NSA knows all? Paranoia or real? Correlate IPs?

[magnumpi 4]

So if I login to some sites both using a VPN and sometimes while not on the VPN - is the NSA (or similar) who may be sniffing all packets all over the world be able to easily correlate accounts I am logged into and see that oh, here's this VPN address of the same guy whose unprotected IP shows up in Peoria? Or would that require subpeaonas for them to get IP addresses of users in most cases (I know the security levels of sites is highly variable)? So then in theory they have my VPN IP they can then track me all over? Or is my IP always changing? Sorry if this is a newb question.

[Staff 9772]

So if I login to some sites both using a VPN and sometimes while not on the VPN - is the NSA (or similar) who may be sniffing all packets all over the world be able to easily correlate accounts I am logged into and see that oh, here's this VPN address of the same guy whose unprotected IP shows up in Peoria? Or would that require subpeaonas for them to get IP addresses of users in most cases (I know the security levels of sites is highly variable)? So then in theory they have my VPN IP they can then track me all over? Or is my IP always changing? Sorry if this is a newb question.

Hello!

As far as we know NSA is not able, currently, to capture all the packets in the world at any given time. However, it is true that rumors state that NSA plans to do so within the next 5-25 years (hopefully when NSA will be able to do so, everyone will have the awareness of the necessity to exchange only encrypted packets with an encryption level unbreakable by NSA).

In general, a good "rule" is keeping your identities completely separated. Actually, if you connect to a service both with your real IP address and behind the VPN, it's not necessary to have the power of the global adversary to perform correlation attacks which are potentially successful.

Kind regards

[Baraka 30]

Correlation is possible when comparing two unencrypted sources. With VPN encryption, however, this process becomes exponentially more difficult because every single packet must be sifted through using the deepest packet inspection techniques possible. And when using SSL over a VPN, it is simply impossible to correlate your packets with anyone else`s unless the intercepting party also has complete access to the server, and by definition the unencrypted data, on the other end.

[magnumpi 4]

Thanks guys for indulging my nightmare fantasy. I guess this does make it challenging for those of us trying to VPN secure communications which we have been using for years like say a very extensively used Yahoo email account or something.

Alternatively could not the NSA find a suspect they want to investigate, ID his Yahoo email address, then use their standing warantless data requests to collect all data about logins from that email address and potentially recover AirVPN IPs used. Does that then allow them to track that IP elsewhere, being used on other websites? I guess not particularly easily if I understand you correctly. I assume too there is some variability in what IP address the destination site sees even though from my perspective it may be just my machine.

[Baraka 30]

Thanks guys for indulging my nightmare fantasy. I guess this does make it challenging for those of us trying to VPN secure communications which we have been using for years like say a very extensively used Yahoo email account or something.

Yahoo is not a secure service AT ALL. They have a very long period of data retention, no SSL connectivity, and very rarely challenge any requests for information on their customers. If someone from the government knew your e-mail address and made a request to Yahoo to find out all of the login IP addresses on that account, they would cough everything up in a second. Google, at least, offers SSL connectivity so you can get end-to-end encryption if you use a VPN with their service. If a party wants to compromise your communications, they would have to know your address and make the appropriate request. However, if they didn't know your address, then they'd be screwed. No amount of vacuum cleaner-type surveillance would net anything good on you.

Alternatively could not the NSA find a suspect they want to investigate, ID his Yahoo email address, then use their standing warantless data requests to collect all data about logins from that email address and potentially recover AirVPN IPs used. Does that then allow them to track that IP elsewhere, being used on other websites? I guess not particularly easily if I understand you correctly. I assume too there is some variability in what IP address the destination site sees even though from my perspective it may be just my machine.

No need to use any of the warrantless data retention or tracking. They could just ask Yahoo for whatever they wanted, as I said above. No need to ever inform you that anyone was looking for that info, either.

Assuming you were an important enough target, a technically capable arm of the government such as the NSA (or a large multinational corporation) could try to track your IP address all over the internet. Using an unencrypted connection, this would be relatively easy- especially with their Narus-enabled, warrantless, vacuum cleaner, electronic, surveillance apparatus. If you were using a VPN, they would have to do so much work to figure out which packets belonged to you, out of the many clients connected to a particular access server, that it wouldn't be worth it for anyone but the most valuable targets on the planet.

