a secure VPN solution, but rather an unencrypted web proxy.

Trend Micro now detects Hola VPN as potentially unwanted software and recommends that users remove it from their systems. In turn, the manufacturer called the company's report "irresponsible."

Apple bans individuals from writing VPN apps for iPhone and iPad

The company Apple notified all app developers by email in June 2018 of a major change in the rules for publishing to its app store. App Store First of all, the letter emphasizes the ban on the use of software interfaces () API for virtual private networks () VPN in applications published by individuals. From now on, according to paragraph 5.4 of the updated rules, the use of this option is available exclusively to legal entities. Apple[19]

The global rules for publishing applications have also undergone a major update, tightening and describing in more detail the provisions related to protecting user privacy. In particular, paragraph 5.1.1 of the publication rules on the collection and storage of user data (5.1.1 Data Collection and Storage) increased from four to seven sub-items.

Innovations in the App Store Review Guidelines have been introduced following the work of App Store censors over the past few months, during which applications have been most thoroughly tested with anonymous access to Internet resources for users.

From now on, hosters are obliged to report to the authorities about the hosts of proxies and VPNs

The State Duma adopted in the third reading a law on fines for hosters and search engines regarding means of bypassing blocking on the Internet. The law, which will enter into force 90 days after its official publication, is a set of amendments to the Code of Administrative Offenses of Russia[20].

Fines will be levied on providers hosting who ensure the placement of blocking bypass tools on the Internet, and do not inform Roskomnadzor who owns these funds.

Alternatively, instead of submitting data about the owner of a proxy or VPN to Roskomnadzor, the hosting provider can inform the regulator that it has notified this owner of the need to provide information about itself. If there is no such message from the hoster, he also faces a fine.

In both of these cases, the fine for citizens will be from 10 thousand to 30 thousand rubles, and for legal entities - from 50 thousand to 300 thousand rubles.

Fines for search engines

The law also provides for fines for search engines that make it easier for users to access Internet resources blocked in Russia. In particular, if the search engine operator did not connect to the federal state information system, which contains information on which resources are blocked, then such an operator will be fined. For citizens in this case, the fine will be from 3 thousand to 5 thousand rubles, for officials - from 30 thousand to 50 thousand rubles, and for legal entities - from 500 thousand to 700 thousand rubles.

The State Duma approved in the II reading the tightening of liability for anonymizers

The State Duma adopted in May 2018 in the second reading a bill providing for the introduction of administrative fines for violating the law on anonymizers. In particular, if the provider hosting and anonymizer does not provide Roskomnadzor data on the owners of means of access to blocked sites, this will entail a fine - from 10 thousand to 30 thousand rubles for citizens and 50 thousand - 300 thousand rubles for legal entities, writes "."Interfax

In addition, the issuance of links to prohibited sites in search engines will result in a fine. For this, it is proposed to charge 3 thousand - 5 thousand rubles from citizens, 30 thousand - 50 thousand rubles from officials and 500 thousand - 700 thousand from legal entities.

Rating of VPN services

The agency Tagline published in April 2018 a rating of services VPN that, after blocking messenger Telegram , will help to use it (and other blocked resources) without restrictions, as well as solve the problems of safe transfer of information.

The leader of the rating is the service with a twelve-year history HideMyName (ex: HideMe), which is used by 20% of respondents, in second place with 17% of the vote is the German ZenMate, and the third place was shared by the business-oriented PureVPN and Hide My Ass, they have 14% of the vote.


VPN services, in addition to corporate information security tasks, protection against traffic interception and the possibility of using foreign resources that are not available to Russian users, solve the critical problem of accessing services that are subject to blocking in Russia by a court decision - such as Telegram (not to mention LinkedIn, Slideshare and Zello).

23% of VPN services reveal real IP addresses of users

Italian researcher Paolo Stagno tested[21]%) 70 VPN services and found that 16 of them (23%) disclose real IP addresses of users. The problem is related to the use of WebRTC (Web Real Time Communication) technology, which allows you to make audio and video calls directly from the browser. This technology is supported by a number of browsers, including Mozilla Firefox, Google Chrome , Google Chrome for Android, Samsung Internet , Opera and Vivaldi[22].

WebRTC is an open standard for real-time multimedia communication that works directly in a web browser. The project is designed to organize the transfer of streaming data between browsers or other applications supporting it using point-to-point technology.

