Cyberstalker thwarted by VPN logs gets 17 years in prison

[mwm 19]

https://www.zdnet.com/article/cyberstalker-thwarted-by-vpn-logs-gets-17-years-in-prison/

[WaNNaBEAnoNymoUs 10]

What we learn about that? Use at least two VPN -provider

[serenacat 83]

This incident had quite a bit of attention and discussion in forums (including on Air?) back around May when it was on trial.

The Zdnet analysis link above seems "professional", less paranoid and silly.

After obtaining connection logs from the two VPN providers, authorities were able to link Lin to many of his activities. Lin's error was that he used the same VPN accounts to access both his real accounts and the fake social media profiles he created to harass or follow the victim.

This is not the same as obtaining the "home" IP address, failure to separate activities of a false/unknown identity seems a common way for a "security failure". It seems to me that as well as correlating accessed URLs on the "clearweb" using connection log metadata from the VPN or datacenter, a (secret) police tap and filter of gateway router or backbone link could provide the same info and evidence.

The plea agreement he signed guaranteed a prison sentence ranging from seven to 17 and a half years. The judge sentenced Lin to 17.

He did seem to be a particularly repulsive character, and many bomb hoaxes of essential etc services is inviting serious attention.