All except one issue has been resolved, the remaining issue (IVP-04-014 WP, Medium) is complex to resolve without significantly affecting the user experience. "A total of 8 vulnerabilities (1 high, 6 medium, 1 info) were discovered. The full report on the audit was published in April 2022 and is as follows: The auditors used a white-box strategy and had access to their open GitHub code repositories as well as a special test environment for backend services. The service also undergoes a yearly VPN audit with Cure53, a reputable and trustworthy cybersecurity testing company. This is an open and honest way for a VPN company to operate. In their transparency report it appears to be true that IVPN has provided no information to law enforcement. The company states that since they don't log your information, there isn't much to divulge even in the case of legitimate requests. Like NordVPN, IVPN claims that being offshore protects it from intrusive information requests. The company makes it clear that it will only respond to legal information requests from Gibraltar authorities. IVPN does not even collect contact information, however anonymized crash logs are sent with user approval on desktop devices and can be opted out on mobile devices. The only thing they will store is your username, password, and payment information on their encrypted servers, so be sure they won't sell your information to third parties. IVPN claims to keep absolutely no log of the content of your traffic, connection timestamp, DNS requests, user bandwidth, IP address, or even cookies. They go into great detail about the specific data the company has and why it’s needed. Like ExpressVPN, IVPN's privacy policy is carefully written and extremely readable. (Image credit: IVPN) Privacy & encryption
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |