No Logs.

blackVPN
blackVPN
Jun 5, 2015 · 7 min read

No traffic logs. No connection logs. No DNS logs. Your real IP address is never logged.

June 5, 2013 was when the world first heard from Edward Snowden. This year, it’s our turn to show our commitment to protecting your privacy and digital rights by going “no logs”.

No More Connection Logs.

Now we delete that information when you disconnect.

We cannot hand over any logs — or your real IP address —
to law enforcement because we don’t have it.

What Has Changed?

Instead of keeping connection logs to deter abuse, we’ll rely on reacting to incoming abuse reports by temporarily blocking access to those sites and services that are being abused.

We may also monitor connections to the IPs being abused in order to locate and ban the abuser. We’ll keep the monitoring in place until the abuse stops, usually just a few days.

Most blackVPN users won’t be affected as we will only monitor the website(s) and service(s) being attacked in order to find the culprit.

That’s our open and honest explanation of how we mitigate abuse while respecting your privacy — with no logs.

Why Change?

However we failed to be recognised as one of the most private and secure VPNs because of one important issue: our connection logs. Although these were automatically removed after a short period — and keeping these connection logs has not proved harmful to any of our users — the perception that we have logs that in theory CAN be handed over to law enforcement has turned some people away.

We kept the connection logs as a deterrent against serious abuse, but now we’ll switch to real-time monitoring of abuse instead of relying on the connection logs.

Why We’re in Hong Kong

The Metadata We Do Not Have

We do not have activity or traffic logs.

We do not have DNS logs.

We do not have connection or session logs.

We do not log your real IP address.

Try it here: whatismyipaddress.com

Image for post
Image for post
An example of how your public IP address can reveal your real location.

What information do we keep and why?

Account data.

We store your username, hashed password, the expiry dates for each VPN location and the date the account was created.

Email address you used to sign-up to our service.

We also send the occasional announcements and special offers, but we try to keep it to a minimum.

Payment information.

We keep a link to the payment providers transaction ID, payment email, transaction date, price and VPN package selected.

Third Party Systems We Use

Image for post
Image for post
PayPal, CardPay and BitPay for payment processing.
Image for post
Image for post
Stream Send for renewal reminders and updates.
Image for post
Image for post
CloudFlare for website protection.
Image for post
Image for post
SparkLabs for Viscosity VPN client licenses.
Image for post
Image for post
uncensoredDNS.org for log free DNS lookups

How we keep your
real IP address private.

Our VPN servers never log
your real IP address.

Image for post
Image for post
Kudos to the guys at Cryptostorm for creating a patch for openVPN status logs and sharing it with the community.

We strip your real IP address from OpenVPN status logs so that we can still get useful information about the number of users connected — without logging real IPs anywhere.

For L2TP + PPTP we turn logging off to keep your real IP address private.

We make sure that whatever happens, no IPs are saved in the servers system log (thanks to the syslog-ng patch from RiseUp). So if the machine is seized the logfiles will be completely useless to identity anyones real IP address.

Our support system never logs
your real IP address.

Image for post
Image for post

We host our own version of OSTicket for our ticket support system — which has been modified to never log your real IP address when you create or respond to a support ticket via our website.

Our Live Chat widget never logs
your real IP address.

Image for post
Image for post

We host our own version of Live Helper Chat for our live chat widget — which has been modified to never log your real IP address when you chat with our support staff. All visitor location information is disabled in our Live Chat system.

Our website analytics never logs your real IP address.

Image for post
Image for post

We host our own version of Piwik for our website analytics — which has been modified to mask your real IP address when you visit our website.

We were testing Google Analytics on our website to optimise our Adwords spending — but we’ve removed that now.

We built our own internal
support tools too.

Image for post
Image for post

Here’s what our internal customer support tool looks like for our support staff… Basic.

We support open source
software and tools.

We support open source VPN clients and protocols like OpenVPN for Windows and Tunnelblick for OS X. We also support using SSL Tunnels to hide the OpenVPN connection in an extra layer of encryption.

We provide easy installers that are packaged with our VPN connections — but you are also free to install the open source versions of each tool yourself and grab the configuration files from our website.

Image for post
Image for post

“People and companies all over the world will come together to implement the technological solutions that can put an end to the mass surveillance programs of any government. This is the beginning of a moment where we the people begin to protect our universal human rights with the laws of nature rather than the laws of nations.”

— Edward Snowden

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app