October 30, 2020
VyprVPN was one of the most popular VPN services of the past decade, and when it comes to user data logging and retention periods, they were very cautious and privacy-minded. After some instances of poor coverage by the media though, Golden Frog, the developer of VyprVPN decided to make a leap by turning their product to a totally no-log VPN service. This fundamental change would help them stand out against any other VPN provider and would also strengthen their stance on user privacy. However, claiming something isn’t proving it, and in the world of VPN services, the absolute trust of your user-base is something especially hard to win. No one is believing in bold marketing anymore, as this has been proven to be groundless in the VPN field numerous times in the past.
First, Golden Frog decided to partner with the Center for Democracy and Technology over the past year, creating a report that acts as the platform for users to understand what signifies a trustworthy VPN. But this was only scraping the surface of what Golden Frog wanted to achieve, so they hired “Leviathan Security” security experts and asked them to perform an in-depth independent audit on VyprVPN, exploring whether their platform collects any PII (personally identifiable information). They gave Leviathan full access to their application code and servers infrastructure and asked their engineers to work together with them in order to enlighten any shady areas in security and privacy.
The results of the Leviathan Security investigation report are clearly indicating that Golden Frog worked to remediate all no-log related findings concurrently with the assessment, and once this had been completed their retesting sessions verified that all of the fixes were effective. Long story short, Leviathan is publicly asserting that VyprVPN is indeed a 100% no-log VPN service platform. This is the first time that a VPN service gets officially certified by an independent security auditor on their privacy level, so Golden Frog is proudly tooting this fact on their blog.
Golden Frog is providing some details on what they did, highlighting changes in their app code to ensure that logs that are stored in the device and the OS are securely handled and in accordance to the users’ consent. In addition to that, they have spent a great deal of time modifying their VPN, authentication, and API servers, making drastic logging route changes across the entire suite of their backend software, ensuring that even accidental logging incidents won’t occur. All of this was verified by Leviathan, who also provided Golden Frog with a solid future recommendation plan on how to monitor their servers for regressions, enabling them to maintain and further develop their VyperVPN privacy-driven framework.
Golden Frog understands that these partnership-based audits may still not be enough to convince some, but they promote practices of this kind as the best possible way to ascertain marketing claims. This is why they hope that their new VyprVPN product will act as a beacon in the nasty and untrustworthy sea of VPN services.
Do you trust VPN providers? Let us know of your stance on the matter in the comments below, and don’t forget to visit our Facebook and Twitter pages to learn about the latest developments in the world of tech.