As an example, as I write this I see that the least amount of clients connected to one of the 3 access servers in Virginia total 244. That means they would have to sift through whatever is not encrypted end-to-end on the VPN exit point and figure out which packets belong to who out of 244 total clients. Extremely difficult and time consuming, even considering the new complex being constructed in Bluffdale, Utah. Also keep in mind that you could be switching servers on a regular basis, which could throw them off completely. This is why the only surefire way of gaining such intelligence is to bug the person or his electronics locally, on his own premises. The other stuff is all much too difficult to execute and would only be employed against a recluse who was barricaded behind a 6 inch steel/reinforced concrete door, being guarded 24/7 by several guys with automatic weapons.

BTW, it's good to see that the great Magnum PI is finally stepping up his game. Can't rely on Higgins to look after this stuff, can ya? :laugh:

[magnumpi 4]

Thanks for that explanation. I got a little more scared when I saw Jacob Applebaum's recent prezo re: the huge new NSA data centers that are rumored to comb the entire internet, logging and storing everything. I guess the choke point is still the pea brain of the bureacrats to make sense of it all.

Higgins is 96 now, so he has trouble merely composing his gmail given all the interface changes. TC though is big into computers though. He had to shut down the helicopter stuff given the price of fuel. Cheers from Hawaii! or is Romania or Sweden or ???? ;-)

[skxBMrYsxlli 9]

Thanks for that explanation. I got a little more scared when I saw Jacob Applebaum's recent prezo re: the huge new NSA data centers that are rumored to comb the entire internet, logging and storing everything. I guess the choke point is still the pea brain of the bureacrats to make sense of it all.

The real problem for intelligence agencies is getting the desired information in front of human eyes. The secondary problem is training humans in analyzing, categorizing, and prioritizing it correctly.

If you're browsing while logged into your Y! or Google or Facebook or <insert large ad exchange network here> account, anyone with sufficient legal power or ability to compromise third-party systems can find you.

Even if you take pains to separate the various identities you've been issued by third parties, you'd best consider browsing with Firefox, AdBlock Plus, Ghostery, and probably RefControl installed and carefully configured.

Unfortunately, Chrome doesn't count. It loads and parses pages at the same time extensions are (potentially) trying to modify content. Also, at last report, Internet-side content loaded by Chrome can still disable, modify, hijack, or compromise extensions. Firefox is the only modern or semi-modern browser that allows you to perform guaranteed interception of unwanted content before it can either load or execute.

If you're really paranoid: are you sure that copy of Firefox wasn't modified by someone else? Do you take steps to prevent receiving poisoned DNS information? Do you take the time to untrust some of the default CAs that your browser or OS or JVM or <insert here> thinks it should trust to issue certificates?

Actually, untrusting some of the default CAs isn't paranoid at all. Verizon has issued intermediary CA certs for at least one incredibly repressive government regime—so far. —that I'm aware of. There are probably others. You might want to take a look at the default lists sometime, if you haven't already.

[j0pad0pa 5]

Sorry for replying to a one-month old thread, but reading this got me concerned.

I use Gmail as my mail provider and I facebook quite often. When using AirVPN, I log onto these services using my real information. I will also quite frequently start using Gmail without AirVPN, and then I will turn on the VPN and continue using it without interruption. Gmail doesn't seem to care.

However, I was browsing today and I almost had a heart attack when I saw my Facebook profile picture show up in a Facebook "share" button on a website I was surfing thinking that I was anonymous.

Am I really anonymous? Or what activities could I be taking that compromise my privacy? Is there a rulebook on "do's" and "don'ts" in how to not undermine your anonymity?

Quite frankly, I'm not so worried about illegal activity. I just really don't like the idea of ISP snooping and websites I visit knowing who I am. I prefer to move around the internet anonymously, and I'm apparently not doing something right.

-Jopa

[Baraka 30]

Sorry for replying to a one-month old thread, but reading this got me concerned.

I use Gmail as my mail provider and I facebook quite often. When using AirVPN, I log onto these services using my real information. I will also quite frequently start using Gmail without AirVPN, and then I will turn on the VPN and continue using it without interruption. Gmail doesn't seem to care.

ALWAYS connect to Gmail, Facebook and everywhere else using your VPN. Even though the default is SSL to those two sites, it's a good precaution. Just know that those two sites cave very easily to law enforcement and government requests. Very easily. That means avoid writing anything on those services that you wouldn't want someone from a government or law enforcement authority to potentially read. VPN or not. If you need secure e-mail, chatting, or social networking services, look elsewhere.

