Crowley93 0 I found this article of interest & informative. Wanted to pass it along, & I hope you enjoy it, as well. I would like to hear your thoughts on this. I chose Nord VPN based on these VPN charts, thanks to EFF.org who is one of the most integral groups on this planet maintaining free and open internet; I had a lot of high hopes for Nord given the customer reviews, self-acclaimed zero-logging policies and their jurisdiction outside of the 14 eyes. However almost immediately I ran into problems with their proprietary app blocking websites I was visiting, as an example: https://www.linuxmint.com https://www.ibvpn.com/ https://www.experts-exchange.com https://www.offensive-security.com/ http://presstv.com/ From what I gathered from other Nord users, this was an isolated incident. I posted my experience on Nord VPN's reddit page. My post was promptly removed by Nord staff in less than 48 hours. In the second censored post, I had mentioned the speed improvements obtained switching to OpenVPN with Nord's servers. An instant 800% improvement on the exact same servers. I went from 10 to 85 MBPS, give or take a few. (85 Linux, 75 Windows). Nord staff deleted that post within minutes. I had also mentioned how to block DNS leaks in OpenVPN just like in Nord's app (and all proprietary VPN apps). (I explain that below). Nord does not offer this information publicly and deleted my posts so it seems they are most unfortunately not interested in seeing their customers free of DNS leakage outside their proprietary spyware APP, unthrottling customers connection speeds, or hiring decent staff that care about their customers. They will block and censor you at the drop of a hat and censor you for exposing their blocks and/or censorship. How very disappointed I was to see this. Be careful about VPN's that do not offer a public forum for discussions. NordVPN is not a community-based VPN and only offer support via email. In my research, I've found their software behaves much like a rootkit on users computers. Spy tool may be a better word. I will simply add the text I've already compiled on it... and you can weigh in and consider what you feel about it. You can test and confirm all of this yourself, for yourself all VPN users everywhere. All you need is one simple little tool, sysinternals process monitor. Testing was done using Nord VPN 6.11.14.0, backup copy available here You may contact Nord support and send your complaints to: [email protected] And test the censorship on their reddit page here: https://www.reddit.com/r/nordvpn/ It all began with this: "Nordvpn-service.exe failed to auto start on boot." This lead me to look closer at what was going on. Nordvpn-service.exe boots into session 0 (non-interactive session/system) the same as the system. Nordvpn.exe runs in session 1 (interactive session / user); with lesser privileges. Behind the GUI, both of them appear to perform nearly the same functions. The only difference I found was Nordvpn.exe sends data to different IP addresses. For all we know, Nord could be gleaning information at the system level, a potentially vast source of intelligence from millions of customers. Nordvpn-service.exe snoops around every nook and cranny of the network stack of the OS and beyond. Open source OpenVPN only does what it is supposed to do, which is to send TCPIP data back and forth over an adapter. ZERO surveillance and zero sending data to third parties. The most reliable and secure applications for safety and privacy are always open source. On my PC, nord-service.exe routinely checks the folder c:\Program Files (x86)\EMET 5.5\. And tries to access and or insert a DLL into its folder. After each operation it immediately performs a client Key Exchange, Change Cipher Spec, Encrypted Handshake to the following address -> device:53254 -> 40.117.190.72:https (waws-prod-blu-063.cloudapp.net) whose domain is registered by Microsoft; WHOIS LINK Nords encrypted connection then maintains an established idle connection with Microsoft (USA ip) for most of its uptime. Why the 512-byte "Handshake" to Microsoft? For all we know it could be signal intelligence for "this IP has such and such a program" and flagged by whoever, whatever, wherever, including Microsoft. The other IPs it connects to are Nord DNS servers. A much safer alternative would be using an open-source application like OpenVPN, which you can do with your current NordVPN account. Or even better, use a service that really gives a fuck about their users. Using OpenVPN you won't be blocked, throttled AS MUCH (which I mistakenly thought was my ISP) as happened to me on Nord's leased servers, or have long wait times while connecting. Its much faster, and being open-source, much safer. I recommend using that with a lightweight firewall, in particular, Binsoft "WFC" Windows Firewall Control. You can disable your internet at the click of a button (High Filtering) and boot your computer with "safe boot" so your internet connection isn't exposed before you are ready to connect to your VPN. There are other third-party solutions out there as well that work with OpenVPN. If Nord's software had a back door (or is one) and the servers you are connected to were compromised, someone could easily gain access to your computer, especially with incoming allow rules. But given Nord's malware-like activities on the computer, I'd say it's much safer to steer clear of their software altogether, and possibly the servers leased to them also. If you notice any inconsistencies or anything here that could be improved, please let me know and I will do what I am able to improve this post. People want security, they want dependability, they want quality services that do what they are supposed to be doing. Does all of this prove Nord VPN's services are malicious or are they using these methods to keep you safer whilst dealing with a stubborn and difficult Windows operating system to avoid leaks and other system limitations? They said themselves, there could be a backdoor lurking in their services (as there could be in any service). One user has found Nord's app bypasses Windows Firewall no matter what blocking rules are implemented, and was as a result planning to switch to another provider. So be mindful. Quote Share this post Link to post Share on other sites
