dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
32
This is a sub-selection from Regarding latest update
docbill
join:2006-10-24
Stoney Creek, ON

docbill to suppafly

Member

to suppafly

Re: Regarding latest update

I would content it is lower security not higher security to have the blocks in place. If I need to drop my VPN at hotspots, it makes it one step easier for hackers to steal my personal information and use it to connect to your site.

I can however, see good reasons block new customer sign-ups over VPN, as you want not minimize your risks of having hackers using stolden credit cards over anonymous connections signing up for your service. I would think there are however more effective means to validate customers than blacklisting IP addresses. But to me it is just an issue of not being able to sign-in to my account without lower the overall security of my connection.

To be honest I never even thought of using live chat. I don't really see though how that would work. If you can't trust me to login with my password, and possibly adding a second level security question or a capcha, what could I say in an anonymous chat connection that would cause security conscious company to unblock the IP address? It is not like I would just start disclosing personal information in a chat window...

But in the end, it is not my job to tell you how to run your security. This is just a place for me to tell others how it impacts me as a customer.

Bill

Arne Bolen
User of Anveo Direct, 3CX and Qubes OS.
Premium Member
join:2009-06-21
Utopia

Arne Bolen

Premium Member

 
A long time ago I also was denied access to the website when using VPN. I disconnected and opened a ticket asking Voip.ms to add my static VPN IP address to their system.

I have since never had any problems accessing the website when using VPN. With my VPN provider I have my own static public IP address, so that makes it a lot easier. No need to tell Voip.ms a new public IP address.

I suggest you get your own static public IP address with your VPN provider. It makes it a lot easier for you, not only with Voip.ms but also with many other sites.
 
nitzan
Premium Member
join:2008-02-27

nitzan

Premium Member

said by Arne Bolen:

I suggest you get your own static public IP address with your VPN provider. It makes it a lot easier for you, not only with Voip.ms but also with many other sites.
 

Or, he could just switch his service to a provider that doesn't prevent their EXISTING customers from logging in via VPN...

Don't get me wrong- I think they should most definitely investigate/ban VPN usage for NEW users - but preventing your EXISTING trusted customers from using your web portal via VPN is throwing the baby out with the bathwater. This doesn't add security - it's just an inconvenience.

Arne Bolen
User of Anveo Direct, 3CX and Qubes OS.
Premium Member
join:2009-06-21
Utopia

Arne Bolen

Premium Member

said by nitzan:

This doesn't add security

 
Voip.ms believes it will add security. The same also applies to Flowroute. But it seems most other providers have a different opinion.
said by nitzan:

- it's just an inconvenience.

I agree.
 
docbill
join:2006-10-24
Stoney Creek, ON

docbill to Arne Bolen

Member

to Arne Bolen
A static IP address with VPN really defeats one of the reasons for using VPN, which is to establish a semilevel of anonymity. With C12,, C30, and C52 really likely to pass in Canada, the government will have unprecedented access to data. As soon as you connect to a service where you authenticate like voip.ms there is a site they can access to determine who is using that IP address. If you are the ONLY person using that IP address, bam, they now can access all the traffic coming into and out of the VPN connection and know it is you. Since many VPN services assign you the same IP address you connect to the can also trace what IP address you are using via your ISP. However, if many people are using the same VPN IP address, and you regularly change which IP address you use, it is much harder for them to definitively track traffic back to you.

Arne Bolen
User of Anveo Direct, 3CX and Qubes OS.
Premium Member
join:2009-06-21
Utopia

Arne Bolen

Premium Member

said by docbill:

A static IP address with VPN really defeats one of the reasons for using VPN, which is to establish a semilevel of anonymity.

 
The primary reason for using VPN is security, not anonymity. I often use other networks, both wired and wireless, and VPN protects me from eavesdroppers.

Yes, I know some people use VPN for anonymity. Often they are sharing music and film, and they believe VPN can protect them from being caught.

My VPN provider is my ISP. I always use my VPN provider, even at home. That way all my internet traffic have the same IP address.

My static IP address, I have had it for many years now, makes sure it's easy for sites to know that it's me connecting. I see no reason at all to hide for voip providers and other sites that it's me. My IP address is my net identity, and that is what I want.
 
docbill
join:2006-10-24
Stoney Creek, ON

docbill

Member

I agree if you don't want anonymity then static vpn is probably better. I tend to use my vpn for many reasons, none of which are illegal. I believe some level of anonymity is needed to protect democracy. The government should not be able to tap my phone line, e-mail, or web browsing without a warrant. Otherwise, it will be almost impossible to ever successfully stage a protest against bad laws, organize strikes, etc. Even if I'm doing none of those things, by preserving my anonymity I make it harder for the government to track down those who are engaging in activities that help protect democracy.

