Bernard Hastings | 2 Jun 2019
As governments across the globe push for the routine collection and storage of user data, there has been a renewed push from privacy advocates for online platforms to reinforce their security.
We all witnessed Turkish authorities seizing the servers operated by ExpressVPN following the assassination of Andrei Karlov in 2016 in search of user data that could link the perpetrator to any other nationals in Turkey. However, thanks to ExpressVPN’s refusal to store user logs, there was no data to show.
Fast forward to 2019 and ExpressVPN is taking server security to a whole new level with new ram-based TrustedServer technology, which has been designed from the ground up to be virtually incapable of storing user data.
A few features of TrustedServer include:
Servers of all kinds are typically reliant on hard disks to operate. These hard disks store user data on the server until they are erased or commanded to be written over by code. Of course, this poses a significant security risk when hacking or governmental intervention is involved.
A third-party could steal or subpoena a hard drive-based server, or a hacker could unlawfully gain access, and as a result, access all stored user data.
In Australia, the government’s data retention law would require servers or businesses based here to record user data on hard disks, which TrustedServer cannot do for the sake of privacy.
In the UK, the Data Retention and Investigatory Powers Act 2014 requires all ISP to retain to retain data of their users, and to be handed over to the UK Police if required to investigate a crime committed or to protect the public. Obviously this becomes impossible for UK Police to achieve if using the new TrustedServer where data is never retained after each server reboot.
On a ram-based server such as ExpressVPN’s, no data can be stored in the long term as RAM ‘can’t hold any data after being switched off. What this means is that all user data is wiped entirely after each reboot or power down and cannot be written to a hard disk for long-term storage – as the hard disk doesn’t exist. As a result, browsing anonymity and online privacy is massively improved.
In some tests, cutting the need to write to a hard drive considerably speeds things up, allowing Aussie ExpressVPN users to get the most out of high-speed or top-tier NBN connections.
This switch to utilising volatile RAM as a base for ExpressVPN’s servers means that even if a third party gains access to a server, they’ll only be able to remain ‘inside’ until it is switched off and back on again.
Typically, a server’s software is installed during the initial setup of the system and over time, incremental updates are added. As hard drive servers keep the edited or updated software code on-system and launch from it at each boot, there’s the chance the code could change or become inconsistent with over servers over time.
If code or software updates aren’t rolled out routinely, and on every server, there becomes the risk of each server running different code – opening a server to hackers.
For example, a server or an array of servers launched many years ago could be running the same software from day one. This software could have had numerous edits, updates and become filled with inconsistencies, which could open a string of vulnerabilities.
Moving on to a far more secure and streamlined way of managing server OS’s, ExpressVPN’s RAM-bases servers cannot store any out-of-date or altered OS information as RAM is not writable. Each time one of ExpressVPN’s 3,000 TrustedServers reboots, it must reload a new and secured version of the server OS.
Essentially this allows ExpressVPN to rely on every one of its servers to be secure and free of any vulnerabilities, thus ensuring a no log and even safer browsing experience for all users.
TrustedServer is just another example of how ExpressVPN continues to extend the included functionality in the vpn service offering. For us here at VPNCompass it’s an additional reason as why ExpressVPN is our number one vpn recommendation.
All ExpressVPN plans include the following features:
Note: All prices are in USD, and are Per Month.
Post Views: 203