shane_b 0 Posted ... I was listening to Steve Gibson on his security now! podcast and he was discussing VPN's and that they are not really that anonymous. 'Well, and, now, you mentioned VPNs. Because, as you know, they're similar. This has been a concern, I mean, this should be a concern of anyone who offers a VPN service because a VPN does, it's much less exotic, but very much the same thing. When you use a VPN, your traffic is encrypted. It goes to the VPN server, that is, the other endpoint of the VPN, which then decrypts the traffic traveling through that tunnel and typically releases it onto the Internet. So you would use a VPN, for example, at a Starbucks that has encrypted WiFi in order to prevent your traffic from being sniffable until it got to wherever the VPN server was. Then it would decrypt it, and off it goes. So again, if you were doing something illegal or questionable, or if you were thinking this was giving you anonymity, a VPN actually doesn't give you much anonymity because it's very easy to watch the VPN server and get the IP of where the encrypted traffic is going. That's specifically why TOR was created, and this so-called onion approach of multiple hops through the network, which, by the way, does slow the traffic down a lot. I mean, it's not for real-time sorts of things. It's just way slow. But what you get in return is anonymity. But again, a VPN server runs the same kind of risk because it's the IP that the authorities would see on the public Internet for all of its customers that are using it.' How does this apply to airvpn that doesn't store logs or share any information with anyone ? Quote Share this post Link to post
Staff 9973 Posted ... Hello! Once again this kind of discussions need more accuracy. It is necessary that the adversary power and the attacked person needs are exactly defined, otherwise it's sort of talking about the gender of angels. Kind regards Quote Share this post Link to post
shane_b 0 Posted ... I was just going on what they said on the podcast. My understanding was that VPN's are anonymous, and especially with airvpn as it does not store any logs. If we are talking about specifics....for (an extreme) example. If I was downloading a manual from a specific website or torrent on how to blow up the world and the CIA was monitoring this website or torrent, would they be able to trace that is was me specifically downloading the manual ? Quote Share this post Link to post
Staff 9973 Posted ... I was just going on what they said on the podcast.My understanding was that VPN's are anonymous, and especially with airvpn as it does not store any logs.If we are talking about specifics....for (an extreme) example. If I was downloading a manual from a specific website or torrent on how to blow up the world and the CIA was monitoring this website or torrent, would they be able to trace that is was me specifically downloading the manual ?Hello! No, given those conditions they would not be able to do that.Kind regards Quote Share this post Link to post
shane_b 0 Posted ... why would they not be able to do that? would this count even if they had court order to access your servers ? Quote Share this post Link to post
Indigo35 4 Posted ... Steve Gibson is an idiot and spreads fear, uncertainty and doubt. He is a dangerous man. Quote Share this post Link to post
Staff 9973 Posted ... why would they not be able to do that?Hello!Because from the monitored web site in your example, they would see the VPN server exit-IP address. would this count even if they had court order to access your servers ?An adversary with the ability to monitor simultaneously all the VPN servers in the world and the destination server which a user connects to is able to correlate the real IP address of the user which accesses those servers. An adversary with such abilities can be defeated with "partition of trust", please see here:https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745Kind regards Quote Share this post Link to post