Hacker News new | ask | show | jobs
by askura 1155 days ago
WeVPN: No personal info exists in our database. We have a list of email hashes + expiry dates that were provided to us. When you enter your email into the box, we look for a hash of the provided email and see if there is a record for it, which is used to upgrade the Windscribe account.

Nah no acquisition.

https://discord.com/channels/435955361955053579/435955361955...
1 comments
ggeek 1155 days ago
If we believe the Windscribe words about only having hashes and an encryption key to compare, an email hash is still an unique identifier and may still break the GPDR policy depending of your country/state. Most emails hashes will be pretty weak to crack even with a 10 years old GPU and a few data sets. john.doe1990@gmail.com hash can be cracked in a matter of minutes although i guess j0h7jkajsdb@gmail.com is safe. It is pretty sad to see that a company like Windscribe and Yegor that has been blaming the VPN industry shady behaviours for years are now part of the gear by trying to hide a possible private agreement with a signed NDA to not make it public and turn it into a good samaritan offer. There was many ways to help all those customers that ended up without service, but this is probably one of the worst ones. Unfortunately we will never know what really happened since there was zero transparency with the WeVPN customers.
link
askura 1155 days ago
I don't personally see it so cynically but I get what you're trying to say.

However it's being handled though I think the gesture is pretty nice in general. A ton of WeVPN customers were about to lose their money and for some people in restricted countries losing VPN access can be a hell of a blow.

When in Shanghai for example being able to jump across like this would have been pretty handy. As opposed when one that I used went down I had massive issues trying to get back online as other VPNs were being super restricted.

Each to their own.

link
ggeek 1155 days ago
I think nobody complained about the gesture to provide customers with at least access to a reliable VPN. WindScribe is a pretty good product, but they can't just break their own privacy policy with the excuse that someone could lose their money or no access due to the restrictions in their country. They have the whole customer email list if they have the hashes and nobody neither Wevpn or Windscribe asked the customer if they wanted to be migrated and grant the data access. Someone who purchase a VPN service is looking for data privacy, not only to bypass region restrictions.
link