Paypal 30 Day Recurring Subscription Option
March 8, 2012
IPTorrents Password Change 8 March 2012
March 8, 2012
Show all

Would you pay for a multi-hop VPN option?

As our clientele now encompasses an increasingly privacy conscious crowd, we are wondering if users might be interested in a multi-hop VPN as an additional paid option.

What is a Multi-Hop VPN?

Currently your internet traffic passes through to one VPN server and then out to your destination. A single-hop VPN is pretty secure and ensures the least loss of bandwidth/latency. However a multi-hop VPN bounces your internet traffic to two VPN servers before going out to your destination and is even MORE secure. The benefits are enhanced security and it’s harder to trace but the drawback is that it takes a hit on bandwidth and latency and it costs more since you would need double the number of servers and bandwidth to achieve it. It’s most likely not something you want to use if you just wish for secure P2P but more for extremely sensitive matters.

Would you pay for an option like this as an add-on and if so how much? Post in comments after voting on suggested add-on price.

I can say that it’s most likely not going to be less than RM10 for an add-on since this is quite resource intensive.

[poll id=”4″]


  1. el_ay_es says:

    I am not sure what my answer is about the multi-hop VPN idea. You do make a good impression, and of course all of us customers want to trust you.

    That said, I am concerned about the hypothetical possibilities that you might be personally threatened or bribed there where you live, and I am completely ignorant about the actual likelihood of either of those possibilities occurring. I just do not know how vulnerable you are. Since both servers would be yours I am not sure why I would think you would be less likely to disclose my connection data from two servers than from just one. I do know that different countries have different laws and different practices about protecting Internet privacy. But you being in Malaysia is a constant. What considerations am I missing? What are the real scenarios for when a multi-hop setup would be more secure than just one VPN server.

    I hope a clear reply won’t be too difficult. I apologize for putting you on the spot. I trust you can understand my concern without taking it at all personally. Thanks in advance.



    “Just because I’m paranoid doesn’t mean there’s nobody out to get me.”

    • Reuben says:


      As you probably gathered, choosing a VPN provider is a lot to do with trust. A provider can always claim that they don’t log, but they can do so without anyone knowing. A provider can also claim that when shit hits the fan, they won’t reveal your information but when push comes to shove and their own neck is on the line, I think any good intentions or integrity of customer data are easily thrown out of the window.

      First of all, I seriously do not know what any of my users are using the VPN for. I could of course turn on logs and take a look, but frankly it’s not in my interest to do so. It takes up serious disk space, it takes up CPU, it breaches my own guarantees to my customers and puts me at threat of legal action against me by breaching my contractual obligations. The only times I do turn on logs are when I suspect some sort of abuse (using our service for DDoSing or mass spam etc) in which I turn it on, try to catch the guy doing it in the act (since I have no history), and then wipe the logs off again. This is necessary to continue running a viable service or else a few users will spoil the experience of everyone. I believe I’ve made this clear somewhere (I’ll have to relook at this to make sure the message gets across). I can’t even remember the last time I turned it on. For e.g. in the IPT password change when some user being an asshole decided to change the password, I could not identify the user. I didn’t have logs turned on, I knew the IP that changed the password (which was one of our VPN IPs) but could not pinpoint it to someone. Of course maybe if this becomes a consistent problem, then I would turn on logs and catch the culprit but I would also more likely than not just stop access for a while so that EVERYONE loses but not at the cost of turning on logs (I believe I’ve in fact done this before if you search the blog). To me, turning on logs is really a last resort since I would have to actively monitor it to find the culprit which isn’t an easy task.

      A multi-hop setup is more secure in the sense that let’s say one of our servers are seized and logged through the laws in that country. Even with those logs, it’s impossible to find the end user without now exercising jurisdiction on the other server. Assuming they don’t have reciprocal enforcement of judgment arrangements between countries, this can be tricky. In any case, it’s not going to be a cheap legal exercise and I have to say honestly, I don’t know how I would react if someone had good proof to show that terrorist activities have been conducted. If turning on logs might save lives….well I don’t know how I would react then. Basically a multi-hop adds another hurdle for someone to identify the actual end-user since more servers would need to turn on logs and then reconciled with each other.

      As for my personal safety, let’s just put it that I don’t have any large skeletons in my closet that would compel me to hand over customer information. I don’t have children nor a significant other either. Most importantly I’m not involved in politics lol. I know the picture foreigners have of Malaysia are poor but let’s just say those are one of my least worries at the moment. I see obvious critics of the government still around, still posting… VPN providers are probably pretty low on their list (if we’re even on there).

  2. el_ay_es says:

    Thank you, Reuben. That seems about as clear as can be. I might try out multi-hop VPN if it were available. Both price and latency are issues of course.

    All the best to you! LAS

  3. Mr. Smith says:

    It’s easy to set up a multihop VPN using two different (competing) VPN vendors.
    First establish a L2TP VPN connection to Vendor 1.
    Then establish an OpenVPN connection to Vendor 2.
    (A double tunnel.)

    Vendor 1 can see your ‘real’ IP but only sees encrypted exit traffic.
    Vendor 2 only sees Vendor 1 IP and then the unecrypted exit traffic.

    Virtually impossible to trace back to ‘real’ IP unless both Vendors are compromised.
    (Note: Some VPNs refuse connections from other VPNs. Most do allow these connections.)

    It’s a cool setup. Simple and easy to use. Works great.
    Just FYI.

Leave a Reply

Your email address will not be published. Required fields are marked *