Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Encryption Government Businesses Communications Network Networking Privacy Security Software The Internet Wireless Networking Your Rights Online

VPN Provider Removes Russian Presence After Servers Seized (thestack.com) 89

An anonymous reader quotes a report from The Stack: VPN provider Private Internet Access has pulled out of Russia in the wake of new internet surveillance legislation in the country. The company claims that some of its Russian servers were seized by the government as punishment for not complying with the rules, which ask providers to log and hold all Russian internet traffic and session data for up to a year. Upon learning of the federal action, the company immediately removed its Russian availability and announced that it would no longer be operating in the region. "We believe that due to the enforcement regime surrounding this new law, some of our Russian Servers (RU) were recently seized by Russian Authorities, without notice or any type of due process," wrote Private Internet Access in a blog post. The company advises users to update their desktop clients. They also noted that its manual configurations now support the "strongest new encryption algorithms including AES-256, SHA-256, and RSA-4096." Putin has given Federal Security Agents two weeks to produce "encryption keys" for the internet.
This discussion has been archived. No new comments can be posted.

VPN Provider Removes Russian Presence After Servers Seized

Comments Filter:
  • Why would you need to ever VPN into a server in Russia anyhow?
    • by Archfeld ( 6757 )

      Your employer requires it. Some semi responsible employers require a gesture towards security even if they won't spend any real money on it.

    • by Anonymous Coward

      VPNs are useful things. Perhaps you are a multinational company and want to coordinate with other parts of your company. There is almost certainly some kind of VPN protecting that traffic.

      Also, perhaps you are in a country where all internet access is monitored for anti government behavior, well a VPN to a country that doesn't have that is a very useful thing. Hell, you could use a VPN just to access your home network and control that web based camera that you just don't want to put directly on the inter

    • Re:Why? (Score:5, Informative)

      by Voyager529 ( 1363959 ) <voyager529@yahoo. c o m> on Tuesday July 12, 2016 @09:05PM (#52501705)

      Because Archfield and the Anonymous Coward missed the point, I submit the following rephrasing...

      Why would a person/company who is using a commercial VPN service actually want their internet traffic to originate from Russia?

      An employer requiring a VPN to the home office? Makes perfect sense, and happens every day. An employer requiring their remote-working employees who are probably working from home (e.g. likely within 50 miles and 10 hops of that office) to connect via Sonicwall NetXtender or Cisco VPN to their front-facing router? Absolutely. However, what possible security could be accomplished by having remote employees use a commercial VPN service to encapsulate traffic making a 50(ish) mile trip or less by making it traverse through Russia before getting to the home office?

      A multinational company having a site-to-site VPN also makes plenty of sense. Even if it's to their office in Russia, it still makes sense, but it's not what Hagbard was referring to, because in that context its from their company, to their company. The question implicitly doesn't apply. If you're in China or Iran and VPNing due to government oppression, doesn't it make a lot more sense to send your traffic through the US or UK or Japan or some other country with less draconian oversight of internet traffic? Actually, that proves the point of the article - the company pulled out of Russia because Russia was implementing that very level of oppression for which a VPN would be needed. Finally, latency alone would be reason enough not to VPN through Russia for remote viewing of a security camera.

      Nobody is asking whether VPNs are useful. The question being asked is whether there's any utility for the endpoint to be in a country that is beginning to require a year's retention on connectivity logs.

      • by Anonymous Coward

        Nobody is asking whether VPNs are useful. The question being asked is whether there's any utility for the endpoint to be in a country that is beginning to require a year's retention on connectivity logs.

        If the logs just contained the endpoint and traffic past that point, then it wouldn't hurt much, but obviously if they undo the point of the VPN they are less useful. Still, just for fun here is a few valid uses, if obscure ones. (Certainly your correct that ideally you want to avoid Russian VPNs in most cases.)

        1) If all countries required logs, then someone having a valid need for privacy, or simply wanting it, could, in theory hop through several VPNs, thus requiring a lot more work to get at the real s

      • by Archfeld ( 6757 )

        I see your point now, and I have to agree. Point to point VPN for work is a requirement but if I was looking for an environment to VPN my private traffic, Russia would not be my choice either.
        Not to be pedantic my nick is archFELD no field involved. Thanks for the correction/information in any case.

      • Re:Why? (Score:5, Informative)

        by bloodhawk ( 813939 ) on Tuesday July 12, 2016 @10:25PM (#52501977)
        Russia is one of the countries I regularly choose to send my traffic through. Good internet infrastructure and bandwidth with fast connectivity to much of europe. Absolutely ZERO legal agreements between countries like US, UK etc so far less chance of them sharing your browsing habids with others and those that they would share it with would not give a shit about me.
        • Re:Why? (Score:4, Informative)

          by ruir ( 2709173 ) on Wednesday July 13, 2016 @02:44AM (#52502565)
          In that point I agree with bloodhawk. Russia and even China products have the inherent advantage of not collaborating with our governments.
          • exactly, the enemy of my enemy is my friend. In this case the enemy is the intrusive privacy invasion our governments wish to impose on us. I have nothing interesting for them to monitor, I am not a criminal, not a terrorist, I don't browse kiddie porn and I really am not concerned with pirating shit. But I completely and totally object to them monitoring me to verify this, if they want to do that then get a court order with a valid reason and I will happy give them access to verify they are wrong, until th
        • Russia is one of the countries I regularly choose to send my traffic through. Good internet infrastructure and bandwidth with fast connectivity to much of europe. Absolutely ZERO legal agreements between countries like US, UK etc so far less chance of them sharing your browsing habids with others and those that they would share it with would not give a shit about me.

