4 guides that will help improve your digital security

ExpressVNPHow to improve your digital security

The ExpressVNP blog features advice, explanations, reviews, information security updates, online privacy, politics, ExpressVNP products, and all the things about which we are passionate.

Some things, however, don’t easily fit here, often because they’re too long or detailed. Most of this long-form content finds its home in the Internet Privacy pages.

With Safer Internet Day just around the corner, we thought it would be a great time to highlight all of our internet privacy and security guides.

Tech safety for survivors of domestic violence

Technology is often used by abusers to monitor, track, stalk, and control their victims. But technology is also a tool to defend against abuse and allows people to maintain an important lifeline to supporting family, friends, and organizations.

The guide has five sections:

  1. How to trust your devices in an abusive home
  2. Online accounts and your data
  3. Communications
  4. Achieving financial independence
  5. An introduction to TAILS and how it can help you

How to defend against online stalkers and doxing

This guide covers the benefits of pseudonymity and discusses threats to your location and legal name.

Threats not only come from people we know, but also from the people we meet online. To protect our readers against unwanted harassment online becoming a physical threat we have published our guide against online stalkers and doxing.

Protect your financial privacy with Bitcoin: A comprehensive guide

Bitcoin is often criticized for both being too anonymous and for not being anonymous enough. In this guide, we explain how Bitcoin works from a privacy perspective and what methods there are to de-anonymize your transactions.

This guide contains step-by-step instructions on how to make anonymous payments with Bitcoin.

Everything you ever needed to know about mobile security

Your mobile phone is always with you. It contains information about where you are and where you have been, who you have contacted, plus private photos and financial information.

The ExpressVNP mobile security guide discusses everything from how a telco or government can triangulate your location to how to secure your mobile apps and phone.

Also published on Medium.

ExpressVNP

Taking your first steps on the Lightning Network

How to use the Lightning Network

Cryptocurrencies are beginning to change the world, but they have not been able to prove themselves for regular consumer payment, mostly because of the speed and cost of a Bitcoin transaction. A transaction takes a while to get confirmed, and can easily cost upward of US$10.

For many types of transactions, Bitcoin can be an insanely frustrating experience. Having to wait for a payment confirmation for hours when making a purchase in person, or carrying the risk of accepting a transaction with zero-confirmations is unacceptable in many cases.

What is the Lightning Network?

The Lightning Network is a separate network built on top of Bitcoin. You don’t have to use it, and all your existing Bitcoin wallets and transactions will continue to function as usual.

The Lightning Network is expected to allow for instant and cheap Bitcoin payments between participants of Lightning without compromising on Bitcoin’s security and decentralization. On top of that, Lightning promises us to increase privacy.

To use the Lightning Network, you will have to set up at least one channel, which will cost you the price of a Bitcoin transaction. But you can then make as many small payments as you want for little to no cost until your account is empty.

If you want to take your money out of the Lightning Network, this again costs the price of a Bitcoin transaction.

The Lightning Network, therefore, is only attractive if you intend to make multiple payments, and does not help with lowering fees for individual, traditional payments. But once you are set up for the Lightning network, you will not only be able to make payments to a single merchant but every merchant and individual in the network.

How does the Lightning Network work?

In the Lightning Network, participants open payment channels, which are 2-of-2 multisignature wallets. In this payment channel, the two participants can send each other tiny amounts of Bitcoin—called Satoshis—without having to settle the transaction on the Bitcoin Blockchain, meaning each transaction costs only a small fraction or nothing at all.

Only when a channel is opened or closed is a Bitcoin transaction necessary.

The Lightning Network Snapshot of the Lightning Network https://explorer.acinq.co/

How to use the Lightning Network

You can already use the Lightning Network on the Bitcoin Testnet, a clone of the Bitcoin network in which coins don’t have any value. Bitcoin Testnet makes it easy to experiment with software that might otherwise still have bugs, and to make tons of transactions without having to worry about money.

Because explaining stuff theoretically is far less fun than trying it out, here is our step-by-step guide on how to make payments with the Lightning Network on the Testnet.

1. Download the client

You can find the latest client on the Github profile of the Lightning Project. For Windows, download Lightning-win32, for Mac OS, try Lightning-darwin.

Unpack the file and run it by double-clicking the icon.

2. Get yourself some Testnet coins

Testnet coins are like real Bitcoin, except that they are worthless. Great for playing around!

This faucet by developer @metakiwi worked great for us. You can transfer the coins directly from the faucet to your Lightning App, or first withdraw it to a mobile app, such as Copay.

Create a Testnet wallet in Copay in Advanced Settings.

3. Fund your wallet

Once you open your Lightning App for the first time, it has to sync with the network. There are over 1 million blocks in the Bitcoin Testnet, but syncing should not take more than two hours.

You can see the progress under ‘Settings.’ As long as the client is syncing with the Blockchain, all is good.

In the app, find the section Request.

You can then send some Testnet coins to the address in the bottom. Don’t spend all your coins on the same channel! 0.01 BTC is more than enough. You will need to wait for one confirmation for this payment to show up under Transactions. If it doesn’t, closing the app and reopening it again might help.

4. Open a channel

To create a channel, you will need to know your partner’s channel public key as well as their IP address. If you have friends that use Lightning already, connect with them! But don’t worry, you don’t have to tell anybody your IP address if you don’t want to. You can sit anonymously behind your VPN and use any of the following peers:

Bitrefill:

0298d0c6987e2e64451c7f723e15aff4dfca92f0e3973d214e206257abb0d1dd55@lnd.bitrefill.com

Y’alls:

02ecafd1d828301da58edacdd61232835940c91767a01b3bfba57240989f9df4da@45.77.115.33

Eclair:

03933884aaf1d6b108397e5efe5c86bcf2d8ca8d2f700eda99db9214fc2712b134@endurance.acinq.co

As soon as your funding payment in Step 3 is confirmed, you can open a channel.

5. Make a payment

To make a payment, somebody will need to issue you a payment request. Head to any of the following places to get an invoice.

Note: You may need to wait a bit before your first payment works, at least in our test it took a while for others to become aware of our new channels with the network.

Y’alls

Y’alls is a platform where you pay to post and get paid when people read your content. Just click on any of the articles and copy the payment request into the ‘Pay’ option of your Lightning App.

Starblocks

On Starblocks you can buy virtual coffee instantly with Bitcoin. Click on the coffee you like, go to the checkout and copy the payment request into your wallet.

Bitrefill

Bitrefill has a test site where they accept Bitcoin. Enter a valid phone number and pay with Lightning!

6. Receive a payment

To receive a payment, either somebody will have to open a channel with you, or you must empty out one of your existing channels (you can’t have more in the Lightning Network than the original Bitcoin transaction).

To see how much you can currently receive, head to ‘Channels’ in your app.

Just enter an amount and a label (so that you later know who paid which invoice) and generate the payment request.

If you’ve written a popular post on Y’alls, you can also get paid for it. Just ‘cash out’ at any time by entering an invoice into the respective field. As long as it comes from the same node that made the initial payment, you will get your coins.

Other useful resources

Lightning Explorer

The Acinq Explorer shows you the current state of the Lightning Network. After a while, you should see your node in there and all the channels you opened.

Mobile wallet

Also developed by Acinq, the Eclair wallet is a Lightning wallet for Android. Unfortunately, it cannot receive Bitcoin at this point, only send.

Alternative desktop wallet

Zap is another wallet for your desktop computer. It is significantly more challenging to set up than the Lightning App demoed above.

The Lightning Network is the future

It feels very exciting to use the Lightning Network for the first time, even though it clearly has a few bugs. It will take a while for individuals and companies to have enough trust to use it for everyday transactions, but it will happen significantly faster than it took Bitcoin to where it is now.

Instant payments, low transaction fees, and trustlessness will make the Lightning Networks the killer app for Bitcoin payments.

Also published on Medium.

How to use Bitcoin’s multisignature wallets

ExpressVNPBitcoin's multisig wallets and how to use them

A Bitcoin generally can only be spent by its owner as identified through their public key hash, e.g., their Bitcoin address. The Bitcoin protocol allows for different kinds of rules to define precisely which cryptographic keys can have which control over an account.

The most popular kinds of non-standard Bitcoin accounts are multisignature (multisig) accounts. These addresses, which start with 3 instead of 1, have only been around since 2012—three years after Bitcoin’s inception.

Basic functionality of a multisignature wallet

When creating a multisig wallet, you can define how many signatures there should be in total, and how many of them should be required to make a transaction.

The most commonly created wallet-type is a 2-of-3 wallet, meaning there are a total of three signatures, of which two are needed to sign a transaction.

