All the hardware used to operate our service is owned by us and locked into isolated racks. All servers operate without any hard drives as the operating system only resides in the RAM memory.
When our servers boot, they fetch the correct disk image by iPXE from our encrypted boot servers. As soon as the disk image has been downloaded, a verification of the kernel and initrd signature is performed to ensure that nothing has been tampered with.
The operating system is loaded into the RAM memory, and the server can finally boot if the verification passes. If the verification fails, the server will reboot and retry this process until the verification signature is valid and it's safe to boot.
We exclusively use a scaled down verison of Alpine Linux as operating system.
The OpenVPN processes do not have any write privileges, and syslogs have been disabled, to ensure that logs can't even temporarily be created in the RAM memory.
For WireGuard, our key management daemon, ensures that peer information is not stored indefinitely in the servers memory. Any peers that haven't had a handshake during the previous three minutes are removed, ensuring we keep as little information as possible.
Our VPN servers don't support physical access via console, keyboard or USB ports. Critical security updates are installed on daily basis.
|Protocol||UDP and TCP|
|Ports||1194, 1195 & 443|
|Data channel cipher||ChaCha20-Poly1305 (OpenVPN 2.5+)
AES-256-GCM (OpenVPN 2.4+)
AES-256-CBC with HMAC-SHA1 (Openvpn 2.3 and older)
|Control channel cipher||TLSv1.3:
TLSv1.2 and older:
|Key exchange authentication||Diffie‑Hellman and Perfect Forward Secrecy (DHE) using a RSA key with a 4096 bit key size, with a re‑keying every 45th to 75th minute.|
|Extra auth key||RSA with a 2048 bit key size|
|Extra crypt key||RSA with a 2048 bit key size|
The client has a killswitch, which prevents any data leaks in case the connection to OVPN drops. It's simple to verify if the killswitch works properly.
In order to prevent DNS leaks, the client:
By utilising a VPN service you are essentially moving the trust from your ISP to the VPN provider. It's crucial that you're using a VPN service that is trustworthy and transparent about how the business is run and which methods they've employed to protect your privacy and integrity.
No email address is required when creating an account. It's possible to pay for subscriptions anonymously by sending an envelope with cash to our office or by paying with bitcoin.
Conflicts are expensive and complicated, especially when crossing country borders. We've decided to sign up for an insurance that covers legal fees as an additional layer of safety, which grants us the financial muscles to refute any requests for information.
In the case of any third party demanding information about our customers, we are fully prepared to go to court and will do everything in our power to prevent anyone from getting access to customer information.