However, I was browsing today and I almost had a heart attack when I saw my Facebook profile picture show up in a Facebook "share" button on a website I was surfing thinking that I was anonymous.

Am I really anonymous? Or what activities could I be taking that compromise my privacy? Is there a rulebook on "do's" and "don'ts" in how to not undermine your anonymity?

No, you are obviously not anonymous. You were likely burned by cookies. Using a good cookie manager in Firefox (I like Cookie Controller) to clear all your cookies, then start from scratch, allowing only certain sites to store cookies, i.e. NOT Facebook, Google, Yahoo, etc.

Make sure to also install BetterPrivacy in Firefox, which controls access to Flash cookies. Clear all of them too, then start again.

It may be annoying to have to continue logging in to your Facebook, Gmail, etc. accounts, but that's a small price to pay for the privacy you gain. Use a good password manager and you're golden.

Quite frankly, I'm not so worried about illegal activity. I just really don't like the idea of ISP snooping and websites I visit knowing who I am. I prefer to move around the internet anonymously, and I'm apparently not doing something right.

Same here. Facebook tracks most of the sites you visit. Google less so, but it's still technically a compromise of your privacy. Adopting a VPN like Air is the best thing you could've done to take back your privacy and anonymity.

[skxBMrYsxlli 9]

I use Gmail as my mail provider and I facebook quite often. When using AirVPN, I log onto these services using my real information. I will also quite frequently start using Gmail without AirVPN, and then I will turn on the VPN and continue using it without interruption. Gmail doesn't seem to care.

However, I was browsing today and I almost had a heart attack when I saw my Facebook profile picture show up in a Facebook "share" button on a website I was surfing thinking that I was anonymous.

Am I really anonymous? Or what activities could I be taking that compromise my privacy? Is there a rulebook on "do's" and "don'ts" in how to not undermine your anonymity?

I've never seen such a thing as a complete (exhaustive) guide on trying to remain anonymous while browsing. There are guides scattered here and there about logging out of Facebook (and, as above, deleting your Facebook cookies) while browsing other sites. There are articles touting the virtues of NoScript or Ghostery or some other extension. EFF ( https://eff.org/ ) have privacy-related news and occasionally some of these sorts of guides, but they're usually geared to the "non-technical", i.e. they have a few very basic steps you should take in some given situation.

There's some *bad* advice out there about asking your browser to send a "Do-Not-Track" header (literally: "DNT: 1"). Virtually no one has a policy agreeing to respect this header. Apache httpd has already been patched to ignore the header if your User-Agent string reports IE10. Some sites agree that they see your header, but politely note that they don't respect it. The same applies to using add-ons like Beef TACO, which load your browser with a bunch of "opt-out" cookies to let sites know you'd prefer not to be tracked. There are no guarantees whatever that anyone will afford the slightest amount of attention to these cookies--especially if the company is sold on, or they enter receivership. Most auctioneers selling off pieces of a liquidating company will try to get money for all their "customer" data. Even if the company with your data stays afloat, nearly all "privacy" policies include a clause about changing at any time, without notice. (Or by posting a notice somewhere on *their* site, which you probably never browse to deliberately. How often do you visit the actual DoubleClick homepage?)

I would simply point to the advice I gave above about using Firefox and installing privacy-oriented add-ons. Take control of your browser. Ensure you have blanket solutions for multiple sites--and not just "social networking sites". Google (all Google services) and Facebook and various other "social" companies like to know where you're going, but there's also an extensive, loosely-organized network-of-networks mass of advertising sites that place cookies, "web bugs" (1x1px transparent GIFs--usually), and tracking scripts (client-side JS). They tend to sell on their data to... essentially any interested party. Even if you live in Europe, don't expect data protection laws to help you.

If you take control of the situation, and start using AdBlock Plus, Ghostery, Cookie Controller (my favourite for that task), and perhaps a dash of NoScript, a lot of your data will simply stop being sent to people you'd prefer not have it. Using block lists like Antisocial with ABP *should* kill virtually every "social networking" widget ever, although I'm not clear if it will break any Facebook functionality while you're deliberately visiting there. (Try and see. Just remove the list if there's a problem. ABP has a nice info pane you can toggle to see all elements being blocked on the current page.)

