Jump to content
Not connected, Your IP: 13.58.161.115
Sign in to follow this  
shane_b

Security Now Podcast

Recommended Posts

I was listening to Steve Gibson on his security now! podcast and he was discussing VPN's and that they are not really that anonymous.

'Well, and, now, you mentioned VPNs. Because, as you know, they're similar. This has been a concern, I mean, this should be a concern of anyone who offers a VPN service because a VPN does, it's much less exotic, but very much the same thing. When you use a VPN, your traffic is encrypted. It goes to the VPN server, that is, the other endpoint of the VPN, which then decrypts the traffic traveling through that tunnel and typically releases it onto the Internet. So you would use a VPN, for example, at a Starbucks that has encrypted WiFi in order to prevent your traffic from being sniffable until it got to wherever the VPN server was. Then it would decrypt it, and off it goes.

So again, if you were doing something illegal or questionable, or if you were thinking this was giving you anonymity, a VPN actually doesn't give you much anonymity because it's very easy to watch the VPN server and get the IP of where the encrypted traffic is going. That's specifically why TOR was created, and this so-called onion approach of multiple hops through the network, which, by the way, does slow the traffic down a lot. I mean, it's not for real-time sorts of things. It's just way slow. But what you get in return is anonymity. But again, a VPN server runs the same kind of risk because it's the IP that the authorities would see on the public Internet for all of its customers that are using it.'

How does this apply to airvpn that doesn't store logs or share any information with anyone ?

Share this post


Link to post

Hello!

Once again this kind of discussions need more accuracy. It is necessary that the adversary power and the attacked person needs are exactly defined, otherwise it's sort of talking about the gender of angels.

Kind regards

Share this post


Link to post

I was just going on what they said on the podcast.

My understanding was that VPN's are anonymous, and especially with airvpn as it does not store any logs.

If we are talking about specifics....for (an extreme) example. If I was downloading a manual from a specific website or torrent on how to blow up the world and the CIA was monitoring this website or torrent, would they be able to trace that is was me specifically downloading the manual ?

Share this post


Link to post

I was just going on what they said on the podcast.

My understanding was that VPN's are anonymous, and especially with airvpn as it does not store any logs.

If we are talking about specifics....for (an extreme) example. If I was downloading a manual from a specific website or torrent on how to blow up the world and the CIA was monitoring this website or torrent, would they be able to trace that is was me specifically downloading the manual ?

Hello!

No, given those conditions they would not be able to do that.

Kind regards

Share this post


Link to post

why would they not be able to do that?

would this count even if they had court order to access your servers ?

Share this post


Link to post

why would they not be able to do that?

Hello!

Because from the monitored web site in your example, they would see the VPN server exit-IP address.

would this count even if they had court order to access your servers ?

An adversary with the ability to monitor simultaneously all the VPN servers in the world and the destination server which a user connects to is able to correlate the real IP address of the user which accesses those servers. An adversary with such abilities can be defeated with "partition of trust", please see here:

https://airvpn.org/index.php?option=com_kunena&func=view&catid=3&id=54&limit=6&limitstart=6&Itemid=142#1745

Kind regards

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...