BolehVPN: Freedom Through Security

Facebook and Instagram is Down: Get back to your real lives!

January 27th, 2015

Just letting you know that Facebook and Instagram is currently down as at 2:30 PM GMT +8 27 January 2015.

For a moment I thought it was our government deciding to censor Facebook!

Also trending on Twitter #facebookdown :D

 

Malaysia Airlines’s website hacked

January 26th, 2015

Malaysia Airlines’ website has been hacked by the Lizard Squad, the same hacker collective that attacked Microsoft’s Xbox Live and Sony’s Playstation Network via Distributed Denial of Services (DDoS) attacks. They are a group of self-described “cyber-terrorists” and even offered DDoS for rent services.

Its latest hack takes a jibe at the missing MH370 flight which was first mentioned in a couple of tweets:

mashacked2

A short while later, MAS’s website is now a picture of a dapper lizard, the sign-off for the Lizard Squad.

MASHacked

 

It is not very clear the reason for the hack other than fun although the tweets above actually were preceded by other plane/airline related tweets:

mashacked3

 

It is noted that it is claimed on other news sites that the Lizard Squad is affiliated to ISIS though our opinion is that they simply find it entertaining to associate themselves with them.. They hosted a Reddit AMA (Ask Me Anything) and:

“I get the exposing corporate greed angle, but don’t you think you’ve maybe taken it a bit too far? You practically made a bomb threat, you put lives in danger. And the ISIS flag shit is disrespectful. You are turning yourself look like a terrorist rather [SIC] then someone who is trying to make a point.”

To this The Lizard Squad responded, claiming:

“Some media outlets actually think we’re affiliated with ISIS, it’s great.”

Another user commented on the group’s invocation of ISIS, writing:

“I really like the fact that normal people can shut down major corporations, but why do it in the name of ISIS?… I love computers and technology but why the bomb threat if [SIC] your trying to expose corporate greed and show how bad of quality corporation servers are?”

And the Lizard Squad responded:

“For the Caliph, brother!”

BolehVPN Telegram Group for Chat

January 16th, 2015

t_logoFor those of you using Telegram messenger, we have started a chat for our BolehVPN customers to communicate with us. Chat should not be used for support queries as we do have a ticket system for that. :D To join us, just drop us an e-mail with your Telegram username. If you don’t have a Telegram username yet, see here.

Telegram has since its early days, has improved its privacy and encryption. However, for the super private, this is not for you as Telegram’s ‘secret chat’ does have some implementation concerns but for general chat it’s good enough. Best of all it has a desktop client to work together with a very well designed mobile app which gives it an edge over Whatsapp.

Rules of Conduct

  • No advertising or discussion of competitors
  • No spam
  • No hateful comments/chats
  • Basically whatever the Admins feel is right to maintain a pleasant chat :D
  • Reserve the right to remove inactive users

Important Changes to our DNS Servers for BolehVPN

January 16th, 2015

Current Situation

We have been considering the issue of DNS servers that we use in our VPN servers and thank all users who have provided valuable feedback to us. DNS servers translate the easy to remember word addresses (such as bolehvpn.net) into IP addresses which is a bunch of numbers. Previously we used the default DNS servers that were provided by each server provider’s ISP but due to some unreliability, we then moved to Google’s DNS servers (which wipes its logs every few days) and then we dabbled for a while with OpenNIC’s no log servers. OpenNIC’s servers being hosted independently kept on going down and so we reverted to Google and/or OpenDNS.

Is there a a Problem?

Even using this setup, an ISP cannot see what you’re surfing as all queries are going through the encrypted tunnel. However the administrator running the DNS server (Google or OpenDNS) is able to capture some info which are the following:

  • Our VPN server’s IP
  • The time of the DNS query
  • The destination address of the query

For example if you were trying to access minecraft.com through your internet browser while on our VPN, the DNS server admin would be able to know that our VPN server made a query to minecraft.com at a certain time. Besides that, no other information about the end user is given out and you also have plausible deniability as many users use a server at one time. Therefore although your ISP does not know what you’re doing if someone is very determined in trying to unmask your identity and has the legal resources to do it, they theoretically can get the DNS server admin to help narrow down their search. It’s still a long way to go to unmasking your identity since they would be unable to identify which user within the VPN server at that time but assuming the site you visit is very unique and they have other information tying to you accessing such a site (for example if they have seized your computer) it is further evidence that can be used against you. Yes, this is quite an extreme situation and for the average user, it isn’t important but we realized that if we can take steps to improve the privacy of our customers, we should.

How BolehVPN is Improving

Many other VPN providers also use Google DNS or OpenDNS or their server provider’s own DNS but we are taking the step of hosting our own DNS servers so that none of your information goes to third parties you may not trust. Meaning, any potential identifying data is only kept within BolehVPN and not to any other third party provider. Also, any DNS leak test would also not show our company’s name but the original server provider’s one which further doesn’t reveal that you’re using a VPN.

These changes are not trivial as we do have to properly secure these DNS servers and ensure they can handle any loads thrown at it but we are already deploying this on a few of our servers to test performance and will be rolling out these changes over the coming weeks and will post an announcement once it’s completed.. We don’t forsee any major difficulties with this.

Also for those asking why don’t we use DNSCrypt, it doesn’t really add any advantage to the way we are setting it up. You are still free to use DNSCrypt independently if you prefer to continue using that.

What Do You Need to Do?

Nothing, the changes will roll out and you may experience a very brief disconnection and upon re-establishing of the connection, the new DNS servers will be pushed to you unless you chose to specify them manually. Do feel free to share your opinions and comments!

 

New Asuswrt-Merlin Firmware 376.49_5

January 15th, 2015

We have updated our links on our forum to support the latest Asuswrt-Merlin Firmware 376.49_5 with the support of xCloak function which further scrambles your packets making the VPN harder to block.

Download links and Changelogs are available on our forums HERE

To view the guide on how to set up BolehVPN on your AsusWRT-Merlin equipped router, please visit this link