In particular, using NoScript with the ABE functionality switched on and some rulesets of your own can make it relatively easy to keep code from certain sites from being embedded in other sites. Here's a very trivial example:

Site .facebook.com

Accept from .facebook.com

Deny INC(SCRIPT, OBJ, SUBDOC)

This will prevent any other site from embedding Facebook. If at some point Facebook starts using extra domains or subdomains, just add them to both lists to make sure they can all embed each other. (Ex: ".facebook.com .facebookpics.com") (Don't do this unless you know for certain that Facebook *actually* owns and operates "facebookpics.com")

If you want some serious security, though, give a thought to using multiple browser profiles. Firefox has a UI for this:

https://support.mozilla.org/en-US/kb/profile-manager-create-and-remove-firefox-profiles

Chrome has support for this, but no UI that I'm aware of. You'll want to consult the list of command-line switches:

http://peter.sh/experiments/chromium-command-line-switches/

Depending on your exact needs, you can: a) use Firefox or Chrome with multiple profiles, in separate browser processes, just use one browser for some sites and the other for some other set, c) open separate "Incognito" instances of Chrome while running off the default profile (Firefox adds this in 19-rel or 20-beta), d) mix and match as you see fit.

Separate issue: while you're at it, consider distrusting some of the default Certificate Authorities your browsers ship with. You *really* don't want to grant trust to CNNIC, China Telecom, etc.--even if you live there. Consider scanning the rest of the list to see if there are other root CAs that maybe shouldn't be trusted. I tend to disable around twenty. Chrome on Windows uses the Windows schannel API, thus the Windows certificate store for its SSL needs, so there's nothing in the browser itself to disable. Spend a minute Googling "windows certificate management" or the like.

I would add some advice about IE, Safari, or Opera, but, respectively:

* IE's less a browser and more an open wound

* I've never used Safari, and would never consider it

* Opera just announced they're throwing away the Presto engine for WebKit, obsoleting all current advice

[Baraka 30]

ALWAYS connect to Gmail, Facebook and everywhere else using your VPN. Even though the default is SSL to those two sites, it's a good precaution. Just know that those two sites cave very easily to law enforcement and government requests. Very easily.

Uh... looks like they cave even more easily than I thought :ohmy:

http://cnsnews.com/news/article/13753-gov-t-requests-google-e-mail-data-2012-most-without-warrant

[Md6iJVT5 1]

ALWAYS connect to Gmail' date=' Facebook and everywhere else using your VPN. Even though the default is SSL to those two sites, it's a good precaution. Just know that those two sites cave very easily to law enforcement and government requests. Very easily.[/quote']

Not really sure if that's the best idea. Especially considering the fact that Facebook is the one place where you would actually use your true identity. Whenever I have logged into Facebook through a VPN it recognized that I was using a so-called "different computer" and made me confirm my identity again.To boot, they would also have that IP information handy to anybody that would request it.

That's why I prefer to log into Facebook using my real IP address. And Gmail as well if you are using your real name and identity,Just don't post anything controversial on there. Just use it for "Hi Mom" "Kittens are great" and post pictures of your kids, that's it. In that way, you will truly have separate identities. You want to keep Peter Parker and Spiderman as far away from each other as possible.

[Baraka 30]

You want to keep Peter Parker and Spiderman as far away from each other as possible.

That is an extremely paranoid way to conduct yourself online. But if works for you, go right ahead.

For whistleblowers who risk life and limb, then maintaining two, separate online identities would be necessary. One would use TOR over VPN to do that. Otherwise, unless your life or liberty were truly in danger, I don't see the point of being that paranoid. You're wasting a lot of unnecessary time and energy protecting yourself needlessly. Air's service is designed to save you time- not make you spend a lot more of it peering around every electronic corner on the internet. Plus, your stress hormones must be going through the roof just thinking about it all the time and imagining the worst. Very bad for your health.

As for Google or Facebook noting that you're using a VPN, who the hell cares?? There are usually at least 50 other users concurrently on the same IP address as you, with no logs to verify that you were using that IP after the fact. In addition, those sites have SSL capability so end-to-end encryption is possible with the use of a VPN. To tap your information, an actual request to Facebook/Yahoo/Google/etc. would have to be made to get it. With the vacuum cleaner-type surveillance that's in effect these days, you're being afforded some strong protection against wire-line snooping and forcing the powers that be to do some actual work if they REALLY want your info.

