Hacker News new | past | comments | ask | show | jobs | submit login

Anyone who can access the site mind posting the article for those of us stuck behind work proxies? Much obliged.



Lulzsec fiasco Posted on September 23, 2011 We have received concerns by users that our VPN service was utilized by a member or members of the hacktivist group ‘lulzsec’. Lulzsec have been ALLEGEDLY been responsible for a number of high profile cases such as:

The hacking of the Sony Playstation network which compromised the names, passwords, e-mail addresses, home addresses and dates of birth of thousands of people. The DDOS attack which knocked the British governments SOCA (Serious Organised Crime Agency) and other government websites offline. The release of various sensitive and confidential information from companies such as AT&T, Viacom, Disney, EMI, NBC Universal, and AOL. Gaining access to NATO servers and releasing documents regarding the communication and information services (CIS) in Kosovo. The defacement of British newspaper websites The Sun & The Times. The hacking of 77 law enforcement sheriff websites.

It first came to our attention when leaked IRC chat logs were released, in these logs participants discussed about various VPN services they use, and it became apparent that some members were using our service. No action was taken, after all there was no evidence to suggest wrongdoing and nothing to identify which accounts with us they were using. At a later date it came as no surprise to have received a court order asking for information relating to an account associated with some or all of the above cases. As stated in our terms of service and privacy policy our service is not to be used for illegal activity, and as a legitimate company we will cooperate with law enforcement if we receive a court order (equivalent of a subpoena in the US).

Our VPN service and VPN services in general are not designed to be used to commit illegal activity. It is very naive to think that by paying a subscription fee to a VPN service you are free to break the law without any consequences. This includes certain hardcore privacy services which claim you will never be identified, these types of services that do not cooperate are more likely to have their entire VPN network monitored and tapped by law enforcement, thus affecting all legitimate customers.

We would also like to clear up some misconceptions about what we do and what we stand for. In 2005 we setup HMA primarily as a way to bypass censorship of the world-wide-web whether this be on a government or a corporate/localized scale. We truly believe the world-wide-web should be world-wide and not censored in anyway. A prime example of this would be the Egyptian revolution for which our service played a key role for protesters gaining access to websites such as Twitter which were blocked by the government, we experienced record traffic during this time. Although our web proxy accounts to a high percentage of our traffic, our VPN service accounts to nearly all of our revenue. Our main customer base use our VPN service to ensure their sensitive web traffic cannot be intercepted on insecure networks, though there are many other legitimate uses such as the ability to unblock GEO-restricted websites. Rummage through our review database and you’ll be able to gain a decent understanding of who uses our service and why. Edit: We have had a few queries as to our logging policies. We only log the time you connect and disconnect from our service, we do not log in any shape or form your actual internet traffic.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: