The Swedish VPN provider OVPN takes a different approach than most of its competitors. They rely on transparency instead of obfuscation.
The Swedish VPN provider OVPN takes a different approach than most of its competitors. The imprint of ovpn.com contains a summonable address. There are no straw men or cover companies in the Seychelles or anywhere else. We were able to ask David Wibergh, the founder and CEO of OVPN, some questions in our community interview.
Of course, transparency brings a lot of trouble to companies in this branch. Recently, Scandinavian rights holders wanted to take action against OVPN. It was thought that this would expose the Pirate Bay operators. But the provider resisted with legal means.
At this point we would like to thank our readers who actively participated in this discussion with many questions of their own.
History and choice of a name for OVPN
Tarnkappe.info: Hello, David Wibergh. Maybe you could just introduce yourself at the beginning of the interview.
David Wibergh: Hey!
I’m a self-taught programmer from Sweden. I live together with my girlfriend in Stockholm. Outside of work I’m a big fan of nature activities.
Tarnkappe.info: How did OVPN actually come about? Why did you want to start your own VPN service?
David Wibergh: Prior to starting OVPN, I used VPN services in order to uphold my integrity online. After college, I worked a bit as a programmer at an adtracking company. I was instantly horrified at the amount of information that they were able to gather from people’s actions online. It’s super easy for companies and governments to build up strong profiles on users in order to monetize them. The Edward Snowden revelations also occurred at this time.
Since I had used VPN services, and then went on to work at the adtracking company, I understood that a very good first step to ensuring one’s integrity online is by using a VPN service. However, I also thought that existing VPN services had a lot to improve. There was next to no transparency, the same holding company owned several VPN providers without any disclosure, and the user experience wasn’t good at all. I believed that I could do it a lot better than the existing solutions.
No similarities with ovpn.to or OpenVPN
Tarnkappe.info: Why is your name so close to the software OpenVPN, which is used by many VPN providers? Isn’t that confusing?
David Wibergh: I wanted a simple company name properly reflected the core product that the company offered. As we started only offering the service in Sweden and in Swedish, I discovered that ovpn.se was available. I took the decision then to name the company OVPN.
Tarnkappe.info: What connections are there to the scene VPN provider ovpn.to, which is older than your company?
David Wibergh: There are no connections. I didn’t know about ovpn.to when I started OVPN.
Questions about the realization
Tarnkappe.info: The VPN market today is extremely hotly contested. With which characteristics do you try to distinguish yourself from the competition, especially since the price is rather in the middle of the range? What is your unique selling point?
David Wibergh: OVPN has always been focused on privacy, transparency and security. We were the first VPN service to run our servers on RAM – even though providers now state that they were the first.
We are the service to use if you use a VPN in order to protect yourself online. There are other providers out there that mainly focus on accessing streaming services, but that’s not our main focus. OVPN also unlocks streaming services, but our main priority is ensuring our customers privacy and security.
Tarnkappe.info: Are multihop connections over several VPN servers always included in the price with OVPN or not?
David Wibergh: Multihop is only included when purchasing a subscription longer than 1 month.
Tarnkappe.info: Can your users also use legal streaming providers like Disney+, Amazon Prime or Netflix? The protection against being locked out is apparently the next big hype in the VPN business.
David Wibergh: We have recently added support for circumventing blocks by streaming providers. As such, OVPN can successfully unblock Disney+, Amazon Prime and Netflix. We will soon start unlocking additional German streaming services as DAZN.
Own DNS ad blocker scheduled for autumn
Tarnkappe.info: When will a DNS-Adblocker come, is that planned?
David Wibergh: Our DNS ad blocker will be released this autumn.
Tarnkappe.info: Are servers also planned with 10gbit?
David Wibergh: Several of our servers are already connected with 10 Gbit/s. We upgrade our deployments to 10 Gbit/s when the need arises.
Tarnkappe.info: Does OVPN plan an ipv6 support?
David Wibergh: OVPN is one of the very few VPN providers that allocate IPv6 addresses to connected users. We will add support to connect to our VPN servers via IPv6 next year.
Tarnkappe.info: Are own proxy servers still in the works?
David Wibergh: We have no plans to offer proxy servers as our core focus is privacy and security.
Tarnkappe.info: Are there any details about the last long DDoS attack? What measures have you taken in this regard?
David Wibergh: We’ve seen a wide range of different DDoS attacks lately. We’ve mainly added automatic blacklisting based on the pattern of the DDoS attacks.
So far, the authorities have not seized any servers from OVPN.
Tarnkappe.info: Have authorities ever confiscated servers? If so, on what grounds?
David Wibergh: No, never.
Tarnkappe.info: What do you think about VPN providers like Norton, Avira and now Mozilla, which originally covered a different business field?
David Wibergh: I believe it’s beneficial since it increases the amount of users that use VPN services. It’s important for users to read their terms of service though to ensure they actually fulfill the users requirements in terms of privacy.
We cannot answer any legal inquiries.
Tarnkappe.info: How do you know exactly how many devices a customer is currently using when you are not logging anything? For example, a maximum of four devices at the same time.