sidym53 2 I found this article of interest & informative. Wanted to pass it along, & I hope you enjoy it, as well. I would like to hear your thoughts on this. I chose Nord VPN based on these VPN charts, thanks to EFF.org who is one of the most integral groups on this planet maintaining free and open internet; I had a lot of high hopes for Nord given the customer reviews, self-acclaimed zero-logging policies and their jurisdiction outside of the 14 eyes. However almost immediately I ran into problems with their proprietary app blocking websites I was visiting, as an example: https://www.linuxmint.com https://www.ibvpn.com/ https://www.experts-exchange.com https://www.offensive-security.com/ http://presstv.com/ From what I gathered from other Nord users, this was an isolated incident. I posted my experience on Nord VPN's reddit page. My post was promptly removed by Nord staff in less than 48 hours. In the second censored post, I had mentioned the speed improvements obtained switching to OpenVPN with Nord's servers. An instant 800% improvement on the exact same servers. I went from 10 to 85 MBPS, give or take a few. (85 Linux, 75 Windows). Nord staff deleted that post within minutes. I had also mentioned how to block DNS leaks in OpenVPN just like in Nord's app (and all proprietary VPN apps). (I explain that below). Nord does not offer this information publicly and deleted my posts so it seems they are most unfortunately not interested in seeing their customers free of DNS leakage outside their proprietary spyware APP, unthrottling customers connection speeds, or hiring decent staff that care about their customers. They will block and censor you at the drop of a hat and censor you for exposing their blocks and/or censorship. How very disappointed I was to see this. Be careful about VPN's that do not offer a public forum for discussions. NordVPN is not a community-based VPN and only offer support via email. In my research, I've found their software behaves much like a rootkit on users computers. Spy tool may be a better word. I will simply add the text I've already compiled on it... and you can weigh in and consider what you feel about it. You can test and confirm all of this yourself, for yourself all VPN users everywhere. All you need is one simple little tool, sysinternals process monitor. Testing was done using Nord VPN 6.11.14.0, backup copy available here You may contact Nord support and send your complaints to: [email protected] And test the censorship on their reddit page here: https://www.reddit.com/r/nordvpn/ It all began with this: "Nordvpn-service.exe failed to auto start on boot." This lead me to look closer at what was going on. Nordvpn-service.exe boots into session 0 (non-interactive session/system) the same as the system. Nordvpn.exe runs in session 1 (interactive session / user); with lesser privileges. Behind the GUI, both of them appear to perform nearly the same functions. The only difference I found was Nordvpn.exe sends data to different IP addresses. For all we know, Nord could be gleaning information at the system level, a potentially vast source of intelligence from millions of customers. Nordvpn-service.exe snoops around every nook and cranny of the network stack of the OS and beyond. Open source OpenVPN only does what it is supposed to do, which is to send TCPIP data back and forth over an adapter. ZERO surveillance and zero sending data to third parties. The most reliable and secure applications for safety and privacy are always open source. On my PC, nord-service.exe routinely checks the folder c:\Program Files (x86)\EMET 5.5\. And tries to access and or insert a DLL into its folder. After each operation it immediately performs a client Key Exchange, Change Cipher Spec, Encrypted Handshake to the following address -> device:53254 -> 40.117.190.72:https (waws-prod-blu-063.cloudapp.net) whose domain is registered by Microsoft; WHOIS LINK Nords encrypted connection then maintains an established idle connection with Microsoft (USA ip) for most of its uptime. Why the 512-byte "Handshake" to Microsoft? For all we know it could be signal intelligence for "this IP has such and such a program" and flagged by whoever, whatever, wherever, including Microsoft. The other IPs it connects to are Nord DNS servers. A much safer alternative would be using an open-source application like OpenVPN, which you can do with your current NordVPN account. Or even better, use a service that really gives a fuck about their users. Using OpenVPN you won't be blocked, throttled AS MUCH (which I mistakenly thought was my ISP) as happened to me on Nord's leased servers, or have long wait times while connecting. Its much faster, and being open-source, much safer. I recommend using that with a lightweight firewall, in particular, Binsoft "WFC" Windows Firewall Control. You can disable your internet at the click of a button (High Filtering) and boot your computer with "safe boot" so your internet connection isn't exposed before you are ready to connect to your VPN. There are other third-party solutions out there as well that work with OpenVPN. If Nord's software had a back door (or is one) and the servers you are connected to were compromised, someone could easily gain access to your computer, especially with incoming allow rules. But given Nord's malware-like activities on the computer, I'd say it's much safer to steer clear of their software altogether, and possibly the servers leased to them also. If you notice any inconsistencies or anything here that could be improved, please let me know and I will do what I am able to improve this post. People want security, they want dependability, they want quality services that do what they are supposed to be doing. Does all of this prove Nord VPN's services are malicious or are they using these methods to keep you safer whilst dealing with a stubborn and difficult Windows operating system to avoid leaks and other system limitations? They said themselves, there could be a backdoor lurking in their services (as there could be in any service). One user has found Nord's app bypasses Windows Firewall no matter what blocking rules are implemented, and was as a result planning to switch to another provider. So be mindful. that's why dad prefer tor lol Quote Share this post Link to post Share on other sites
