Wednesday, 11 April 2018

Update on SumRando Web Proxy

Last week, an article was published regarding VPNs and Proxies and potential vulnerabilities with WebRTC.  We felt the article was somewhat misleading, and we want to take the opportunity to clarify what this all means and how it impacts you as a user of SumRando's products and services.

What is WebRTC?
WebRTC is an HTML5 specification that allows for real-time communication between browsers and devices without plugins or other widgets installed.  It enables voice and video communication to work inside web pages.  Many popular browsers (think FireFox and Chrome) already have WebRTC enabled. 

What is a Web Proxy?
A web proxy server is a computer that sits between you and the internet, which reroutes your requests through our servers by way of the website on the browser. When you are using a web proxy, Internet traffic on that page is routed through the proxy server, making it look as if it came from the server's IP address instead of yours.  This is isolated to only the webpage you are using, not the entire browser.

What is a VPN?
VPN stands for virtual private network. VPNs provide a virtual version of a secure physical network, where the information you send over the Internet is encrypted and secured from others on the Internet. By running a VPN, an encrypted tunnel is established between your device and the VPN servers.  Once the connection is established, all of your Internet activity (from browser to Skype to email) is pushed through this secure tunnel, through the VPN servers, and out to the Internet. The video on our VPN page - https://www.sumrando.com/vpn.aspx - explains the process as well.

Great. Why are you telling me all this?
The article that was originally published last week and has since circulated in the community indicated that some privacy services (VPNs and Proxies) may be vulnerable to WebRTC leaks.  SumRando Web Proxy was identified on that list. 

Was my IP leaked when I used SumRando VPN?
No. SumRando is designed to encrypt ALL traffic including WebRTC offering you the most anonymity and security possible when using a VPN service.   

Was my IP leaked when I used SumRando Web Proxy?
Potentially, depending on the website(s) you visited. SumRando Web Proxy was released with the intention of circumventing geolocation blocking and for quick anonymous searches on the web.  It was not designed to serve as a complete privacy and security solution. (That's why we encourage you to download and use SumRando VPN).  Admittedly, we weren't clear on our website how the browser plays a big role in network communication and the risks related to WebRTC and other non-HTTP and HTTPS web traffic. 

I used SumRando Web Proxy.  Can you tell me if I was specifically impacted by the leak?

No.  SumRando does not track SumRando Web Proxy activity.  We have no insight into who visited what sites at any certain time.

Okay.  Now what?
We highly recommend that you download and use SumRando VPN - https://www.sumrando.com/download.aspx.  We have a free account option that provides you with 1GB of data per month.  If you need more, you can easily upgrade to SumRando VPN Platinum, which gives you unlimited data and access to all of our VPN servers around the world.

SumRando Web Proxy is temporarily unavailable while we work to determine is there are additional ways to reduce the impact of WebRTC.  If you are concerned with WebRTC, it is possible to disable it directly in your browsers - https://www.privacyend.com/disable-webrtc-in-various-browsers/.  This may degrade some performance of websites, but it will prevent other websites from obtaining more inforamation under the guise of WebRTC requests.

As always, if you have any feedback, questions, or concerns, please reach out to us at support@sumrando.com.

Friday, 16 March 2018

"I Heard a Siren from the Silicon Docks"

Happy St. Paddy's Day to all the Irish out there and to those non-Irish who just want a reason to drink Guinness.

The Irish may be the largest diaspora in the world. Some 80 million people worldwide claim Irish heritage; this, from a country whose peak population reached 8 million. Even those not so well-versed in history know that oppression sent millions to emigrate or to their deaths. Poverty was a major struggle up until the Celtic Tiger in the 1990s, after decades of European Union structural funds propelled the economy to the top tier. It was an opportune time, as a fledgling tech industry would soon grow into a major global force. Many of the biggest tech companies in the world now have headquarters in Dublin; they have rebuilt the docklands - a once dirty old town of warehouses and factories - into a glittering, glass and steel mini city known as the Silicon Docks. If you've ever been to Dublin, you'd marvel at the changes over the last twenty years. It's a whole new world.

One reason the tech companies flocked to Dublin was its weak privacy laws. Data drinking companies like Google and Facebook were able to build massive data empires in part because these laws made privacy virtually an afterthought. Ireland's Data Protection Commissioner has been repeatedly challenged in courts by the European Union, and a new EU privacy law may open the floodgates for more litigation.

