bestvpn + hmmm?

Encouraging best practices in the VPN industry via independent, community-certified verification of clean installers and clean basic service operations. Let's reward the good, and make the bad a little bit less tempting 〰 github repo#cleanVPN
Posts: 2
Joined: Wed Jan 07, 2015 11:10 am

bestvpn + hmmm?

Post by BenHerr » Wed Jan 07, 2015 11:24 am

{direct link:}
edited to remove some info that might be personally identifying, plus updated the title of the thread ~admin


I will omit the name of this service for now. Anyone caring to look can easily figure it out. I was issued a certificate for authentication. I wanted to know what if anything it said about me so I did some research and happened to find a certificate decoder. I popped the certificate in and something struck me as odd it says Serial Number: 1 (0x1) and the providers details. I did some reading but a lot of this stuff is over my head. I think this certificate is this services server certificate but I am not 100% sure. I happened to find a post here while trying to research this myself and I decided to post the config on pastebin in hopes that I could find someone to tell me what is going on. Please note until I know a bit more I modified my private key some.


What do you guys think about this?

Posts: 2
Joined: Wed Jan 07, 2015 11:10 am

Re: Tried a "recommended" VPN service. Somethings not right

Post by BenHerr » Thu Jan 08, 2015 12:25 am

Additional information.

I am starting to think this service is ran by a very popular VPN review site. This certificate from what I have been able to determine appears to be the Certificate used to sign certificates with. I will confess I do not actually have a subscription to the service. I got involved because a good friend of mine signed up there because of this VPN review sites word. He was having a problem with the service and I helped him via teamviewer and started seeing some things that didn't add up. I confronted one of the writers for this site with my findings along with several other people complaining about the same service only to have my comments removed. Recently it has come to my attention that they actually get paid big money to review these services and basically sell their top spots. Now that I am completely disgusted with them I have taken it upon myself to try and call them out on any of the BS they post. The example above was them trying to say certificate based authentication is the best for private VPN services and I have been arguing they are wrong because certificate based auth gives away too much information. The author actually posted the doctored ca/key but left his "client cert" in tact. Once I checked the cert and found the info below I had to assume something is wrong. I mean how does a client get the very first certificate? I want to further prove that this "trusted review site" is in fact nothing but an attempt to extort money for links that are meant to look legit. So if anyone could give me their opinion I would really appreciate it.

Certificate Information:
Common Name: bestvpn/5ca576dc-67b6-4104-8be9-b20f95458e0e
Organization: Buffered LLC
Organization Unit: IT
Locality: Bueçpest
State: Pest
Country: HU
Valid From: January 5, 2015
Valid To: January 5, 2016
Issuer: Buffered, Buffered LLC
Key Size: 2048 bit
Serial Number: 1 (0x1)

User avatar
Posts: 133
Joined: Sat Jan 26, 2013 4:31 am

Re: Tried a "recommended" VPN service. Somethings not right

Post by cryptostorm_support » Mon Jan 12, 2015 10:08 am

I've alerted the team to your concerns expressed here and they will have a look shortly. Unfortunately we've a bit of a backlog of weirdness, and dubious claims from other services to investigate so it may take some time.
cryptostorm_support shared support team forum account
PLEASE DON'T SEND PRIVATE MESSAGES with support questions!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone! validatorsPGP key @ MITnetwork statuscryptostorm github
support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
support team email:
live chat support: #cryptostorm

Posts: 8
Joined: Sat Aug 08, 2015 10:45 pm

Re: bestvpn + hmmm?

Post by Iddertew » Sat Aug 08, 2015 11:00 pm

Thank you informed me.