As the researcher explained, the technology allows the use of STUN (Session Traversal Utilities for NAT) and ICE mechanisms to organize connections in different types of networks. The STUN server sends messages containing the IP addresses and port numbers of the source and receiver.

STUN servers are used by VPN services to replace the local IP address with an external (public) IP address and vice versa. WebRTC allows packets to be sent to a STUN server that returns a "hidden" home IP address, as well as the addresses of the user's local network. IP addresses are displayed by JavaScript, but since requests are made outside the usual XML/HTTP procedure, they are not visible from the developer console.

According to Stanyo, 16 VPN services reveal the real IP addresses of users: BolehVPN, ChillGlobal (plug-in for Chrome and Firefox), Glype (depending on configuration), hide-me.org, Hola! VPN, Hola! VPN (Chrome extension), HTTP PROXY (in Web RTC browsers), IBVPN, PHP Proxy, phx.piratebayproxy.co, psiphon3, PureVPN, SOCKS Proxy (in Web RTC browsers), SumRando Web Proxy, TOR (working as PROXY in browsers with Web RTC), Windscribe. The full list of tested services can be found here.

2017

A number of VPN services refused to cooperate with Roskomnadzor

According to the public organization Roskomsvoboda[23], not all VPN services intend to follow the law that has come into force. Seven services have already clearly outlined their position on the new requirements. The first is ExpressVPN, which said in the summer that it would "certainly never agree to any norms that would jeopardize the product's ability to protect users' digital rights."

The ZenMate service prepared in advance for a possible blocking in case of refusal to restrict access to sites prohibited in the Russian Federation. The company announced an "elegant solution" that allows the service to automatically switch to "steady mode" without causing serious inconvenience to users. "In this mode, the connection will be redirected through the largest backbone Internet services. These services play a key role for the Web, and therefore blocking them paralyzes the Internet, "the company said in its blog.

Tunnelbear and PrivateVPN services do not intend to comply with Russian law, since they are not Russian companies. Servers Tunnelbear is located outside the Russian Federation, and PrivateVPN is ready to move its server from the territory if necessary. Russia

Golden Frog (the company owns the VyprVPN service), TorGuard and TgVPN also announced their refusal to cooperate with Roskomnadzor. "We will not implement this law and will do everything to remain available to users from Russia. Among other measures, we are preparing applications with built-in ways to bypass VPN locks, "the TgVPN team said in its Telegram chat.

Anonymizer law comes into force in Russia

On November 1, 2017, a law on blocking anonymizers and VPNs came into force in Russia, which was signed by President Vladimir Putin at the end of July.

We are talking about amendments to the federal law "On Information, Information Technologies and Information Protection," which determine the obligations for owners of VPN services, anonymizers and search engines operators to restrict access to prohibited information.

The law allows blocking services that refuse to block access to prohibited sites. Anonymizers have three days to fulfill the requirements of the authorities.

Law on blocking anonymizers and VPN came into force in Russia

Also, innovations require search engines to remove information about information resources from search results, access to which is blocked in Russia. Search engine operators will receive relevant data from Roskomnadzor.

To implement the law, a federal state information system (FGIS) is launched. At the request of law enforcement agencies , Roskomnadzor will determine the provider providing technologies to bypass locks.

The law will need to be implemented by appeals to Roskomnadzor of the federal executive body carrying out operational-search activities or ensuring the security of the Russian Federation (Ministry of Internal Affairs and FSB).

As reported on the Roskomnadzor page on VKontakte, the department and market participants - Kaspersky Lab, Opera, Mail.ru and Yandex - are already completing testing of a "new interaction system." In addition, anonymizers 2ip.ru and 2ip.io have already agreed to cooperate with Roskomnadzor.[24]

The draft law was introduced by deputies Maxim Kudryavtsev (United Russia), Nikolai Ryzhak (Fair Russia) and Alexander Yushchenko (Communist Party).

Fines for violating the law banning anonymizers

The State Duma Committee on Information Policy proposed in September 2017 to adopt in the first reading a bill introducing fines for search engines operators for failure to comply with the provisions of the law banning anonymizers and VPN services, RIA Novosti reports.

The State Duma is going to legislate fines for search engines operators if they do not fulfill their obligations to gain access to the Roskomnadzor register and block links to information resources included in the list.