The EU's General Data Protection Regulation (GDPR) will restrict how tech companies collect, store, and use personal data beginning 25 May 2018. Businesses and organizations that fail to comply with GDPR will be fined 20 million euro or 4% of their global annual revenue, whichever is higher. 

The Irish government is trying to make the state exempt from provisions of the GDPR. A massive 132 page bill is still under debate with some rather bizarre points, such as reducing the age of consent from 16 to 13! Irish data protection experts are universally opposed to the bill, which they say, "has the potential to kill data protection enforcement in Ireland and will take years of litigation to fix.”

So why is Ireland opposed to data protection? For one, most businesses in Ireland are not prepared for the GDPR changes. Then there is the government itself that feels it is not prepared and worries that any fines on its public bodies may drain the budget and prevent them from fixing the problems that led to the fines in the first place.

These issues will be discussed in April at the Dublin Data Sec 2018 conference. Let's hope Ireland can get the bill sorted out before the GDPR deadline. In the meantime, here's to all the Irish out there. 

Sláinte!


Thursday, 8 March 2018

SumLinks - Women Matter

In honor of International Women's Day #IWD2018, some links:

The Center for the Protection of Journalists looks at the threats women journalists face.

Have you seen Bombshell: The Hedy Lemarr Story? It didn't seem to get a lot of press coverage, which is a shame, because Hedy Lemarr never gets the credit she deserves for basically inventing wifi.

In addition to Lemarr, here are nine other important women in tech.

Article 19 speaks out about online abuse of women.

Access Now takes a look at women making the internet safer for everyone.

A history of men taking credit for women's accomplishments.

Ten more women who changed the course of history.

And let us not forget the countless number of women who are prisoners of conscience, those who strive for human rights and democracy, who languish in the dank prisons of authoritarian regimes.

Tuesday, 27 February 2018

SumLinks - Cyberattacks, censorship, espionage, and more


Bahraini human rights activist Nabeel Rajab was sentenced to an additional five years in prison for tweets.

An Inside Look At The Accounts Twitter Has Censored In Countries Around The World

Cyberattacks increasing against civil society in Azerbaijan ahead of election

Worst Innovation Mercantilism Policies of 2017

Internet Governance Forum 2017 was one of the first times that "various organizations and professionals came together to address the links and gaps between the internet governance and media development communities. Synopsis from the Global Forum for Media Development.

The size of your app matters. Just ask Ethiopians.

Pakistanis are speaking out against internet shutdowns.

Zimbabwe: Omnibus Cyber Bill muddies Fundamental rights

Read more at: http://www.africafex.org/access-to-information/zimbabwe-omnibus-cyber-bill-muddies-fundamental-rights
Zimbabwe: Omnibus Cyber Bill muddies Fundamental rights

Read more at: http://www.africafex.org/access-to-information/zimbabwe-omnibus-cyber-bill-muddies-fundamental-rights
 Cyber bill threatens fundamental rights in Zimbabwe

Laughing in the face of internet shutdowns in Bangladesh
Zimbabwe: Omnibus Cyber Bill muddies Fundamental rights

Read more at: http://www.africafex.org/access-to-information/zimbabwe-omnibus-cyber-bill-muddies-fundamental-rights

New bill threatens internet freedom in Honduras.

EFF and Lookout Uncover New Malware Espionage Campaign in Chat Apps Infecting Thousands Around the World

Research

Dependent Yet Disenfranchised: The Policy Void That Threatens the Rights of Mobile Users in Arab States
Amazon Go’s ambient processing of special category data (eg ethnicity) to create “checkout free shopping” might cause problems if moved to Europe under the GDPR given the inability to freely consent.

Mapping Digital Freedom in Palestine

The Importance of Privacy by Design and Data Protection Impact Assessments in Strengthening Protection of Children's Personal Data Under the GDPR

The State of Privacy in Lebanon

Tuesday, 13 February 2018

Olympic Special: Get 12 months of Unlimited VPN for 20.18.

Protect Your Privacy This Year! Limited Time Offer.


To celebrate the 2018 Winter Olympics, we are offering one year (12 months) of unlimited SumRando VPN for 20.18 USD. Get 24/7 protection for your online activities on Android and Windows.

More info: https://sumrando.com/vpn-olympics/