VPN and privacy on terb

[fuji]

Intent of this thread is to start a discussion on best practices for connecting to terb. Feel free to add, correct, update or disagree with what I present below which is based on a few hours of research.

First the "problem": like any forum or really any website at all, terb logs your IP. Your IP in turn can be traced back to your ISP or mobile phone company. In turn, your ISP and mobile phone company keep track of which customer was using whick IP. They typically keep this data for between six months and two years.

Given all this, your identify could be learned either by the police with a warrant, or somebody with a court order, or possibly by a hacker. In fact IP information is perhaps more likely to be publicized by hackers than by police.

So is this a problem? It depends. Currently for most people it is probably NOT a problem, but it could be. More aggressive law enforcement than we have yet seen in Canada could result in charges being laid based on information collected from terb. This has happened in the US. It has not (yet) happened in Canada. It might also be embarrassing if outside of law enforcement your identity were published by a vigilante hacker such as what happened to Ashley Madison customers.

So supposing you would like to protect yourself from this by preserving your anonymity even from somebody who had access to the IP logs on terb?

The obvious answer is to use a VPN, the same technology people use to access Netflix for other countries or to conceal their identity from DMCA requests while torrentiing.

It's relatively easy: install a VPN app on your phone or computer and make sure it's connected whenever you surf things you would like to make private.

I'd like to use this thread to discuss which VPN services are most fit for this purpose.

One consideration is what country you connect through and what country your VPN company is based on. This will in part determine whether the VPN company itself has logs with your IP and whether it would be easy for a court order to obtain them.

Some countries like Canada have laws requiring even VPN services to keep logs for six months or more. The US has the ability to order the secret release of your information from a US based VPN.

Countries that have good laws seem to include the Netherlands, Iceland, Norway and Romania. EU passed a law requiring the retention of logs but those countries are not currently enforcing it or are outside the EU. Switzerland has a law requiring log collection but makes it difficult to get the logs.

Overall it seems the two best choices are either too use a US VPN that does not collect logs, and assume you won't be subject to a secret warrant requiring them, or use a VPN in the Netherlands. Most VPN services support these options.

Another option is to use TOR which is more secure but much slower.

US based VPN a include PIA and Express. An EU (technically Panama based) VPN is NordVPN. There are many others.

Thoughts?

 

[PetiteFiend]

Said this in the other thread too, there is no one out here targeting hobbyists, it's very common and hackers don't really care. Now if you are someone with a public figure or anyone with a potential target on their back, then using terb can be a risk.

If you truly want to stay anonymous... buy a used laptop for cash... install Tails live cd (linux OS.. windows/apple tracks everything)... learn how to change your mac id address when you need to... use TOR... use public wifi or your "own network" (never connect through wifi at home)... if you need to make transactions, use a tor-based or equivalent bit coin wallet which does not take any of your bank account info or address or any identification (only PO box). good basics to start off

 

[james t kirk]

You raise a good point actually.

I don't know why TERB would want to store IP addresses however. If they do, it should be for only a very short time. Like 24 hours.

It's becoming more and more obvious that there are more and more security threats out there on line.

A VPN might be a good idea.

In the past, I used "hide me" VPN which seemed to be out of Germany. However, I did not renew it. It was quite good. Maybe now is the time.

 

[PetiteFiend]

You raise a good point actually.

I don't know why TERB would want to store IP addresses however. If they do, it should be for only a very short time. Like 24 hours.

It's becoming more and more obvious that there are more and more security threats out there on line.

A VPN might be a good idea.

In the past, I used "hide me" VPN which seemed to be out of Germany. However, I did not renew it. It was quite good. Maybe now is the time.

Really depends on how much you trust the VPN provider, it has it's own disadvantages. Using VPN on web has it's drawbacks, looking Same Origin Policy and you will see, most VPNs can be IP spoofed.

 

[onthebottom]

I can understand your concern on being embarrassed given your post history.