I also use VPN for increased security in some cases, like when I'm at hot-spots. I don't want people listening in just because they are at the same hotspot running wireshark.

Sometimes I use VPN for location shifting. For example, I decided while I was in the US for Easter, I wanted to pickup a pool at Walmart as they don't sell the same model in Canada. When I tried to pre-order for pickup, I kept getting redirected to the Canadian site. So I connected to a US VPN and made my order with a US credit card. I can now pick-up my order this weekend.

Recently I've also been using VPN to avoid Bell traffic shaping. For example recently I was having problems with regular long audio drops to my work's openUC server. After investigating, I found the openUC server was up, and pings route to them successfully. My finally decided it was likely Bell Canada was deliberately lowering the quality of the UDP traffic to the server, probably because they misidentified it as some other type of traffic they consider low priority. So I routed the traffic through VPN for the rest of the day and had no more audio drop-outs.

Some of these usages are appropriate when connection to the voip.ms webserver, some are not. But the point is, if I am an authenticated user it shouldn't matter.

Bill

Arne Bolen
User of Anveo Direct, 3CX and Qubes OS.
Premium Member
join:2009-06-21
Utopia

Arne Bolen

Premium Member

said by docbill:

Some of these usages are appropriate when connection to the voip.ms webserver, some are not. But the point is, if I am an authenticated user it shouldn't matter.

 
It's up to each provider what security police they want to implement. Voip.ms is not alone with such strict policy.

However, I'm not surprised why they have this strict policy. Connecting from a VPN with dynamic IP addresses should trigger an alarm many times. Such VPN services often attract a certain type of users, a type of users most voip providers prefer not to have as customers.
 
Arne Bolen

Arne Bolen to docbill

Premium Member

to docbill
said by docbill:

I tend to use my vpn for many reasons, none of which are illegal. I believe some level of anonymity is needed to protect democracy. The government should not be able to tap my phone line, e-mail, or web browsing without a warrant. Otherwise, it will be almost impossible to ever successfully stage a protest against bad laws, organize strikes, etc. Even if I'm doing none of those things, by preserving my anonymity I make it harder for the government to track down those who are engaging in activities that help protect democracy.

 
Using a VPN provider, with or without a dynamic IP address, will not give you anymore anonymity than your home ISP.

A VPN provider is equal to an Internet Service Provider. The only difference is that with a VPN provider you are not bound by the distance to the provider's equipment.

If the government want to tap your phone line, e-mail, or web browsing without a warrant they can do that easily with your VPN provider. In that regard there are no practical differences compared to your ordinary ISP.

The only anonymity you may preserve with using a VPN provider is towards some websites collecting commercial stats. But as such tracking mostly use cookies instead of IP addresses you are not better off using a VPN provider. You can just disable cookies instead.
 
docbill
join:2006-10-24
Stoney Creek, ON

3 edits

docbill

Member

please delete this post
docbill

docbill to Arne Bolen

Member

to Arne Bolen
Your mistake of course is in assuming my VPN provider is the same legal jurisdiction as my ISP. The Canadian laws that will requiring logging e-mail, online chat, etc will only apply to the Canadian ISP's. My contract with my VPN provider stipulates they WILL NOT even log the dynamic IP address mapping, let alone details about the connections. So the Canadian government will not have legal authority to demand details about my connections without a warrant in my VPN providers jurisdiction. Even then, there will be no details to turn over. The best they could do is get a warrant to force future monitoring of my traffic. So I probably would not be safe performing criminal activity, but I should be fairly safe from fishing expeditions through my life.

You are right of course cookies are a huge security problem. Even bigger than actual authenticated logins. There are steps which one can take to limit this effect, but in truth no matter what steps you take http traffic is never secure, and https traffic is only somewhat secure. The main thing I want to avoid is if for example I connect to a Canadian website to do a tax return, is that does not leak enough information to trace my connections to other courtries. I have not found a fool proof way to do that yet, only ways to make it more difficult.
docbill

docbill

Member

please delete this post
This is a sub-selection from Regarding latest update