Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ

Quad VPN & the snake oil of "multi-hop" VPNs

To stay ahead of new and evolving threats, cryptostorm has always looked out past standard network security tools. Here, we discuss and fine-tune our work in bringing newly-created capabilities and newly-discovered knowledge to bear as we keep cryptostorm in the forefront of tomorrow's network security landscape.
User avatar

Topic Author
Pattern_Juggled
Posts: 611
Joined: Sun Dec 16, 2012 6:34 am
Contact:

Quad VPN & the snake oil of "multi-hop" VPNs

Post by Pattern_Juggled » Mon Jan 14, 2013 12:27 pm

There's this service called Elite VPN - WARNING: there's rumors the service is a honeypot, not confirmed but from fairly reliable sources - and they are advertising this "multi-hop" thing called Quad VPN. Here is their description:
Quad VPN

NEW This is a unique technology that allows achieving the maximum level of safety and anonymity. You will be able to choose the number and the sequence of servers you want to put in a chain (up to 4 servers) and change the chains on-the-fly as well. You will get access to absolutely all our servers!
They say they charge $80/month for this service.

Some shills on the interwebs have been hyping "multi-hop" VPN setups for years, despite the fact that it's a solution in search of a problem. The real issue that can be solved by doing "chained" VPN services is that one cannot trust the people running VPN services not to betray their customers... or, worse yet, be a honeypot directly run by adversaries. It's entirely obvious that "multi-hop" service, from the same damned VPN company, does exactly nothing to solve these legitimate problems in the VPN industry.

Instead, "multi-hop" shills talk about theoretical timing attacks (mostly, if they make any effort whatsoever to actually explain what attacks they claim to be protecting against) that have never been observed, or even rumored at, in the wild. Solving "problems" that don't exist isn't quite as bad as failing to solve actual problems that do exist... but it's a pretty close second.

So it's curious to see this "quad VPN" thing pop up someplace where rumours of honeypots are dancing in the winds. Anyone have specific intel on this? We're tempted to sign up and run some actual network diagnostics on whatever setup is actually provided... it would be enlightening, eh?

Cheers,
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

[list]✨ ✨ ✨[/list]
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f[/color]


Guest

Re: Quad VPN & the snake oil of "multi-hop" VPNs

Post by Guest » Thu Jan 24, 2013 4:57 pm

i would like to point out that googling their ICQ number
https://encrypted.google.com/search?q=1 ... 66&bih=667


leads to their staff advertising in blatantly illegal forums related to fraud. and even buying banner space on carding forums as well as acknowledging to aid and abed in their fraudelent activities by providing immunity.


no non honeypot could get away with this in such a outspoken fashion russian or not

User avatar

Topic Author
Pattern_Juggled
Posts: 611
Joined: Sun Dec 16, 2012 6:34 am
Contact:

Re: Quad VPN & the snake oil of "multi-hop" VPNs

Post by Pattern_Juggled » Wed Feb 06, 2013 2:10 pm

My apologies for the delay in approving your guest post - it got sucked up into a spam-review queue and somehow we didn't notice it until today.
Guest wrote:no non honeypot could get away with this in such a outspoken fashion russian or not
There's been an interesting conversation about this over at Ars Technica lately, in the context of Silk Road - with more than a hundred comments so far, and still going.

I assume you are suggesting that honeypots - or other LEO (Law Enforcement Organization) run scams - can't do things like advertise their wares in certain venues and whatnot? If I'm correct in my understanding, then I'll have to disagree with you. Every "sting" operation run by every police force 'round the world does more or less exactly this: every drug sting involves a CI or undercover cop hanging out, pretending to be a "legitimate" drug dealer, and tricking buyers into engaging in a transaction. Clearly, they can't do that without going through the motions of being, well, a drug dealer.

The same holds true in online stings and honeypots.

I'll cite as a canonical example the "Darkmarket" sting, run by the FBI. In that case, the FBI ran an entire carding forum for many months, from their own servers, in order to entrap forum participants and catch as many people as possible. I'll provide citations to this story, if you're not familiar with it.

Thus, it's obvious that some LEO running a VPN honeypot would do exactly what you're saying: advertise in shady venues, and work hard to "earn credibility" and thus bring in more potential targets by doing so. After all, it's not much use to run a honeypot or sting that's targeting people who aren't doing anything illegal.

If I've misunderstood your argument, please correct me as I think these are deeply important questions to discuss and understand!
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

[list]✨ ✨ ✨[/list]
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f[/color]

User avatar

parityboy
Site Admin
Posts: 1214
Joined: Wed Feb 05, 2014 3:47 am

Re: Quad VPN & the snake oil of "multi-hop" VPNs

Post by parityboy » Thu Feb 06, 2014 5:58 am

@PJ
no non-honeypot could get away with this in such a outspoken fashion, russian or not
I cleaned the OP's words up a bit, makes more sense (to my eyes anyway). What he/she is saying is that no genuine operation could get away with such blatant actions, therefore this service must be a honeypot operation.


killswitch
Posts: 8
Joined: Mon Jan 21, 2013 2:11 pm

Re: Quad VPN & the snake oil of "multi-hop" VPNs

Post by killswitch » Sat Jul 25, 2015 5:26 am

Looping VPN sessions through two concentrators owned by the same provider might provide advantage in some situations, but depending on implementation. But the tunnel in a tunnel setup between two nodes owned by the same operator is just begging for attention from NSA's TURBULENCE system.

VPN within VPN would help if there were provider diversity - two companies to contact, two geographically diverse locations are involved, there are some situations where this would be useful.

Having started this, I am more inclined to write about the adversary spectrum, rather than going further down this recursive tunnel rabbit hole.

Post Reply