 

[Promo]

I've tried a few over the years and am currently using Private Internet Access https://www.privateinternetaccess.com/ Reasons:
- They allow payment via gift cards so I can avoid using my credit card. You only get $.25 -$.40 on the dollar, but the service is cheap so it doesn't matter
- Throughput is great and latency (ping) is low. Low packet loss and no throttling that I have been able to notice.
- They claim they don't keep logs
- Includes DNS leak protection
- 3200+ servers in 25 countries that you can select from
- Regularly change their exit point IP address ranges (helps prevent blacklisting)
- Allow 5 simultaneous connections from one account
- A disadvantage is that they are US based.

I also use a MAC address spoofing utility. The one I used is based on Technitium, but it's been modified to randomize the MAC address every time I turn it on. You can even select a MAC from a hardware vendor different than your PC. Sometimes it fails, but a PC reboot will fix it.

I also use a proxy server at a NY state university that I took a few courses at. A proxy doesn't encrypt your address, nor does it protect you from law enforcement and they tend to be slow, but it does get me around geo-blocking. I only use it when PIA is blacklisted. Open proxy servers are dangerous (that's why I only use the one) as a hacker could set one up and monitor all your traffic going through it.

Through experimentation, I've discovered a few public wireless accesses in my area that allow unrestricted Internet access. I'm not talking sh*ty Tim Hortons or McDonalds service. One is a big bank that doesn't do any content filtering and I can get sustained downloads in excess of 2MB/sec. You need to park close to the building, but every branch of the bank in my area has this open service (don't know why, they are idiots IMHO). Other banks have restrictions (like TD branches) use content filtering (block certain sites, block torrents) so I use PIA in combination with their wireless, but with TD I seem to get kicked off every 15-20 minutes. A local restaurant provides a password protected wifi service, I ate there and got the password. When they change it every month or two, I go back in for dinner. Sustained throughputs of 4-5 Mbps is possible, but it's a busy parking lot so it's hard to get close to the building to get decent signal strength in order to get high throughputs.
^-- my point is, it's fairly easy to find public wifi (even using a password) if you have a need. Just use common sense and constantly change the location you are using. Don't take advantage and/or do something stupid or the site will be shutdown eventually.

 

[Promo]

I can understand your concern on being embarrassed given your post history.

Pot calling the kettle black. You've become quite the troll these days.

 

[fuji]

You raise a good point actually.

I don't know why TERB would want to store IP addresses however. If they do, it should be for only a very short time. Like 24 hours.

It's becoming more and more obvious that there are more and more security threats out there on line.

A VPN might be a good idea.

In the past, I used "hide me" VPN which seemed to be out of Germany. However, I did not renew it. It was quite good. Maybe now is the time.

Terb may not "want" to, but terb runs vbulletin software which provides IP address information to moderator​ as a built in feature and it would presumably be a bunch of work for terb to try and turn that feature off.

In addition, terb's webserver will have standard log files which will record IP addresses. Again, it would be a bunch of extra work for terb to disable these logs so they probably don't.

On top of all that, terb sits behind CloudFlare, which again will have its own logs, and as a US based company would certainly provide them on demand given a US court order, even if terb admins went to all the trouble of deleting logs produced by vbulletin and their web server.

The net of that is that you must assume your​ IP has been logged and is accessible both to law enforcement and hackers.

 

[fuji]

I've tried a few over the years and am currently using Private Internet Access https://www.privateinternetaccess.com/ Reasons:
- They allow payment via gift cards so I can avoid using my credit card. You only get $.25 -$.40 on the dollar, but the service is cheap so it doesn't matter
- Throughput is great and latency (ping) is low. Low packet loss and no throttling that I have been able to notice.
- They claim they don't keep logs
- Includes DNS leak protection
- 3200+ servers in 25 countries that you can select from
- Regularly change their exit point IP address ranges (helps prevent blacklisting)
- Allow 5 simultaneous connections from one account
- A disadvantage is that they are US based.

US based being a disadvantage is debatable.

The US doesn't have mandatory data retention laws which means PIA and others can keep no log history. Then when served with a court order to turn them over, they have nothing. Canada has a law requiring six months of subscriber identification logs be kept and while I don't think VPN providers are doing that, by law they may have to. Including PIA for its Canadian based servers. So accessing their US servers from Canada seems beneficial.

And the US has strong laws protecting you from warrantless searches particularly for anyone in the US.

