End-to-End Data Protection
From connection establishment to data transmission, every step is encrypted. TLS protocol secures communications, no-log policy ensures privacy, and anonymization design keeps your network activity untraceable.
Transport Layer Encryption
TLS 1.3 Protocol
Adopting the latest TLS 1.3 standard for faster handshakes and stronger security.
- Removed insecure cipher suites and protocol versions
- Reduced handshake round trips for faster connection establishment
- Forward secrecy support prevents decryption of past sessions even if private keys are compromised
- Automatic negotiation of optimal encryption algorithms balancing security and performance
Strong Encryption Algorithms
Military-grade encryption algorithms protect data transmission content.
- AES-256-GCM: Symmetric encryption for data content protection
- ECDHE: Elliptic curve key exchange ensures forward secrecy
- SHA-384: Message authentication codes prevent data tampering
- Regular updates to key exchange algorithms to counter emerging threats
Certificate Verification
Strict certificate chain validation ensures connection to correct servers.
- Certificates issued by trusted Certificate Authorities (CAs)
- Automatic checking of certificate validity and revocation status
- Certificate Pinning support prevents man-in-the-middle attacks
- Connection refused on TLS handshake failure, no downgrade to insecure protocols
Privacy Protection
No-Log Policy
We don't log your network activity and cannot provide your data to any third parties.
- No logging of visited websites and services
- No logging of connection timestamps and session duration
- No logging of source IP to destination address mappings
- Only necessary technical logs for troubleshooting, containing no user identity information
Anonymization Design
Technical measures separate your identity from network activity.
- Entry nodes don't know your destination addresses
- Exit nodes don't know which user initiated the request
- Payment information stored separately from service usage records
- Optional cryptocurrency payment provides additional anonymity
DNS Privacy
Prevent DNS queries from revealing your browsing intentions.
- Built-in DNS resolution, queries not sent to local ISP
- DNS over TLS (DoT) support encrypts DNS requests
- No logging of DNS query history
- Optional DNS filtering blocks trackers and ads
Security Practices
- Regular security audits and penetration testing
- All code changes undergo security review
- Least privilege principle for system access management
- Critical operations logged for audit without user data
- Regular updates to systems and dependencies to fix security vulnerabilities
- Data centers comply with ISO 27001 and other security standards
Threat Protection
DDoS Protection
Distributed architecture and traffic scrubbing services protect service availability.
Man-in-the-Middle Attack Protection
TLS encryption and certificate verification prevent communication interception and tampering.
Traffic Analysis Countermeasures
Traffic obfuscation and padding techniques increase analysis difficulty.
Malware Protection
Optional content filtering blocks known malicious websites and downloads.
Data Handling
Information We Collect
- Account email (for login and notifications)
- Payment information (securely stored by third-party payment processors)
- Service usage statistics (aggregated data like total traffic, connection counts)
- Technical logs (error messages, performance metrics, no user activity)
Information We Don't Collect
- List of visited websites and content
- DNS query records
- Source IP to destination address mappings
- Connection timestamps and session content
Frequently Asked Questions
No-log means we don't record any information that can link your personal identity to network activity. We don't know which websites you visited, when you connected, or what content you transmitted. We only retain necessary aggregated statistics (like total traffic) and technical logs (like error messages) for service maintenance, which don't contain user identity or activity details.
We may receive legal requests, but due to our no-log policy, we have no user network activity data to provide. We can only provide basic account information (like email, registration date) and aggregated usage statistics, which cannot reveal specific network activity. We will notify users of such requests within legally permitted boundaries.
Our no-log policy is a public commitment verifiable through multiple ways: First, our system architecture is designed to be unable to log complete user activity; Second, we undergo regular third-party security audits; Finally, users can verify privacy protection capabilities through technical means (like checking DNS leaks, IP leaks). Our reputation depends on protecting user privacy.
Modern encryption algorithms (like AES-256-GCM) and protocols (like TLS 1.3) are highly optimized with minimal performance impact. TLS 1.3 reduces handshake time compared to older versions, and encryption latency is typically under 1 millisecond in practice. The security improvement far outweighs this negligible performance overhead. Our servers are also equipped with hardware acceleration to further optimize encryption performance.
Secure, Private Network Experience
Start now and experience complete data encryption and privacy protection.