- IP Address
- Internet provider
- NOT SECURE
- Your Internet provider can track your Internet activity.
We’ve recently released new versions of our desktop and Android apps with a new ‘Pause VPN’ feature. Based on feedback from customers, we discovered that some were disconnecting temporarily from the VPN in order to connect to various services that were blocked whilst connected e.g. some payment gateways etc. When disconnected these customers were sometimes forgetting to reconnect after completing their task, leaving them in an insecure state until they remembered to manually reconnect. This could be hours or more, representing a serious privacy threat. Whilst being disconnected for even a few seconds is unacceptable for many of our hardcore privacy customers (who we don’t expect to use this feature) we felt it was important to mitigate the risk of being left insecure for those who want to disconnect and understand the risk of doing so.
Today we’re releasing a new ‘trusted Wi-Fi networks’ feature for our desktop and Android apps. Some customers have different security requirements depending on whether they trust the specific Wi-Fi network they are connected to or not. For example, customers who use our VPN exclusively for Wi-Fi security often only want to be connected to the VPN when they are on untrusted networks e.g. public hotspot. Ideally they would like the VPN client to automatically establish a connection on networks they don’t trust and disconnect on those they do. Another use case is customers who use the VPN for privacy but who have VPN routers on trusted networks they connect to – in this case they don’t want to connect whilst connected to this network or they would establish nested VPN tunnels which perform very poorly.
In late March, the US Clarifying Lawful Overseas Use of Data Act (CLOUD Act) took effect. And predictably, the US Supreme Court just dismissed United States v. Microsoft Corp. In that case, Microsoft was fighting a subpoena for data stored in an Irish data center. And now its objection is moot, because the CLOUD Act stipulates:
A [service provider] shall comply with the obligations of this chapter to preserve, backup, or disclose the contents of a wire or electronic communication and any record or other information pertaining to a customer or subscriber within such provider’s possession, custody, or control, regardless of whether such communication, record, or other information is located within or outside of the United States.
This is bad news, for sure. But it’s no surprise, in the current environment. With all those terrorists and criminals to worry about. And when it’s the feds vs Microsoft, Congress can just change the law. And this is obviously not just about the US. Russia demanded access to encrypted Telegram messages, Telegram refused, and now Russia has blocked Telegram, plus many other services and websites that rely on Google and Amazon hosting.
There are some age-old questions among Internet users, especially those concerned about privacy. Basically, “Is my ISP watching me?”, and “Is it sharing data about my online activity, such as search and browsing history, with third parties?” And back in the day, the analogous question was “Is the phone company listening?” Indeed, Bell Labs reportedly suppressed the telephone answering machine for 60 years, because it feared that recording technology would frighten away its customers.
Any service that provides Internet access (ISPs, WiFi hotspots, and telecom providers) can obviously see what resources users are accessing. Unless data is encrypted, providers can also see the content. And even with encryption, traffic patterns provide some information about activity. Finally, all bets are off when the NSA, or another similarly resourceful TLA, is interested.
If you’re living in China, especially in such areas of unrest as Tibet or Xinjiang, online privacy is an fantasy. But what about the US and EU, where privacy is supposedly protected?
Today we’re pleased to release updates for our mac and windows clients. The new clients are available immediately for new and existing customers. To download the latest version, just visit the IVPN for MacOS and IVPN for Windows pages.
The aim of this update it to bring our desktop apps in line with our new android and iOS apps in terms of layout, design and usability, and to build on the feedback we’ve received from our users.
Given that you’re reading this on IVPN’s website, you probably care about online privacy. And you probably use VPN services to hide your online activity from ISPs. That’s prudent, because ISPs clearly spy on their customers. In March 2017, the Trump administration blocked FCC rules that would have protected the privacy of ISP customers. The argument was that ISPs should have the same rights to use customer data “for commercial purposes” that Google et alia do. And there’s arguably more in play than ISP profits, given MPAA’s efforts to fight “piracy” and complaints from the FBI about “going-dark”. That’s even starker in the UK. The Investigatory Powers Bill, which went into effect in November 2016, requires ISPs to retain users’ browsing history “for up to a year”.
Shut out hackers, identity thieves and the global government surveillance apparatus — every time you go online.