The downside is they are subject to US wiretap warrants which would require them to begin logging your traffic without notice. While no logs are ordinarily retained, under a wiretap warrant, they would be. That warrant could conceivably be based on either subscriber or destination.

However as you point out, they are fast.

An alternative is to use something like NordVPN and a non US server in a country such as Netherlands, Norway, or Romania which also have no data retention law and which have strong privacy laws. You could in theory be subject to a wiretap warrant there too but the Netherlands in particular wouldn't view sites like terb as negatively as the US or Canada does do to their much more open laws.

Hence in currently terminating my VPN connection in the Netherlands. You can do that with PIA too but it's unclear how a US warrant would apply to a server in Norway.

 

[oakvilleguy]

I've tried a few over the years and am currently using Private Internet Access https://www.privateinternetaccess.com/ Reasons:
- They allow payment via gift cards so I can avoid using my credit card. You only get $.25 -$.40 on the dollar, but the service is cheap so it doesn't matter
- Throughput is great and latency (ping) is low. Low packet loss and no throttling that I have been able to notice.
- They claim they don't keep logs
- Includes DNS leak protection
- 3200+ servers in 25 countries that you can select from
- Regularly change their exit point IP address ranges (helps prevent blacklisting)
- Allow 5 simultaneous connections from one account
- A disadvantage is that they are US based.

I also use a MAC address spoofing utility. The one I used is based on Technitium, but it's been modified to randomize the MAC address every time I turn it on. You can even select a MAC from a hardware vendor different than your PC. Sometimes it fails, but a PC reboot will fix it.

I also use a proxy server at a NY state university that I took a few courses at. A proxy doesn't encrypt your address, nor does it protect you from law enforcement and they tend to be slow, but it does get me around geo-blocking. I only use it when PIA is blacklisted. Open proxy servers are dangerous (that's why I only use the one) as a hacker could set one up and monitor all your traffic going through it.

Through experimentation, I've discovered a few public wireless accesses in my area that allow unrestricted Internet access. I'm not talking sh*ty Tim Hortons or McDonalds service. One is a big bank that doesn't do any content filtering and I can get sustained downloads in excess of 2MB/sec. You need to park close to the building, but every branch of the bank in my area has this open service (don't know why, they are idiots IMHO). Other banks have restrictions (like TD branches) use content filtering (block certain sites, block torrents) so I use PIA in combination with their wireless, but with TD I seem to get kicked off every 15-20 minutes. A local restaurant provides a password protected wifi service, I ate there and got the password. When they change it every month or two, I go back in for dinner. Sustained throughputs of 4-5 Mbps is possible, but it's a busy parking lot so it's hard to get close to the building to get decent signal strength in order to get high throughputs.
^-- my point is, it's fairly easy to find public wifi (even using a password) if you have a need. Just use common sense and constantly change the location you are using. Don't take advantage and/or do something stupid or the site will be shutdown eventually.

Have you had any experience with PIA or any other VPN being filtered on a publicly available wifi? I can't seem to use PIA at my local community center and I'm not trying to access TERB or Backpage, but rather check my bank account balances.

I've also had my account banned on another review site because they thought I had multiple accounts. I wonder if it's because they saw me log in from an IP address (assigned by the VPN) that someone else is also using behind their VPN?

 

[Promo]

Have you had any experience with PIA or any other VPN being filtered on a publicly available wifi? I can't seem to use PIA at my local community center and I'm not trying to access TERB or Backpage, but rather check my bank account balances.

Yes, but. ....... I know that many companies, banks and municipal governments use "content filtering" based on blacklists on their firewalls which can be used to block destination sites (i.e. porn sites, racist sites, gun sites) as well as blocking protocols (i.e. torrents, FTP file transfers, Tor). Bluecoat.com (and others) sell boxes that can even block porn pictures (it has algorithms that seek out nefarious graphic content), keywords, etc.. There are services that sell this information and keep it constantly up to date for use on firewalls.

But yes, your community center (CC) also has the ability to block your VPN indirectly using the port/protocol number. Normally when you browse a website you are using it's destination IP address, a port number AND protocol number 80 (HTTP), 8080 (HTTP) or 443 (HTTPS) (there are others). When using a VPN like PIA you have a IPSEC (or PPTP or L2TP) outside VPN tunnel with your actual activity encrypted inside the IPSEC tunnel. The IPSEC tunnel which terminates on the PIA server uses IP protocol number 50 and 51 and UDP port 500 as well as ISAKMP port 500. Therefore It's possible your CC is blocking the ports or protocols associated with VPNs, or it's blacklisting based on the VPN destination server IP address.

Another way they accomplish blocking is your DNS lookups. PIA uses DNS leak protection to help prevent this.

I've also had my account banned on another review site because they thought I had multiple accounts. I wonder if it's because they saw me log in from an IP address (assigned by the VPN) that someone else is also using behind their VPN?

Yes, I've had this happen with several VPN providers as well as PIA. Geosites actively blacklist VPN providers and also sites that only allow one account and track by IP address can also block. Changing the VPN server you are using will sometimes get around the Geo problem, but not the blocked account problem.

PIA claims they rotate their IPs on a regular basis, It's hard to check, as they have multiple debarkation points in most countries. PIA doesn't appear to use NAT, but assigns a separate outgoing IP per VPN. That means if they have 500 people using the London demarcation box, they have at least 500 IPs in that box's pool. They claim they are rotating IPs, but I don't quite get how; do they call their carrier/ISP provided and ask for a new block of IP addresses every month? That's actually a big deal (the world is running out of v4 IP addresses, so maybe they are getting v6?) and allot of work when you consider they have to do this to 3200 servers. Do they have 2K address available per box and every 30 days rotate to the next 500 addresses and hope all the blacklistings time-out? <-- what I'm suggesting is that they rotate allot less often, maybe only when the blacklisting catches up with them. I have done research on the Internet on this issue and most people are just guessing at the answers and the VPN providers are for obvious reasons tight lipped.

 

[oakvilleguy]

Yes, but. ....... I know that many companies, banks and municipal governments use "content filtering" based on blacklists on their firewalls which can be used to block destination sites (i.e. porn sites, racist sites, gun sites) as well as blocking protocols (i.e. torrents, FTP file transfers, Tor). Bluecoat.com (and others) sell boxes that can even block porn pictures (it has algorithms that seek out nefarious graphic content), keywords, etc.. There are services that sell this information and keep it constantly up to date for use on firewalls.

But yes, your community center (CC) also has the ability to block your VPN indirectly using the port/protocol number. Normally when you browse a website you are using it's destination IP address, a port number AND protocol number 80 (HTTP), 8080 (HTTP) or 443 (HTTPS) (there are others). When using a VPN like PIA you have a IPSEC (or PPTP or L2TP) outside VPN tunnel with your actual activity encrypted inside the IPSEC tunnel. The IPSEC tunnel which terminates on the PIA server uses IP protocol number 50 and 51 and UDP port 500 as well as ISAKMP port 500. Therefore It's possible your CC is blocking the ports or protocols associated with VPNs, or it's blacklisting based on the VPN destination server IP address.

Another way they accomplish blocking is your DNS lookups. PIA uses DNS leak protection to help prevent this.


Yes, I've had this happen with several VPN providers as well as PIA. Geosites actively blacklist VPN providers and also sites that only allow one account and track by IP address can also block. Changing the VPN server you are using will sometimes get around the Geo problem, but not the blocked account problem.

PIA claims they rotate their IPs on a regular basis, It's hard to check, as they have multiple debarkation points in most countries. PIA doesn't appear to use NAT, but assigns a separate outgoing IP per VPN. That means if they have 500 people using the London demarcation box, they have at least 500 IPs in that box's pool. They claim they are rotating IPs, but I don't quite get how; do they call their carrier/ISP provided and ask for a new block of IP addresses every month? That's actually a big deal (the world is running out of v4 IP addresses, so maybe they are getting v6?) and allot of work when you consider they have to do this to 3200 servers. Do they have 2K address available per box and every 30 days rotate to the next 500 addresses and hope all the blacklistings time-out? <-- what I'm suggesting is that they rotate allot less often, maybe only when the blacklisting catches up with them. I have done research on the Internet on this issue and most people are just guessing at the answers and the VPN providers are for obvious reasons tight lipped.

Wow, you seem to know a lot about this stuff. Thanks for the detailed explanation.