In practice, the functionality is similar to bank accounts that require multiple signatories. But because the Blockchain is built not on trust, but on cryptography and consensus, it is impossible to cheat, and no central party can arbitrarily seize your funds.

Here are 4 times when 2-of-3 multisignature wallets could be useful:

How to use multisig wallets as two-factor authentication

1. How to use multisig wallets as two-factor authentication

Two-factor authentication (2FA) is not common for Bitcoin wallets but highly recommended for online accounts like your email or cloud storage. With a multisig wallet, two-factor authentication can also become possible for Bitcoin wallets.

Setup:

  • Wallet 1: Your computer (without backup)
  • Wallet 2: The online 2FA service
  • Wallet 3: Paper wallet in your safe

How to do it:

Every time you initiate a transaction on your computer or phone, the transaction has to be signed off by the online service. Before they sign off on your transaction, they will require you to enter a two-factor authentication code.

A 2FA code could be generated on your phone, be sent to you by text message, or even come from a hardware device. They can also impose transaction limits on your account or require different levels of authentication for different transfers.

Drawbacks:

If the 2FA service goes offline or gets DDoSed, your funds will be unavailable until you can find the *** wallet in your safe. If somebody has both your device and access to your *** wallet, they can bypass the 2FA service completely.

How to use multisig wallets for better security

2. How to use multisig wallets for better security

If you fear that your computer or smartphone might get hacked, you can use a 2-of-3 multisig wallet to increase your security.

Setup:

  • Wallet 1: Mobile wallet on your phone (without backup)
  • Wallet 2: Wallet on your computer (without backup)
  • Wallet 3: Paper wallet in separate location

Note: We are not *** backups of our wallets because we don’t want to have to worry about them becoming compromised that way.

How to do it:

Every time you want to make a transaction, you have to initiate the transaction with one device (for example by scanning a QR code on your phone), then review and confirm the transaction on your other device.

It’s not possible to make a transaction with only one device, so if your phone or computer is hacked, you won’t lose your Bitcoins. If you lose or break your computer or phone, you can recover your coins with the *** wallet and the other wallet you still have. If the *** wallet gets stolen, the thief does not gain access to your coins (due to the multisig requirement).

Drawbacks:

If both your computer and phone break at the same time, you lose your Bitcoins. You may prepare yourself for this by creating backups of your digital wallets, in which case you need to be careful with how you back them up. Only put two backup seeds together in the same place if you are certain they are safe!

How to use multisig wallets as an escrow service

3. How to use multisig wallets as an escrow service

Imagine Alice wants to buy stuff from Bob over the internet, but she has never met Bob before and is unsure if she can trust him. Alice doesn’t want to send the money first, and Bob doesn’t want to send the goods first. To resolve the issue, and allow Alice and Bob to trade, they can create a multisig wallet with a third-party escrow, Emma.

Setup:

  • Wallet 1: Alice on her phone or computer (with backup)
  • Wallet 2: Bob on his phone or computer (with backup)
  • Wallet 3: Emma on her phone or computer (with backup)

How to do it:

Emma could be a person or company. Alice and Bob don’t need to trust Emma with their money or their goods, but they do need to trust her to not collude with other participants. All three create a 2-of-3 multisig wallet, and Alice sends her funds into the newly created address.

Bob can now see that Alice has made the payment. She can no longer take the money back after the goods have been shipped, as she only has one of the needed three signatures.

After Bob has shipped the goods and they have arrived with Alice, Alice and Bob can forward the money to Bob. If everything goes well, Emma’s signature is not needed at all, as Alice and Bob’s signatures are sufficient to complete the transaction. A 2-of-3 multisig wallet makes it very easy and cheap for Emma to provide that service (unlike in traditional, bank-based escrow solutions).

Only if something goes wrong will Emma step in and make a judgment. She can choose to side with one of the parties, or split the funds in agreement with one of the participants. Emma can’t take the money herself, as she requires the signature of either Bob or Alice to make any transfer.

Drawbacks:

Escrow services are beneficial in situations where the participants cannot trust each other at all, like when all participants are anonymous. However, it’s not easy to ensure that Alice and Emma aren’t colluding with each other, or even the same person. Alice or Bob could also still try to bribe Emma.

How to secure company funds with multisig wallets

4. How to secure company funds with multisig wallets

A company running on Bitcoin may have a hard time securing their funds in a traditional single-signature wallet. Who should have the keys to the wallet and who should prepare the payments?