The document provides for a fine for individuals - 5 thousand rubles, for officials - 50 thousand, for legal entities from 500 thousand to 700 thousand rubles.

The creator of Tor explained how Roskomnadzor will be able to block Tor

How exactly Roskomnadzor will be able to block it was told by one of the creators of onion routing David Goldschlag - see Tor - The Onion Router.

Roskomnadzor requirements for anonymizers

Roskomnadzor has compiled requirements for an access system for anonymizers and VPN services to registers of prohibited sites. According to the document presented on the http://regulation.gov.ru portal, it is planned to create a federal state information system of information resources (FSIS), information and telecommunication networks, access to which is limited. The corresponding draft requirements for organizing the work of such a system were developed by Roskomnadzor.

The creation of the FSIS is provided for by the Federal Law of July 29, 2017 No. 276, which prohibits anonymizers and VPN services from providing access to web resources included in the list of prohibited sites of Roskomnadzor. If the services do not fulfill this requirement, then they will be blocked on the territory of the Russian Federation.

In addition, Roskomnadzor will control the creation and operation of the system. The order noted that the department "must ensure its uninterrupted operation and availability in a continuous mode, around the clock." The explanatory note to the document also states: "The draft order provides, among other things, the need for interaction between the FSIS and other information systems, readiness to increase the amount of data processed, ease of access to the information contained in the FSIS, the presence of an intuitive interface, providing round-the-clock daily access."

The law banning programs to bypass blocks to access prohibited sites, signed by the president on July 29, will take effect on November 1, 2017. According to him, Roskomnadzor will also track and close access to web resources that contain information on how to bypass locks.

Putin banned anonymizers and VPN services

President Vladimir Putin signed a law amending the Federal Law "On Information, Information Technologies and Information Protection." The document was published by[25]"on the legal information portal.

The amendments prohibit access to technologies for bypassing site blocking (anonymizers) and VPN services that help bypass sites blocked in Russia. From now on, Roskomnadzor will be able to block sites where information about blocking bypass is posted. The law instructs search engines operators to block links to information resources included in the list of departments[26].

The State Duma banned anonymizers in Russia

On July 21, the State Duma adopted in the third reading a bill banning the use of services in Russia designed to gain access to blocked sites.[27] function of monitoring compliance with the law is assigned to Roskomnadzor, which will maintain a black list of prohibited resources. The Ministry of Internal Affairs and the Federal Security Service of Russia received the authority to identify such services.

The search engines operators from showing links to blocked resources on the territory of the Russian Federation. A similar ban is provided for owners of anonymizers and VPN services.[28] Sites reporting on ways to bypass locks will, in turn, be blocked by Roskomnadzor. In addition, on the basis of appeals from the Ministry of Internal Affairs and the FSB, the department will determine the provider allowing the use of the anonymizer and request data from him to identify the owner of the service. The provider will be given three days to provide the necessary information.

As specified, the requirements of the law do not apply to operators of state InformSystems, government agencies and local governments, as well as to those cases of using anonymizers, when the circle of their users is determined in advance by the owners and their use takes place for "technological purposes to ensure the activities of the person carrying out the use."

If the bill is approved by the Federation Council of the Federal Assembly of the Russian Federation and signed by the President of Russia, most of the provisions of the document will enter into force on November 1, 2017.

The Ministry of Internal Affairs and the FSB of Russia may be engaged in identifying ways to bypass blocking on the Internet

The Ministry of Internal Affairs and the Federal Security Service of the Russian Federation can obtain authority to identify ways to bypass blocking on the Internet, RNS reports with reference to the list of amendments to the bill on anonymizers.

According to the document, departments will have to carry out "operational-search activities or security in of the Russian Federation order to obtain information about hardware and software access to information resources, access to which is limited." Control the implementation of the bill, as planned, will be. Roskomnadzor Based on appeals MINISTRY OF INTERNAL AFFAIRS and the FSB, the supervisory service will identify providers hosting and other persons who place means of bypassing blocking on the Internet. FSB[29]

If adopted, the law will enter into force on November 1, 2017. On the same day, the procedure for identifying anonymizers and the requirements for methods of restricting access to them will begin to operate.