 

[ravencroft]

I use US-based pay VPN service Torguard for my online media internet usage. I can log into servers fromo 20+ countries but typically stick to a few reliable EU ones that have steady connection speeds and never seem to DNS leak/break down. They don't log IP information (or at least claim not to), and I've been using them for ~2 years now without issue. Cost is $60 USD a year, but worth it not to get copyright notices and such anymore.
https://torguard.net/

While I could log into one of those each time before I use TERB, they still have one of my secondary email accounts and to be honest, I can't be bothered with such clandestine measures: I'm not a public figure and am but a grain of sand in a vast universe... no one is interested in me.

Even if an Ashley Madison attack-hack occurred, I have no qualms over my posts becoming public as I don't say anything I don't also uphold in real life. Worst comes to worst it costs me a relationship and I'd move on to the next one (or maybe not bother since I'm getting old and am fine living solo and dallying with whatever random beauty catches my fancy).

 

[explorerzip]

Terb may not "want" to, but terb runs vbulletin software which provides IP address information to moderator​ as a built in feature and it would presumably be a bunch of work for terb to try and turn that feature off.

In addition, terb's webserver will have standard log files which will record IP addresses. Again, it would be a bunch of extra work for terb to disable these logs so they probably don't.

On top of all that, terb sits behind CloudFlare, which again will have its own logs, and as a US based company would certainly provide them on demand given a US court order, even if terb admins went to all the trouble of deleting logs produced by vbulletin and their web server.

The net of that is that you must assume your​ IP has been logged and is accessible both to law enforcement and hackers.

It's not hard at all to enable or disable IP logging; usually a checkbox in most monitoring software out there.

 

[fuji]

It's not hard at all to enable or disable IP logging; usually a checkbox in most monitoring software out there.

In any case you have to assume that between vbulletin, terb's webserver, and cloudflare that your IP has been logged and is thus available.

Whether you need to protect yourself from this is an interesting debate. As of now in Canada probably not but in the US content on similar boards has been used to prosecute members. That's never happened in Canada, but if we continue to shift towards the US way of thinking it might in future. Remember it's going to take up to two years for your current IP data to be deleted by your ISP or mobile phone company.

On the flip side it's really easy to install a VPN. The technology was made ultra simple and accessible by the demand for streaming video from other countries. You literally just download an app and it's done either on your phone or your computer.

 

[malata]

I use US-based pay VPN service Torguard for my online media internet usage. I can log into servers fromo 20+ countries but typically stick to a few reliable EU ones that have steady connection speeds and never seem to DNS leak/break down. They don't log IP information (or at least claim not to), and I've been using them for ~2 years now without issue. Cost is $60 USD a year, but worth it not to get copyright notices and such anymore.
https://torguard.net/

While I could log into one of those each time before I use TERB, they still have one of my secondary email accounts and to be honest, I can't be bothered with such clandestine measures: I'm not a public figure and am but a grain of sand in a vast universe... no one is interested in me.

Even if an Ashley Madison attack-hack occurred, I have no qualms over my posts becoming public as I don't say anything I don't also uphold in real life. Worst comes to worst it costs me a relationship and I'd move on to the next one (or maybe not bother since I'm getting old and am fine living solo and dallying with whatever random beauty catches my fancy).

Great recommendation. Been looking into Torguard for VPN once, but got lost in the many choices available. I've heard many positive reviews about Torguard...now it's peaked my interest. Thanks

 

[fuji]

Great recommendation. Been looking into Torguard for VPN once, but got lost in the many choices available. I've heard many positive reviews about Torguard...now it's peaked my interest. Thanks

Tor is much more secure than a vanilla VPN but be aware it's also much slower.

Fastest is probably PIA pointed to a local server. It will anonymize the IP in the terb logs but be vulnerable to a wiretap within you own jurisdiction. But it'll be so fast you won't know it's there.

Next would be using a VPN that connects to a nearby US server. Almost as fast and complicated by one additional jurisdiction.

Connecting to a VPN in Norway, the Netherlands, or Romania has some legal advantages but will be measurably about half the speed of a local VPN. In practice I don't find it very noticible but measured with speedtest it's much slower.