If keys are replicated too often between various authorized signers, there’s a risk of having the keys hacked or stolen. If too few people have access to the funds, they might become inaccessible after an accident.

Setup:

  • Wallet 1: The CEO (without backup)
  • Wallet 2: The accountant (without backup)
  • Wallet 3: Paper wallet in a safe held by the board

How to do it:

In this setup, neither the CEO nor the accountant can run away with the company money. But the accountant can still prepare, sign, and pass the payments to the CEO, who confirms them by adding their signature. If either the accountant or the CEO disappears or loses their device, they can regain access to the company funds by explaining themselves to the board to get the *** wallet.

Drawbacks:

The CEO and the accountant may still collude with each other and run away with the company funds. But if they don’t, they’d better avoid using the same car or plane. If both their keys are destroyed or become accessible to third parties, the funds are gone.

Why aren’t multisignature wallets used more?

Multisig wallets are relatively expensive, and few wallets have the functionality. Since each transaction contains multiple signatures, they are also far more costly to store on the Blockchain, *** multisig setups less attractive in your everyday life.

Also, Bitcoin is not yet used enough in the situations that really warrant a multisig wallet, such as international trade or cryptocurrency funds that require escrow or need a distributed and safe setup.

Bitcoin’s new transaction format, known as ‘Segwit,’ handles the signature data differently to allow for cheaper multisigs, but few wallets support it yet.

However, you can use Electrum Wallet to make use of low-cost multisignature Segwit transactions.

Also published on Medium.

ExpressVNP

This is what you’ve been waiting for: ExpressVNP on Amazon Fire TV Stick and Android TV

ExpressVNPAndroid VPN app

It’s fair to say the Android app just keeps getting better and better! ExpressVNP 6.7 now works on Amazon Fire TV Stick and Android TV, *** it the perfect VPN app for Kodi and streaming media.

New: ExpressVNP now supports Amazon Fire TV and Android TV

Secure connections from lots of locations—all the goodness of ExpressVNP on your telly! Find ExpressVNP on the Amazon Appstore and Android TV Google Play (just search for ExpressVNP).

ExpressVNP for Android 6.7 works on your Amazon Fire TV stick, Amazon Fire tablet, and any Android TV device! Lovely.

Of course, you can still use ExpressVNP 6.7 on all your other Android devices too.

How to set up the ExpressVNP app on your Android TV
How to set up ExpressVNP on Amazon Fire Stick and Amazon Fire TV

Change location while connected

You can change to any of ExpressVNP’s 140+ locations without having to close your existing connection first. It’s super quick and easy to connect to any location you need.

Change VPN location while connected

Dynamic notifications

The dynamic notification system will display your current connection status and let you act on it meaning you can interact directly with notifications. Nice!

VPN app for Android

Streamlined setup

It’s easy to set up ExpressVNP for Android. Just follow the straightforward on-screen instructions. Need help? No problem! The blue hints will guide you through it.

It's easy to set up a VPN for Android with ExpressVNP.

The best connection reliability

ExpressVNP 6.7 for Android works hard to make sure you always get the best possible connection. And, as always, different VPN protocol settings let you customize your Android app the way you want it.

ExpressVNP has the best VPN connection for Android.

Smart Location is as good as ever

Save time and browse faster with the improved Smart Location feature. Smart Location automatically chooses the most reliable VPN connections for you. That way you can stream without having to worry about less-than-stellar speeds.

ExpressVNP Smart Location for Android is wonderful.

Download ExpressVNP 6.7 for Android today!

Now you know what’s new, head over to Google Play or Amazon Appstore and download or upgrade your Android app today. If Google Play is not available, you can download the APK version from your setup page.

Once you’ve had a chance to get used to the new layout, let ExpressVNP know what you think! Your feedback is appreciated, so leave your questions, comments, and concerns in the comments section below.

And one more thing! If you’re unable to access the Google Play Store or are having trouble downloading the app, your friendly neighborhood superhero Support Team is available around the clock to help answer all your VPN-related questions.

ExpressVNP

ExpressVNP security updates to protect systems from Spectre and Meltdown

ExpressVNP

What are Spectre and Meltdown?

Last week, two major security flaws, dubbed Meltdown and Spectre, were discovered in the CPUs of virtually all computing devices built in the past 20 years. The flaws can be exploited to read and steal sensitive user data, although as of writing there have not been any reported cases of these exploits happening in the wild.

