IVPN infrastructure is ready for 5th annual security audit

In-line with our commitment to perform an annual security audit of IVPN systems, we have commissioned the independent security auditing organisation Cure53 to conduct a security audit at the end of February 2023. We aim to publish the results of the audit no later than April 2023.

We have recently decided to upgrade our VPN gateway servers to a new major OS version which includes many configuration changes. The scope of the audit includes a pen-test and thorough security audit of the configuration of these new VPN gateway servers which are currently in a test environment, and due to go into production following the remediation of issues found by Cure53.

A note on the chosen scope and ’no-logs’ audits:

In 2019 IVPN has commissioned a ’no-logs’ audit to demonstrate that our service is not configured to collect and store information relating to customer connections.

After considering a repeat of this audit scope, we have decided that claims around ’no logs’ audits can be misleading, or at best ambiguous to customers. We often remark that audits are just a snapshot in time. Any VPN service receiving a stamp of ’no logs’ from independent evaluators can update their systems and start collecting sensitive customer information the following day.

For this reason, our aim this year, and from now on is arranging audits that focus on parts of our systems that have undergone significant updates. We believe such reviews meaningfully contribute to improving the security of our systems.

Featured posts

Related posts

IVPN News

IVPN acquires Safing, operator of Portmaster and the SPN network

Posted on December 3, 2024 by Nicholas Pestell Viktor Vecsei

The key points IVPN has acquired Safing ICS Technologies GmbH*, the company behind the consumer firewall application Portmaster and the SPN network Over the coming months, the IVPN team will take over the operation of the Portmaster and SPN services IVPN is committed to continuing the improvement of the VPN service, Portmaster, and the SPN network with a focus on better integration across our services The why and how We believe a trustworthy VPN service is just one part of the essential toolkit for resisting online surveillance.

IVPN News

DNS traffic leak outside VPN tunnel on Android

Posted on June 13, 2024 by IVPN Staff

Recently we were made aware of a potential DNS traffic leak outside the VPN tunnel on Android. Even with Android OS “Always-on VPN” and “Block connections without VPN” options enabled, as per the report the plaintext DNS traffic can be observed outside the VPN tunnel.