Using tor is noticible. Web pages visibly take a long time to load especially if they have a lot of animations and images.

So you may want to consider how much inconvenience you are willing to pay for how much privacy.

 

[explorerzip]

In any case you have to assume that between vbulletin, terb's webserver, and cloudflare that your IP has been logged and is thus available.

Whether you need to protect yourself from this is an interesting debate. As of now in Canada probably not but in the US content on similar boards has been used to prosecute members. That's never happened in Canada, but if we continue to shift towards the US way of thinking it might in future. Remember it's going to take up to two years for your current IP data to be deleted by your ISP or mobile phone company.

On the flip side it's really easy to install a VPN. The technology was made ultra simple and accessible by the demand for streaming video from other countries. You literally just download an app and it's done either on your phone or your computer.

I believe logging is usually enabled by default too. The other big question is if it's worth the time of LE to go through such logs to find you just for being on this site.

 

[Promo]

I believe logging is usually enabled by default too.

Whether logging is on by default depends on the device type or application. The logging needs to go somewhere (it's almost never stored on the device), like a syslog server. And then you need to have sufficient storage on that server. If you have a busy site, you can be talking many TB or even PB a year and that requires a SAN/NAS. Thus many service providers skimp on implementation.

Both in Canada and the US there are laws as to how long and what types of data a service provider must store. But the Internet and service providers evolve so quickly that the laws can't keep up. Whereas a ISP must keep email logs and connection logs for a minimum of 6 months (made that number up, the duration has a formula), there are no specific laws for VPN services (yet).

But keep in mind, under the old Patriot Act (I forgot the new name and too lazy to Google now) certain LE agencies can go into a provider RIGHT NOW and ask for logs and/or set-up mirroring in the name of "prevention of terrorism". No formal court subpoena required. How they use that information in court is a different issue. So using VPN services will still help <-- this is partly why Fuji keeps stressing US VPNs vs off-shore VPNs. Also this is why a lot of websites (including TERB) are no longer choosing to be hosted in the US or Canada.

You will also notice allot of web sites have gone from HTTP to HTTPS (like TERB). This means the actual content between your browser and the web server is encrypted end-to-end - so if someone is monitoring/logging/mirroring your ISP router, they will know you are surfing TERB, but will NOT know what is being transmitted.

The other big question is if it's worth the time of LE to go through such logs to find you just for being on this site.

I don't think that's the main reason LE would be monitoring. Possible scenarios:

1) Suppose a SP is found to be underage. LE could scour the sex-board sites for anyone who has reviewed the SP and press charges.

2) If an SP gets hurt or killed, LE may scour the boards for customers in the last 0-90 days as part of the investigation

3) If the site gets hacked, the hacker could post all the IP addresses and Email addresses on the net. After the Ashley Madison leak, I'll bet 2/3 the wives in NA used the search engine site to look for their husbands Email or home IP address. I know several companies in Toronto I worked with did a search on their public IP address ranges.

4) If the info was made public domain, I know allot of HR departments who search for this kind of info as part of their hiring process. It's not an easy process and in many case the info is useless, but I'll bet $100 dollars that 10-30% of people use their work address or full name in gmail/hotmail email address on the porn sites. Dummies! Also we all have political enemies and any bad information is useful information.

 

[Promo]

Tor is much more secure than a vanilla VPN but be aware it's also much slower.

That's the main reason I stopped using it. It was slow for browsing or if I download a couple meg PDF it could take 3-4 times longer than non-VPN. It was quite bad for torrents and newsgroups. Since other services were just as secure and faster, I moved on and to date I think I've tried 5 providers over several years.

I'm currently using PIA because of it's speed, many servers in many countries and no-logging claims, but I always knew it was a temporary solution. I want to use an off-shore solution whose business and main infrastructure is outside NA or EU and is therefore not subject to their laws (i.e. Cayman, Bermuda?), but I also want the country to not be suspect itself (i.e. China, Russia, India). I want everything to be fully protected - my billing info, my VPN, my DNS, etc. I've not yet spent the time researching this, you've already provided me more useful info than I've researched myself - thks!

The success of a VPN service is it's own worst enemy. LE will start to pay attention and the blacklisting database companies will seek out their IPs more aggressively.