          This. A person I know has sometimes used his Bit Torrent client through a VPN going through Russia for the same reasons.

        • by AmiMoJo ( 196126 )

          Also, Russia has cheaper games, but they can only be activated from IP addresses in Russia. Some people use a VPN to bypass region lock-outs on cheaper products.

      • There are lots of people who think The Man is out to get them. Sometimes they are right - political activists and outright criminals. Sometimes they are just paranoids who think Obama is plotting to take their guns so the UN can invade and force their children to be gay. Either way, they don't really care where their traffic seems to come from, so long as it can't be traced back to them.

    • Re: (Score:2, Interesting)

      by Anonymous Coward
      I find it a great jump point for many other regions of Europe, my own country (Australia) has insane intrusive internet monitoring laws and I would much prefer a country like Russia sees what I am accessing as they are far less likely to do something about it whereas western world is very much all joined human centipede style.
    • Because it's cheaper to buy a game on Steam if Steam thinks you're in Russia (really).
    • Comment removed based on user account deletion
  • the real story here is putin's absurd demand or all of the internet's encryption keys.

    That is absurd to twilightzone levels.

    Oh darn Putin, I guess you will mad that I didnt give you my exclusive access (only given in person to close friends) 4096bit public key. I mean, it is clearly evil of me to deny plotsylvania access to my correspondence concerning internet cat pics and jokes. A real loss to your nation's intelligence agency, i am sure.

    no, I wont give you a copy. Not even if you ask nicely.

    • Re: (Score:3, Interesting)

      by bloodhawk ( 813939 )
      you mean the same demands that US/UK/AU governments etc are making? They aren't the first to push for this, nor will they be the last.
      • dandy donald wont get his fat fingers on my key either. even if he asks really nice.

      • by Dog-Cow ( 21281 )

        Really? Show me one article about, or even better yet -- an official letter sent to a company executive, from the US government asking for encryption keys that will allow decryption of any data the company handles.

        I won't hold my breath while I wait, but I certainly hope you do while you're looking.

    • by rtb61 ( 674572 )

      Reality is they had no choice but to pull out. Basically what will happen is selected foreign companies, suspect companies (suspected of passing info to the North American Territorial Occupation farce) will be targeted for the most onerous requirements and they will be forced to operate at a loss or shut down and pull out from Russia (also not to forget, foreign companies competing against insider Russian companies). So the laws are purposefully tough and have been purposefully written so as to be legally

    • God. Just hand him some random key string, and when he complains that it doesn't work say "you're doing it wrong."

  • IOT now stands for Internet Of Thugs.
  • Vlad, the Internet Impaler [slashdot.org] - this was my original comment on the Putin Gives Federal Security Agents Two Weeks To Produce 'Encryption Keys' For The Internet [slashdot.org] story. I got 'flamebait' moderation on that one :)

    I want to see how deep does the rabbit hole go...

    Putin and his very small hands... He wants 'the Internet encryption keys' in his small hands.

    OK, so that is funny. But consider that in the last year Putin increased the police force by a large number in Russia and he signed a law that would require the country to build him his own 'national guard', everybody sees it the same way: he is scared of a coup and he wants his own army around him at all times. Him and his small hands, he is scared to be overthrown and as a KGB operative he knows that he can be overthrown and he decides he needs a couple hundred thousand body guards.

    This move against encryption of all sorts is based on the same fear. He is scared of everything, scared he will not find out about a gathering of people somewhere and won't jail them in time before they make it to any news that still exists (and journalism is the most dangerous activity in that country, journalists murdered and beaten by the government). He is afraid to end up in the same way Quadaffi and Hussein ended up in. He should be scared, people are very tired of him. The majority of people in Russia wouldn't move a finger to get ridbof him, but it doesn't take a majority, only a few determined people and that is what he is afraid of most.

    Needless to say there are other business interests that are government owned and that would love to have access to all communications that would prevent any competition against them.

    Also FSB has their google like search servers installed at every ISP and every communications company in Russia, searching for stuff and recording what matches specific parameters, but the new law also imposes an obligation to all communications companoes to record all traffic and all communications for a minimum of 6 months.

    The companies are saying this will cost them billions and will cause rate hikes, the government officials are replying that is nonsense, it will cost nothing and any rate hike because of it would be a money grab. Right, because it costs nothing to record 6 months of internet traffic.

    As to this requirement to the FSB to get all of the encryption keys, I wonder who Putin wants to fire 2 weeks from now, because it sounds like an old Russian fairy tale of a tsar telling his servant to go some place that cannot ne found and to get him something that does not exist and if he fails to deliver his head is coming off...

  • Certificates (Score:4, Interesting)

    by Chewbacon ( 797801 ) on Wednesday July 13, 2016 @12:57AM (#52502381)

    They also yanked all certificates (or will soon). Customers will have to download the new ones if they use OpenVPN or something of the like.

  • What does Edward Snowden have to say about this?

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...