BolehVPN: Among the Top 5 rated VPN Providers in the World

Archive for the ‘Announcements’ Category

Thursday, August 8th, 2013

Selamat Hari Raya and Happy Eid Al-Fitr to our Muslim friends

Dear Friends,

Just would like to wish our Muslim friends a happy and safe Eid Al-Fitr :D

We would still be operating as per normal though with slightly slower response times!


Monday, July 1st, 2013

Malaysian Users to experience degraded performance to Europe, US and North Asia

Telekom Malaysia has announced maintenance works on one of their main submarine cables. The maintenance  is expected to take about a month and will only be completed on the 21 July 2013. Other countries who use the same submarine cable in the region might be affected as well.

Official announcement is as below:

TM wishes to inform that the consortium for the submarine cable network system providing international data link to Europe has scheduled a planned maintenance exercise on 29 June 2013. The maintenance work is expected to be completed on 21 July 2013. During this period, users may experience:

  1. Slow browsing when accessing sites hosted in Europe, the United States (U.S.) and North Asia.
  2. Less than ideal call quality when making and receiving VOIP calls to and from Europe, U.S. and North Asia.
  3. Less than ideal online gaming performance when using servers hosted in Europe, U.S., North Asia.

We are taking pro-active steps to optimise bandwidth utilisation on other international links to ensure that any performance degradation caused by this maintenance exercise is minimised.

We apologise for any inconvenience caused and would like to thank you for your understanding and patience during this period. Should you have any enquiry or require further assistance, please get in touch with us here or tweet us at @TMConnects.

Thank you.

Tuesday, June 11th, 2013

Minor USD Price Revamp

We have updated our VPN prices by rounding down all USD figures to the nearest dollar just to make things a bit prettier :D

Wednesday, May 8th, 2013

Sharing our Customer Support Statistics

As you probably are aware, over the past few months our focus has been to improve the customer support experience.

We’ve started using Zendesk a fully fledged ticketing system that replaces our previous Portal system and we now have some statistics to share with you.

In the month of April, we received 615 unique tickets, meaning we had 615 separate incident requests.

Our Average First Response Time Statistics:

67% 0 – 1 hr

29% 1 – 8 hr

3% 8 – 24 hr

1% 24 + hrs

This shows we have a bit of work to do to reduce the response times for the 8 hours and above but we have beaten by a huge margin the IT Services and Consultancy benchmark average first response time which is 25 hours (something that would prompt a reprimand in our support team).


We have now enabled Customer Satisfaction reviews of ticket resolution. This directly affects our Support Staff appraisal so we ask you to be fair when rating tickets handled by them. We hope to share these results later on!

Thursday, May 2nd, 2013

Streamyx employs Deep Packet Inspection to censor political videos?

Deep Packet InspectionBefore I begin this post, we at BolehVPN are of diverse political views and have supporters of both sides. However, when it comes to dealing with internet censorship, we’re all in agreement that it’s bad.

There is strong evidence that Streamyx is employing Deep Packet Inspection (DPI) to censor certain political YouTube videos as discovered by Lowyat forumer rizvanrp.

This means Streamyx has employed hardware to identify certain sites as blacklisted and deny access. These sites are such as Youtube videos on Bala’s wife, and possibly MalaysiaKini and DAP’s Facebook page. Using encrypted HTTPS seems to bypass this. Another way is to use a VPN which is a more secure solution to protect yourself against DPI.

This is an excerpt from rizvanrp’s post:

All plaintext HTTP connections on Unifi (and maybe Celcom + Maxis) are being man-in-the-middle’d and dropped if they contain blacklisted data.

What we know :

i. The DPI isn’t only being used to selectively block YouTube videos, however unencrypted Facebook pages belonging to certain parties are also being blocked. You can get around this by appending ‘https://’ to the Facebook URLs rather than trying to use ‘http://’.

ii. The DPI is based on TCP segment analysis. Basically, every single TCP packet has its payload analyzed for certain request URI strings that have been blacklisted. Obfuscation attacks such as packet fragmentation (splitting a large TCP payload containing a single HTTP request into smaller TCP segments) as well as packet padding (appending large amount of junk data to the HTTP request URI in order to force the ‘HTTP/1.1\r\n’ trailer into a separate TCP segment) will also work however you need specialized HTTP proxy software or iptables rules (on Linux) to do this.

iii. Once a blacklisted payload is detected within a packet, the header information for the TCP stream (SRC/DST port + SRC/DST IP address) is added to some kind of blacklist for 90 seconds. This causes all traffic for that particular TCP stream to be dropped for 90 seconds (hence the 90 second gaps in my packet capture samples above). This is also why some of you have noticed that if you wait long enough (well, 90 seconds in my tests).. the videos/sites that are blocked will eventually continue to load. Due to the persistent nature of TCP, once the 90 second blacklist window passes.. your TCP stream will continue and the payload data for whatever you’re requesting will reach your computer.

Mitigation techniques :

i. Use ‘https://’ wherever possible (especially on Facebook). Users in the thread have recommended HTTPS Everywhere which is a Firefox/Chrome addon to do this automatically for most major websites.

* While YouTube supports HTTPS for their main website, their player does not support it so even if you were to use HTTPS on YT.. the videos won’t load.

ii. For accessing blocked YouTube videos, you can use some of the various YouTube proxy sites such as ProxFree.

iii. Get a VPN/SSH tunnel service if you’re worried about having your HTTP requests intercepted.

Sinar Project’s Google + update also confirms this:

TMNet’s filtering of +Malaysiakini video interviews of Bala’s widow

We strongly suspect some sort of basic content filtering to censor online media in Malaysia is happening. Investigation was done on multiple networks based on the id/url of these videos served from Google’s +YouTube  cached servers located in TMNet network.

We are not aware of all the details of Google’s infrastructure, but testing so far has revealed that when request is served from servers not in TMNet’s network, the video can be viewed immediately. The content filtering is not effective all the time, and it can sometimes pass after a period of time if the request is fragmented into multiple packets.

Many people have reported difficulties with viewing the following video interviews linked from MalaysiaKini’s interview article here It is an interview of the window of a private investigator’s widow who implicates that the caretaker Prime Minister Najib Razak was indirectly involved in their plight to cover up possible interference in the murder case of Mongolian citizen Altatunya.

Isteri PI Bala: Kami betul-betul macam pelarian
Isteri PI Bala: Apakah salah berkata benar?

This is similar to the recent attempts at censoring MalaysiaKini for which normal users think that there is something wrong with their Internet connection, rather than a more sophisticated form of censorship.

We strongly condemn the actions of TMNet and parties involved in censoring  access to free media in Malaysia and hope that +Google‘s +YouTube team can help shed more light on this with their own internal investigations.