Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

how is cryptostorm different?

Looking for a bit more than customer support, and want to learn more about what cryptostorm is , what we've been announcing lately, and how the cryptostorm network makes the magic? This is a great place to start, so make yourself at home!
User avatar

Topic Author
Pattern_Juggled
Posts: 611
Joined: Sun Dec 16, 2012 6:34 am
Contact:

how is cryptostorm different?

Post by Pattern_Juggled » Wed Nov 05, 2014 7:13 am

{direct link: different.cryptostorm.ch}


We're often asked what makes us different from the me-too "VPN services" that litter the internet landscape nowadays. It's a fair question, but one we rarely (as a team) take time to address... because, frankly, we don't see ourselves as a "VPN service" and never have. It seems like asking a top-end auto manufacturer what makes them different from a rattletrap old VW Beetle: a categorical error.

But smart people with Marketing Experience tell us that answering this question - in 20 words or less, if possible! - is a Key To Success. Or whatever. Hence we've been reluctantly drawn into this question, those of us on the tech side of our team (which is almost all of us, actually)... and tasks have been mercilessly parcelled out.

Here's a reply one of our tech ops folks sent out yesterday, and I decided that posting it here might get things moving. So that's what I'm doing... perhaps someone with marketing expertise will read it, do their magical marketing thing, and leave us with the 20 words that explain Why We Are Different. One can always hope, right? :-)

The original question as posed by a prospective customer (or someone claiming to be, anyhow - "VPN services" routinely send questions to our support folks, copy/paste our replies to their fake questions, and then use that language on their websites or promotional materials; it's happened so many times that it's become a running joke amoungst our staff) reads as follows:
I have been reading for an hour on your forum yesterday, but I can not see in what your product is different. Can you explain to that me? I mean, yes, you use OpenVPN too

And yes, it is possible to buy your tokens anonymously (so you write, but it appears you have only one reseller - > so the bulk of tokens still come from you, and then again: nobody knows if this reseller isn’t actually you yourself under another nick. You see, you are not the only one not trusting anything J).

But is the situation that you provide ‘anymous’ tokens the only difference between you and say privateinternetaccess.com or liquidvpn? I mean: OpenVPN is OpenVPN, right?”
And in reply...
{name redacted} -

Hi, let me point you at some additional information.

Our colleagues wrote up a review of some of the crypto snake-oil that is use as marketing materials by "private internet access." That paper is available here. There are issues of credibility raised by this kind of thing: one research group made one review of one marketing claim by this company, and turned up a pile of troubling problems. To me, I cannot imagine trusting that such a company is in any way competent if even such a cursory review uncovers this level of failure. Also, claiming (falsely or not) to be a "founder of Mt.Gox" is not really confidence inspiring at this point in time.

There are hundreds of these me-too "VPN companies" out there nowadays. We've contributed to peer reviews of several dozen, and found horrific examples of security failures... it's hard to even know where to begin. Recently was the case of "FrootVPN" publishing the private session keys of customers. These failures are so bad, it's difficult to speak rationally about them... and yet these companies are often good at "gaming" the SEO and "VPN review" systems in a way to present themselves as legitimate.

OpenVPN is both a protocol and an opensource tool for OSI layer 3 encapsulation of higher-layer packet streams within TCP/IP. To say that anyone "using" OpenVPN is equivalent would be like claiming that, since all brands of cars use internal combustion engines (or until recently, pre-electric!) they are the same. Which is true at one level, perhaps... but not true enough for most folks to trade a Bugatti for a Yugo.

Running a competent network security services - we don't sell "products" - requires a range of expertise and experience far, far beyond simply downloading the openvpn binaries and installing them somewhere. Our network is routinely trusted by members worldwide whose lives depend on the integrity of their private online communications. That's the bar we set for ourselves, and the service we deliver every day.

It has been said that success often depends on doing 10,000 things right. Top-end technical security systems are often similar: there is no magic "security sauce" that one spreads over things to make it good. Rather, there are countless small tasks and decisions and competencies that come into play, day after day.

Or, alternatively, one can simply put up a pretty website with happy logos, install the absolute minimal level of required software, and market the hell out of it as a "VPN service." That's the easy path, obviously, but that's not of interest to us.

When we do our job right, as a service provider, nothing happens: data from our members' internet connections is never leaked, nobody ever gets arrested and tortured by the secret police because our network failed, we never betray our customers, and our servers never get subverted. When it all works, nothing happens - and that's as we like it. We work very hard to ensure that nothing happens, in that sense of the phrase. It is what we are good at.

For some folks, that level of professional expertise, experience, and hard-won credibility matters. Those are our members. For other folks, the "Hide My Ass" style of bullshit marketing - such a cute logo! - is what they prefer. Life is made of choices, and we all make our own choices.

Regards,

~ cryptostorm_ops

User avatar

parityboy
Site Admin
Posts: 1215
Joined: Wed Feb 05, 2014 3:47 am

Re: how is cryptostorm different?

Post by parityboy » Sat Nov 08, 2014 6:04 am

@OP

If Cryptostorm was like other VPN services - i.e. requiring sign-up - then Cryptostorm would be a VPN service. However, the defining feature of Cryptostorm is the anonymous token model. This makes Cryptostorm more akin to a national postal service, in terms of the access model.

Code: Select all

Token             == Postage stamp
VPN Widget        == On-street post box
Data packet       == Letter with a non-descript address as the sender
To me, Cryptostorm is less a VPN service and more a "global darknet infrastructure", for want of a better phrase. :)

User avatar

marzametal
Posts: 431
Joined: Mon Aug 05, 2013 11:39 am

Re: how is cryptostorm different?

Post by marzametal » Sat Nov 08, 2014 3:57 pm

Suckup.


Lignus
Posts: 26
Joined: Sat Nov 02, 2013 1:26 am

Re: how is cryptostorm different?

Post by Lignus » Sun Nov 09, 2014 10:57 am

CryptoStorm in a nutshell:
CryptoStorm is different from other "privacy services" in that we do not know and do not want to know who you are and have purposefully designed our network to make figuring out who you are nigh impossible. In addition, because we use per session transient keys with a twenty-minute rotation, there does not exist a method for us to be forced to turn over encryption keys for past traffic. Most other "privacy services" will hand over their master key to decrypt all past and future traffic along with your contact and billing information, CryptoStorm does not have such a key or information to hand over.

Post Reply