this post was submitted on 08 Nov 2023
423 points (98.0% liked)

Privacy

32165 readers
256 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

I am fully aware of what vpn services to use and not. I am not using Express VPN, I am simply doing research for a master thesis, when I came across these results from Express VPN. If you have any ideas or corrections, please let me know why a VPN provider would need to have access to these permissions.

Screenshot is from Exodus service, which let's you view what exactly perimissions and trackers each app uses. You can check out the results and the tool for yourself here: https://reports.exodus-privacy.eu.org/en/reports/com.expressvpn.vpn/latest/

Link to Image

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 1 year ago (1 children)

ExpressVPN is owned by Kape Technologies, which was previously named Crossrider. And Crossrider was a plugin development platform that allowed users to distribute ad injection software, which some considered malware. (Kape did not respond to a request for comment.) Kape also previously operated software called Reimage, which is said to enhance computer performance but has been reported to signal false positives on its security tests in order to sell its premium service. Teddy Sagi, the owner of Kape Technologies, was listed in the Panama Papers as a sole shareholder of at least 16 offshore companies—primarily real estate—established through Mossack Fonseca, according to Haaretz. In 1996, 16 years before he acquired Kape Technologies, Sagi was sentenced to nine months in prison for bribery and fraud, according to the Financial Times.

Source; https://innovation.consumerreports.org/wp-content/uploads/2021/12/VPN-White-Paper.pdf

[–] [email protected] 2 points 1 year ago (1 children)

Thank you very much, we should always strive to back up claims with relevant links and data, no matter if it's common sense or how trivial it might seem.

While the quote and linked paper give a good picture of the VPNs and their controversies, such as ExpressVPN, CyberGhost, and PIA being under ownership of a less-than-trustworthy company which also happens to be specialized in malware and surveillance, I did not find anything that directly supported @[email protected]'s claim.

The only controversy (except questionable ownership) I could find in the article was a few paragraphs lower regarding the Andrey Karlov assassination, where ExpressVPN denied the existence of logs but investigators somehow still managed to extract a serial number of a computer(?) after a datacenter raid. Not sure if I got that right, but it would fit the established profile from this comment chain:

ExpressVPN, on the other hand, told investigators it did not have any logs or customer data on a server in Turkey, which was raided by Turkish authorities, according to Hurriyet Daily News. According to the site, authorities said the server was used to hide details regarding an assassination of a Russian ambassador. ExpressVPN released a statement about the incident.

It's almost midnight here, so please correct me if I missed something.

Oh, and nice paper, has a good, natural flow and appears to keep technical jargon to a level where anyone should be able to draw well informed conclusions.

[–] [email protected] 1 points 1 year ago (1 children)

Aw man, now PIA is bad too? Crap. I was really enjoying them. ☹

[–] [email protected] 4 points 1 year ago

PIA being owned by the same scammy company as ExpressVPN does not necessarily mean that it itself also is bad, but one should keep an open eye on them.

Like I said, I haven't found any evidence that ExpressVPN sells their customer data, even though it might be likely.