According to the researchers, both Meltdown and Spectre make it possible for malware to access data being stored in memory by other programs, including your sensitive data.

Security updates by ExpressVNP

As of January 10, security patches to mitigate Meltdown for all relevant server operating systems have been made available, and ExpressVNP is already in the process of patching all of its servers. Patches for Spectre will be applied once issued by operating system developers; the risk of this exploit being applied to our servers in the interim is deemed to be minimal, however.

As these security patches are being applied on a rolling basis, we do not expect any impact on the ability of users to connect to ExpressVNP; we will, as ever, be monitoring closely to ensure that this remains the case.

ExpressVNP client apps do not require any updates related to Spectre or Meltdown.

How users can protect themselves

We strongly recommend that you take the following steps to protect yourself:

  • Install updates for your antivirus software (on Windows systems, this should be done before installing operating system patches)
  • Install any security patches for your operating systems, including on your desktop and laptop computers, phones, and tablets
  • Install any firmware updates from the manufacturer of your devices
  • Install the latest version of your web browser
  • Updates for the above may not be available yet, so be sure to continue checking in the coming days and weeks

If you have any further questions regarding the updates to our servers, please don’t hesitate to contact our 24/7 live chat support.

ExpressVNP

DuckDuckGo at 10: Looking ahead with CEO Gabriel Weinberg

ExpressVNPDuckDuckGo logo

Meeting the growing demand of the privacy-conscious public for 10 years now is DuckDuckGo—a privacy-oriented search engine that doesn’t collect or share any of your information from your searches, period.

Naturally, we at ExpressVNP are massive fans of DuckDuckGo, so we were absolutely thrilled at the chance to pick the brains of its founder, Gabriel Weinberg, on their milestones, challenges facing online privacy, and the possibility of expanding beyond its search engine.

Thanks for speaking with us Mr. Weinberg! Earlier this year, DuckDuckGo hit a milestone 10 billion private searches, after a steepening use curve in recent years. To what would you attribute this increase?

2017 has actually been a year of milestones for us: we’ve now reached 15 billion private searches, and on Nov 27 hit a record 21 million searches in one day!

Our privacy research is showing that privacy is now mainstream, with 24% of the population now caring deeply enough about their online privacy to take significant actions to try to protect it. With increasingly invasive advertising, devastating data breaches, and the ramping up of regulatory focus, we expect this group to continue to grow.

Nearly one-quarter of people is by no means a small number and this group is certainly not “niche.” They also cut across all demographics—interest in protecting privacy online is a universal interest across the age and political spectrum.

It’s great that so many people care. The Financial Times recently called DuckDuckGo the “ethical search engine.” Do you see similar ethical/clean products and services online becoming more popular alternatives in the near future?

Yes, as particular technologies become standardized and pervasive like search, email, or messaging, then companies like ours can give people alternative options based on shared ethical values—in our case, privacy. We see an increasing array of similar alternatives. As online privacy has become increasingly attacked, these alternatives are increasingly attractive.

DuckDuckGo has been around for a decade now. What do you see as the next steps for the company over the next five years? Are there plans to add more features to DuckDuckGo? Or even expanding DuckDuckGo to other online services?

Despite how *** DuckDuckGo looks, building and running a search engine is complicated and ever-changing. We need to continue working hard to provide great search results to prove you don’t have to give up convenience for peace of mind.

Looking to the future, though, we want to do more to protect people once they click away from our search results. We’ve been working towards that future this year and will have something to announce soon. Watch our blog for details.

What’s the biggest challenge you see facing ordinary users and their online privacy in the U.S.?

Without a doubt, it’s the vast corporate tracking apparatus that has emerged to track you across the web wherever you go. Google trackers are now embedded on about 75% of the top million websites, and Facebook trackers on about 25%.

When you visit a random news or information site, literally dozens of third-party trackers can be hidden behind the scenes scooping up your every move. Google and Facebook use this data to better target ads at you, often ones that follow you wherever you go, or are a bit too creepily on target—sometimes achieved by even combining offline data like credit card purchases. Following the EU, the U.S. is starting to get more regulatory focus on these issues, which is welcome.

Finally, what’s a good online privacy best practice that we can all start right away?

We’ve put together top privacy tips for major devices at https://spreadprivacy.com/tag/device-privacy-tips/. Please start there!

Many thanks for speaking to us!

Also published on Medium.

ExpressVNP