This is pretty big news in the cybersecurity world right now but don’t see it talked about here yet. I’m sure there must be ExpressVPN users on this sub so will quickly cover the situation.
Three former US intelligence and military personnel are facing a $1.6m fine from the US Department of Justice for involvement in “Project Raven” that helped the United Arab Emyrates spy on and hack “its enemies” (politicians, journalists, human rights activists, including those in the US). One of these persons is Daniel Gericke, the current CIO of ExpressVPN.
Since all three defendants have agreed to cooperate, they are now obligated to provide any documents, data and information they have available to them if requested by the FBI.
“The cyberspying naturally raises questions about the security around ExpressVPN. However, the VPN service is sticking with Gericke.”
It all seems like really big news to me. Thoughts?
ExpressVPN was just bought by a company that used to push out questionable software…
Honestly mark ExpressVPN off the trusted company list IMHO
Darknet Diaries did an episode on Project Raven. Really interesting stuff.
Everybody knows that. You guys know VPN companies are by law obligated to give the data of connection information that routes through their servers to the government right? And then, the government slaps them with gag law, which means they can’t disclose they gave that information.
Using VPN providers for the sole purpose of security is just being moron.
If you want to set up a VPN, you can do it on your own server, VM, raspberry pi, etc. I have a raspberry Pi that is running wire-guard VPN. I mainly use it to connect to my home-network but you get the point, its fast for only me, and can do 50mbps up and down each time.
I’m absolutely SHOCKED that US intelligence/military would cooperate with a human rights abuser to abuse human rights. This is unheard of! Totally unexpected!
Edit: /s
I’m not a tin foil hat person, but I’m gonna go with no shit dot jaypeg down this rabbit hole.
ExpressVPN, NordVPN, SurfsharkVPN, 97% of these fuggin things are owned by spooks, and the ones that aren’t, are either complying with them, or are Liberation Army fronts doing “business as usual” out of the British Virgin Islands.
I’ve always told people curious about VPNS that they are more likely to provide better security at the expense of their privacy. They seldom understand that these are not interchangeable terms but rather mutually exclusive and need careful consideration.
“But where can I download movies?”
Do we have a list of VPNS that aren’t absolute spooks? Most of the big guys talk the talk but almost never walk the walk when it comes down to it.
The three defendants have agreed to cooperate with US authorities and pay the fine in exchange for deferred prosecution, according to a Justice Department release. The three have also forfeited foreign and US security clearances and face future employment restrictions. The agreement comes a day after ExpressVPN announced it had been sold as part of a $936 million deal to former adware distributors Kape Technologies, a company co-founded by an ex-Israeli surveillance agent and a billionaire previously convicted of insider trading.
Remember, this software originated in Israel:
This purchase it to cover the tracks. The three still got paid and now Mossad can buy it out and continue business as normal.
Why is this a slap on the hand while Julian Assange is held up on fabricated allegations? Or while Steven Donziger is in house arrest for beating Exxon/Chevron in court. It’s suspicious that we target those exposing lies and wrongdoing
I have used ExpressVPN, what is the VPN that actually doesnt log?
Going to clear the air here. Gericke is a very smart individual has like 25+ cyber certifications. He gave up his U.S. citizenship which really raises questions on whatever he was doing in Abu Dhabi. He helped design the infrastructure in the UAE so I would question ExpressVPN as many of the rules that the FBI has placed on him doesn’t really apply since he is now not a U.S. citizen. He did get in trouble though because he was a U.S. Citizen at the time.
I’m concerned, I don’t use the service anyway, but at the end of the day ‘a job is a job’, however, my caveat here would be that ‘do we know he’s truly done working for anyone else’.
I would expect, probably not since he seems to have had a direct hand in creating the service, however, again, this could also be a lead up.
I think the UAE connection makes this a fair bit more concerning, simply due to the sheer amount of money they have behind them; not to mention a massive theist following that can be manipulated into doing basically whatever the rulers want.
I guess the tl;dr is, I probably would be cautious about the service, perhaps utilizing it in a vpn chain, although from reading the article, I suspect he maybe just wanted to find his next gig; I don’t imagine working for individuals that could have you chopped up at literally any moment is overwhelmingly enjoyable.
I’d like to know his side of the story, honestly, from his background his knowledge and expertise is simply fantastic, I’d love for him to just do a full on AMA.
It seems, the unique way is use your own selfconfigured VPN or any service.
Damn, now I have to configure that VPN project I tried to avoid.
I don’t know anything about cyber security but was recently thinking of getting a VPN. Would anyone be willing to educate me with a quick overview of what it does? I am simply looking for privacy primarily, security close second. Looking at this thread I guess I really am dumb, I thought it provided privacy.
So an VPN that says that they keep no logs but they are actually spying in you? Another reason of why you should use Tor.
Why is the CIO involved? lol
I feel so validated for telling my non-IT friends that VPNs are a scam - absolutely ridiculous
It’s not so much that some of these vpn providers are based in countries that have the best privacy laws, it’s more so that they chose that particular location to make it difficult for the average joe to sue them.