As specified, the bill does not affect operators of state InformSystems, government agencies and local governments, and also does not apply to non-public means of bypassing locks if they are used "for technological purposes to ensure the activities" of the organization, and the circle of their users is determined in advance.

FTS will be able to block anonymizers

The Ministry of Justice of Russia registered in July 2017 a joint order of Roskomnadzor, the Ministry of Internal Affairs, the Federal Tax Service and Rospotrebnadzor, which approves the criteria for assessing information for its inclusion in the banned list. According to Izvestia, one of the points of the document also implies the right of the Federal Tax Service to block Internet casinos and means of bypassing blocking - such as[30] anonymizers[31].

In particular, one of the criteria for blocking will be "The presence on the site page on the Internet of information and (or) programs for electronic computers that allow access to the site on the Internet, pages of the site on the Internet on which prohibited information is posted."

As the publication emphasizes, it is precisely about blocking the FTS sites from casinos, but anonymizers are more widely used. In addition, the State Duma is currently considering a bill banning anonymizers, VPNs and similar services to bypass locks. So far, the document has passed only the first reading. In view of this, the new order is called illegal by lawyers-interlocutors of the publication - since it gives the right of the Federal Tax Service to block not only online casinos, but also the very opportunity to enter online casinos.

MPs banned anonymizers and search engines from giving access to banned sites

The State Duma approved at the end of June 2017 in the first reading a bill on regulating the activities of services designed to gain access to Internet sites bypassing official blocking, as well as on excluding links to blocked resources from issuing search engines. The authors of the bill were deputies Alexander Yushchenko (Communist Party faction), Nikolai Ryzhak (Fair Russia) and Maxim Kudryavtsev (United Russia)[32].

The document is an amendment to the law "On Information, IT and Information Protection." The bill introduces obligations for "owners of information and telecommunication networks, information networks and programs for computers, as well as owners of information resources, including sites on the Internet, designed to gain access from the territory of Russia" to networks and programs.

Services that provide indirect access to Internet resources should fall under this definition: anonymizers, proxy servers, VPN, tunnels, browsers with a bypass access function (Tor, Opera, Yandex.brauser), etc. Such services were originally intended to access the Internet with the hiding of their IP address, but after the introduction of banned sites in Russia in 2012, the Register of Banned Sites gained mass popularity to bypass such restrictions.

What will happen when Roskomnadzor finds an anonymizer

The bill assumes that Roskomnadzor, the agency that maintains the Register of Prohibited Sites, will monitor this kind of services and include them in a separate register. The owners of the corresponding resources will be given access to the Register of Prohibited Sites, and they will have to block access to such sites for Russian users.

When Roskomnadzor discovers an anonymizer or other such resource, it will send a request to its hosting provider to obtain the contact details of its owner. The hosting provider will have to respond with information within three days. Further, Roskomnadzor will send a request to the owner of this resource to include it in the aforementioned register. If the owner does not respond to Roskomnadzor within 30 days and does not take measures to block the access of Russian users to prohibited sites, the department will block access to it from the territory of Russia.

New responsibilities for search engines

In addition, the bill introduces the obligation of search engines owners to exclude links to resources included in the Register of Prohibited Sites from issuing. Search engine owners will also be given access to the Registry of Prohibited Sites.

At the same time, fines for violators are introduced into the Code of Administrative Offenses. For search engines owners for not gaining access to the Register of Prohibited Sites and for not filtering links to prohibited resources, fines will be p5 thousand for individuals, p50 thousand for officials and from p500 thousand to p700 thousand for legal entities. For owners of anonymizers and other similar services, fines for failure to provide Roskomnadzor with information about themselves will range from p10 thousand to p30 thousand for individuals and from p50 thousand to p300 thousand for legal entities.

CSIRO: VPNs are not always as private as it is believed

The Australian organization CSIRO (Commonwealth Scientific and Industrial Research Organization) warned users of virtual private networks (VPNs) that their security often does not match the name of this technology.

CSIRO tested 283 Android apps that use the VPN credentials of this OS, examining a wide range of their security and privacy features, and published the report "An Analysis of the Privacy and Security Risks of Android VPN Permission-enabled Apps"[33] the[34][35].

Researchers at this organization found that 18% of apps viewed in reality do not encrypt user traffic, 38% inject malware or intrusive ads directly onto a user device, and more than 80% request access to classified data such as user account data and text messages.

16% of analyzed VPN applications use opaque proxies that modify user HTTP traffic by inserting and deleting headers or using methods such as image transcoding.

In addition, it was found that two VPN applications actively inject JavaScript code into user traffic to distribute ads and track user actions, and one of them redirects traffic related to Internet trading to external advertising partners.

"The main reason for the installation by tens of millions of users of these applications is to protect their data, but these applications do not perform this function," the report says.

Although most of the apps investigated offer a "certain form" of online anonymity, CSIRO reports that some app developers deliberately aim to collect personal user information that could be sold to external partners. However, only less than 1% of users show some concern about the relative security and privacy of using these applications.

18% of investigated VPN applications use tunneling technologies without enciphering and 84 and 66% of applications leak - and IPv6- DNS traffic, respectively. As a result, the report says, these applications do not protect user traffic from agents installed along the path of its movement that monitor or spy on users online.

If you look at the official descriptions of applications on Google Play, then for 94% of applications with IPv6- and DNS data leaks, it is said that they protect personal information.

Before publishing its report, CSIRO contacted developers whose applications found security defects, and as a result, some of them took measures to fix vulnerabilities, and some applications were removed from Google Play.

"Despite the fact that Android VPN applications are installed by millions of mobile users around the world, their operational transparency and possible impact on user privacy and security remain a terra incognita even for technically advanced users," the report concludes.
  1. my VPN work? Tips for testing VPN leaks
  2. From the presentation "Anonymizers and VPN service providers: a threat to state security or an effective way to protect user data? E.E. Yushkova, Project Manager, State Corporation, Bank for Development and Foreign Economic Activity (Vnesheconombank), S.A. AKAEVA, Project Manager, State Corporation "Bank for Development and Foreign Economic Activity (Vnesheconombank)," CNews FORUM 2017
  3. The scale of global surveillance. What is SORM: types and possibilities. How to protect yourself? Part 1
  4. What is the difference between a VPN and a proxy?.
  5. The Ministry of Digital Development explained which VPN services will be blocked
  6. Companies that have experienced difficulties with VPNs
  7. India Orders VPN Companies to Collect and Hand Over User Data
  8. The electronic trail was brought to the network. Data of anonymous users of VPN services ended up on the Internet
  9. The hosting provider of VPN services agreed to block access to pirated sites.
  10. Traffic tanks are afraid. After blocking VPN services, users of game resources had problems
  11. Russia has proposed a way to counter the use of VPN services by terrorists
  12. The VPN service twice blocked in Russia won
  13. [http://www.cnews.ru/news/top/2019-06-02_roskomnadzor_proigralego_zastavili_razblokirovat , but Roskomnadzor
  14. forced to unblock the world famous VPN service.]
  15. Shining a Light on the Risks of HolaVPN and Luminati
  16. [https://www.securitylab.ru/news/497081.php Researchers have warned of the dangers
  17. of
  18. using Hola VPN]
  19. has banned individuals from writing VPN applications for iPhone and iPad.
  20. From now on, hosters are obliged to report to the authorities about the owners of proxies and VPNs
  21. TL: DR: VPN leaks users "IPs via WebRTC. I've tested seventy VPN providers and 16 of them leaks users "IPs via WebRTC (23
  22. , 23% of VPN services reveal real IP addresses of users
  23. , seven VPN services have already declared their unwillingness to cooperate with the Russian authorities
  24. Roskomnadzor
  25. Federal Law of 29.07.2017 No. 276-FZ "On Amendments to the Federal Law" On Information, Information Technologies and Information Protection
  26. Putin banned anonymizers and VPN services
  27. The State Duma banned anonymizers The
  28. The State Duma has banned anonymizers in Russia
  29. and Ministry of Internal Affairs can involve in identifying ways to bypass blocking on the Web
  30. [http://iz.ru/613137/vladimir-zykov/fns-poluchil-vozmozhnost-blokirovat-anonimaizery the Federal Tax Service
  31. received the right to block anonymizers]
  32. The deputies banned anonymizers and search engines from giving access to prohibited sites
  33. [https://research.csiro.au/ng/wp-content/uploads/sites/106/2016/08/paper-1.pdf An Analysis of
  34. Privacy and Security Risks of Android VPN Permission-enabled Apps]
  35. CSIRO: VPNs are not always considered privatized as they are