Why is PrivacyTools proudly sponsoring a VPN service with no reputation or even online discussion?

On the homepage of PrivacyTools is the very bold logo of Oeck, a company based in Australia.

It does sound intriguing, but there’s multiple issues I have:

  • I can’t find any source code, nor references to being open source. There’s only one repo on GitHub containing “Oeck”, and it’s completely unrelated.

  • “Oeck” has never been mentioned on r/privactoolsio, in fact, the only time it’s been mentioned anywhere on Reddit is in botted advertisements. In fact, the only times it’s mentioned on the entire internet is Reddit ads, Whirlpool ads, and OzBargain ads. There has been, to my knowledge, absolutely zero discussion about its competency as a service. Ever.

  • Oeck isn’t itself recommended as a VPN by PrivacyTools.

Is there any explanation as to why PrivacyTools is advertising Oeck despite this?

I think you have it backwards?

PrivacyTools does not endorse said VPN service.

But the VPN service does endorse/sponsor PTIO.

Its a privacy respecting way of getting funds, just like any racing team is getting sponsorship funds in return, you get sponsor logo. But it doesnt mean the actual racing vehicle has Sparco parts in it.


It undoubtedly links their reputation though. Were Sparco to be a completely unknown parts brand, and it later came out that their supposed crash helmets were made entirely of PBT, people would ask why the racing team apparently had no consideration for who they were receiving money from.

Say Oeck were replaced with NordVPN, or a no-name VPN Chrome extension, the community would surely ask why such a thing is plastered on the website. Because whether it’s explicitly labeled as such or not, when you see a large banner for a VPN service on a privacy-centric website, it looks like an endorsement. That’s why sponsors sponsor.

I would hope PTIO upholds as stringent a policy on accepting sponsors as they do actively recommending software.

Hi everyone,

My name is Peter and I am 1/2 of Oeck. The other is Cameron.

We had an anonymous user submit a support ticket linking us to this thread, so I decided to stop by and say hello to the community. I would like to say a few things regarding the previous posts.

Hi seaofmars,

At the moment we are using proprietary libraries for some of the features on our VPN apps. We are working towards an open source model, but for the time being these are what we are using. Due to this, we are unable to open source our apps. The libraries we are using can be found at http://libvpn.com/

Our customers are also not forced to use our apps, they can simply use any OpenVPN client they wish. The issue with open source is it is used as a ‘trust’ measure when dealing with VPN companies. I understand it is very difficult for companies to prove they are worthy of trust ( since so many are not ) and open source has been used as a measure for this. The problem is, it’s a false measure ( IMO ). Open source is great for getting the ball rolling and evolving software, but to use it as a measure of trust is not really suitable. Now, having said that… when we are able to open source our apps, we will. It will not change anything other than user perception.

The problem with a start-up VPN company ( as we have found ) is the industry is rigged and we didn’t want to play ball. We have tried, on numerous occasions, to get “Top VPN services” review websites to review us. We have contacted around 10. Each and every time they do not review us because we do not have an “affiliate” system in place. We are against paid reviews for sites who’s purpose is to recommend products/services. This means that most sites will not review.

If you take a look for Mullvad reviews on these “Top Sites” you will find reviews are scarce, recent and don’t rank Mullvad where they rightfully should be ranked. They are lower on the list and reviews are more recent as ( I believe ) some of these sites may have felt pressure to at least rank a VPN company who don’t pay for their reviews. We are in the same boat, except we are new.

Also, we have never used bots, so I am not sure what you mean by that? All of our interactions online are done by myself and sometimes Cameron - such as this thread.

We did donate money to PrivacyTools as we also enjoy this website and believe it is a great resource. Since PTIO does not do “paid reviews” ( which is a good thing ), the only way it can make money is by donations. We were happy to throw a bit of money to do our bit. If our logo is listed or not we are not fussed - get rid of it if you like. That was not the purpose of the donation.

As far as the reddit and Whirlpool stuff go, I would not really say they are ads. We need to get our name out somehow and we don’t agree with, and will not pay for articles that look like reviews of our service. We are happy to pay for a press release or an article that is clearly shown to be a sponsored bit of content ( for exposure ). We are not happy to pay for something that is perceived to be honest review information.

Whirlpool ( for those who don’t know ) is Australia’s biggest forum aimed at techy people. The community made us feel completely welcome there prior to us launching and so we are active on there with the other members.

If anyone has any questions or anything please feel free to reply :slight_smile:

Peter @ Oeck.


A lot of people would argue open source is an excellent way of measuring trust. Maybe not security nor quality, but certainly trust since the code can be examined, verified and improved.

So what would you say it is a good measure of trust?

1 Like

Sponsors are just that: sponsors.
Consider them as fixed ad banners without trackers, to fund this website.

PrivacyTools does not actually recommend the sponsors. That is made very clear.

Reminder that PrivacyTools runs solely on donations and the good will of the staff.


I can definitely understand that VPN advertising is a very toxic game, and that it’s hard to grow a reputation as a VPN company. I’m sure you’re truthful in your claims :slight_smile:

Might I ask:

  • You receive a DMCA notice because somebody was torrenting through your service - how do you respond?
  • Your company is incorporated in Hong Kong because they have no laws demanding you retain logs, correct?
  • Your acceptable use policy states what a user can(not) do with your service. How do you determine whether someone has used your service for an unacceptable reason?
  • How do you know how many connections a given client is making at once? (i.e., how many devices)

My FOSS statement was more about the software running on your servers.


1 Like


I know and I do agree with what you are saying regarding the software itself. I was mainly referring to the idea that if a VPN company wants to do dodgy things with their users, their servers are more than capable of doing so when they are set up to log, etc. The app doesn’t really prove they are not doing that.

As far as what a good measure of trust is, that’s a tough question. I wish I knew. It is very hard for a start-up VPN to break into the market due to this very reason. Our apps not being open source are a shortcoming of ours at this point in time, as you are correct, it adds to trust for some users. Ultimately though it does not make a difference regarding logging. We don’t log and never will. At the moment our trust is built from being as transparent as we can be, where we can be.

Hi seaofmars,

It is toxic. It has been really difficult trying to advertise without paying for reviews. We will simply not do it, so we will see where we end up when it comes to getting some exposure. To answer your other questions;

  1. We notify that we don’t have logs and there is nothing we can really do. We do disable ports if that information is made available to us, but this makes no difference to our customers who may or may not have been using those ports at that point in time ( we don’t know as we don’t log ).

  2. At this point in time we are not required to retain logs. We do however believe China will keep taking freedoms away from the people of Hong Kong. We have already made plans to move the company. As soon as logs are announced as a requirement, we will just move the business to a different country ( Singapore ).

  3. We can’t determine which user has broken our TOS. For example, we may get a DMCA. Either the DMCA claim is true or it is false. If we take the assumption that it is true, there is no way for us to be able to identify which user it was who was downloading/uploading content.

  4. Here is a copy/paste from our Privacy Policy regarding this question;

We monitor the amount of connection(s) from your account to our network as we allow a maximum of six devices to be concurrently connected by each customer. We don’t keep a historical log of connect / disconnect times AKA ‘Connect / Disconnect Time Stamps’.

That is to say we know when a user logged in to the VPN, but as soon as the user disconnects that information is lost forever.

When you say the software running on our servers, I am not sure what you mean? Are you referring to OpenVPN or the system that we created to manage/run the hardware, software and network?

Peter @ Oeck.


Ah, of course you’re running OpenVPN, you have profiles for it. My bad :slight_smile: I appreciate your consistent kindness!

Side note, I wouldn’t mind getting input from the maintainers of PTIO on this.