David Wibergh: When a user connects to a VPN server, the VPN server sends an API request to our website to ensure the provided credentials are correct. If the credentials are correct, the API tells the VPN server to allow the user.
Tarnkappe.info: If you were to lose in court, what data could you possibly reveal?
David Wibergh: We can not answer any court requests regarding which customer was historically allocated a specific IP address. As such, the court order that we’re currently fighting is useless as we do not have the requested information.
OVPN about Security
Tarnkappe.info: You write that your servers, which are located in the respective data centers, are individually isolated from the rest of the servers. There is no physical access from the outside because the interfaces are switched off. What happens if there is a technical defect in the server?
David Wibergh: If there is a technical defect, the server shuts down. If it is unable to boot due to some hardware error we ship a new server to the location.
Tarnkappe.info: Do you have a spare server in your closed racks, so that in case of a defect you only have to switch to server 2?
David Wibergh: Some data centers have multiple VPN servers already, such as Stockholm, where OVPN has 20 VPN servers. At other data centers, we only have one VPN server. In case that server would break down, it would take us a few days to ship a new VPN server to that location. For Germany, we have two VPN servers in Frankfurt and one in Erfurt.
Tarnkappe.info: Do you also work with Vlan’s in the IPv4 area?
David Wibergh: We do not allocate IPv4 subnets to any connected users.
Provider does not create any log files
Tarnkappe.info: You are always talking about the fact that the servers do not store logs. How does it look like with the switches you use? The Cisco switches use e.g. EtherAnalyzer and create connection data, which are stored. Do you have a solution for?
David Wibergh: We don’t use those features on any of the switches.
Tarnkappe.info: Since you also offer static IP addresses for users, their anonymity will be reduced because this fixed IP must be connected to the account, right? Do you have a solution on board to increase anonymity in this respect?
David Wibergh: Users are allowed to switch their Public IPv4 addresses. That means that if we receive a court order regarding who had a specific IP address at a specific time, we can not answer as we are unsure since users can change their IP address. We can only answer requests regarding who has a specific Public IPv4 address right now.
We do recommend users who purchase our Public IPv4 add-on to purchase it anonymously.
OVPN: Sweden good location, no need for cover-up tactics
Tarnkappe.info: Do you see any possibilities to counteract this, if authorities are tired of always having to ask when they want to know something?
David Wibergh: I am satisfied with our current solution.
Tarnkappe.info: What is the basis for your trust in the respective data center(s)?
David Wibergh: I know the owners of some of the data centers personally. But for other data centers, I have ongoing communication with them and also ensure they uphold our requirements prior to us shipping any servers to them.
Tarnkappe.info: Why don’t you do like Perfect Privacy, service through an offshore company and payment data through Sweden. Then the legal research of the users would already be impossible.
David Wibergh: There are benefits to approaches like this but also side effects as it involves additional governmental bodies and regulation. Sweden is a safe country for VPN services as there are no laws forcing VPN providers to actually do any logging. If that changes in the future, we will definitely investigate other options.
Looking ahead to the future
Tarnkappe.info: Are you worried whether your “bad” customers (cybercrime and hacking) will one day make sure that the current business model of all VPN providers is history?
David Wibergh: No. I don’t believe it will be possible to add such heavy legislation requirements across all VPN services as it’ll add a huge burden on all companies that also run VPN servers for their employees to connect remotely to their offices.
Tarnkappe.info: What do you think about the withdrawal of other providers who are no longer so secretive about revealing their customers’ data openly when asked?
David Wibergh: Providers that lie to their customers about logging claims should go out of business.
Tarnkappe.info: Some VPN providers see themselves as guardians of morality and decency, how does that look for you? Is there anything left out of your “no logs” promise?
David Wibergh: We believe it’s incredibly important to be a neutral provider. There is no difference between Chinese censorship and a VPN provider that censors and restricts what people are allowed to do.
Growing awareness of privacy
Tarnkappe.info: How has the Internet changed since OVPN was founded?
David Wibergh: More and more people are aware of the privacy threats that affect everyone. Companies have started taking action, and now a lot of ordinary web traffic is encrypted. But there are also more and more devices coming online that aren’t receiving proper updates or penetration testing by their manufacturers. So certain areas have definitely improved while whole new areas have gotten worse and easier to exploit.
Tarnkappe.info: No matter how difficult this question is to answer, what development do you expect? Where is the journey likely to go? Even more surveillance? Or more network blocking? Even more regulation?
David Wibergh: I believe governments will continue expanding their surveillance technologies. Companies will increase the amount of tracking as storage space becomes even cheaper. Machine learning opens up whole new areas of correlating potential buyer behaviour. VPN companies will be bought up and consolidated into bigger companies and it will affect their customers negatively as shareholder value will come first. Ie, Kape Technologies, antivirus programs buying up VPN’s. Online privacy will become more and more important. It’ll be more important protecting your network edge than only computers & phones. Ie, VPN’s will need to run on routers to properly protect all of the IoT devices people purchase.