ExpressVPN Just Got SuperFish-y
Opinion: Ex Ad Injector Rebrands As A Security And Privacy Company
ExpressVPN has been considered one of the better consumer VPNs on the market; with one major benefit being it is a British Virgin Islands company and not subject to the same laws as US based VPNs such as NordVPN. It has just been purchased by Kape, who will be combining it with their other VPN purchases which include CyberGhost VPN, ZenMate and Private Internet Access.
There is just one niggling issue, Kape used to be Crossrider, one of the largest adware injector companies and responsible for SuperFish, among many other adware applications.
Editor’s Note: ExpressVPN responded to the above statement as follows:
“Crossrider was a cross-platform development platform for browser extensions that was abused by third-parties, including SuperFish. It is also important to note that developers themselves and third parties like Superfish determined how ads get served via those extensions—Crossrider did not control this process. Crossrider was also never responsible for Superfish.”
There are at least two ways to look at this, one somewhat positive and the other very much not so. If you want to give them the benefit of the doubt then who would know more about privacy than a company which spent years harvesting personal data? They would know most of the tricks of the trade and could bake in protections to the VPN software to prevent sites from grabbing any personal data and metadata.
On the other hand, can you trust a company that made it’s money by harvesting and selling your browsing habits to anyone that could afford it? The Register describes more of the wonderful adware the company developed before turning a new leaf, which you might want to check out if you are an ExpressVPN user or thinking of becoming one.
UK-headquartered Kape Technologies announced on Monday it has acquired ExpressVPN in a $936m (£675m) cash and stocks deal, a move it claims will double its customer base to at least six million.
NordVPN is based in Panama, not the US.
While their address is indeed in Panama I’m unsure that is 100% true that they are not subject to US laws … or at least that their parent company couldn’t be forced to turn over records by the US Government.
When PrivateInternetAccess got bought by them over a year ago they publicly went on LTT about defending it https://www.youtube.com/watch?v=xV3iACfOlFk