And if "they" did really want to get you, they could just break down your door and nab you, or secretly plant A/V devices right next to you and your computer, then wait for you to trip up. And, I'm sorry, that's definitely NOT going to happen unless you're a severe and I mean SEVERE threat to a sufficiently large corporation, government, or wealthy individual. If that's the case, then only use TOR over VPN. Or no internet at all. Period.

I consider myself reasonably and justifiably paranoid. But what you're experiencing may very well be in a totally different league from me. It's like the East German STASI has made a comeback and is just waiting to nail you. No offense.

[Md6iJVT5 1]

You want to keep Peter Parker and Spiderman as far away from each other as possible.

That is an <strong>extremely</strong> paranoid way to conduct yourself online. But if works for you, go right ahead.

For whistleblowers who risk life and limb, then maintaining two, separate online identities would be necessary. One would use TOR over VPN to do that. Otherwise, unless your life or liberty were truly in danger, I don't see the point of being that paranoid. You're wasting a lot of unnecessary time and energy protecting yourself needlessly. Air's service is designed to save you time- not make you spend a lot more of it peering around every electronic corner on the internet. Plus, your stress hormones must be going through the roof just thinking about it all the time and imagining the worst. Very bad for your health.

As for Google or Facebook noting that you're using a VPN, who the hell cares?? There are usually at least 50 other users concurrently on the same IP address as you, with no logs to verify that you were using that IP after the fact. In addition, those sites have SSL capability so end-to-end encryption is possible with the use of a VPN. To tap your information, an actual request to Facebook/Yahoo/Google/etc. would have to be made to get it. With the vacuum cleaner-type surveillance that's in effect these days, you're being afforded some strong protection against wire-line snooping and forcing the powers that be to do some actual work if they REALLY want your info.

And if "they" did really want to get you, they could just break down your door and nab you, or secretly plant A/V devices right next to you and your computer, then wait for you to trip up. And, I'm sorry, that's definitely NOT going to happen unless you're a severe and I mean <strong>SEVERE</strong> threat to a sufficiently large corporation, government, or wealthy individual. If that's the case, then <em>only</em> use TOR over VPN. Or no internet at all. Period.

I consider myself reasonably and justifiably paranoid. But what you're experiencing may very well be in a totally different league from me. It's like the East German STASI has made a comeback and is just waiting to nail you. No offense.

Thanks for detailed reply. In one respect, you are right in stating that the average user is not a sufficient enough threat to warrant powerful companies, Governments or individuals to perform the work to track people using VPNs. Just because you may not be important enough now to become a target does not mean that it will remain so in the future, and if you were living in certain countries, you are already important enough (Iran per se). As we have seen time, and time again, our leaders have been making constant assaults on the Constitution, and what is our right today can be taken away tomorrow.

People who use services like these are generally concerned about overall security and anonymity and for sites that you use to reveal your true identity it's best if you can leave an alibi that you don't even know what a VPN is. You don't want to give them a reason to think that they can make any connections to you. It doesn't take for them to break into your house and plant a sniff on your wire to capture your data. There are already LEOs surveilling Facebook on a regular basis and Facebook will freely give any information about you that they ask. Look at the case of Brandon Raub.

You can live in a very safe neighborhood where there are little or no burglaries, but who in that neighborhood would have the balls to leave their door unlocked when they leave? When you mix identities like that you give the Man more clues as your to movements on the Internet.

[moonshrimp 0]

For everyone interested, here is a talk from last years C3 conference in Hamburg, check the parts where William Binney speaks, he was a technical guy at NSA until he blew the whistle. He talks about overall capacities of their surveillance program at http://www.youtube.com/watch?feature=player_detailpage&v=nc5i8aROQkk#t=7190s

[moonshrimp 0]

... at 1:59:50

Sorry, can't figure out where to edit.

[Baraka 30]

Thanks for detailed reply. In one respect, you are right in stating that the average user is not a sufficient enough threat to warrant powerful companies, Governments or individuals to perform the work to track people using VPNs. Just because you may not be important enough now to become a target does not mean that it will remain so in the future, and if you were living in certain countries, you are already important enough (Iran per se). As we have seen time, and time again, our leaders have been making constant assaults on the Constitution, and what is our right today can be taken away tomorrow.

Agreed 100%. That's why I use a VPN in the first place. I am very well aware of the crackdown on the Constitution, particularly the 4th Amendment. It's been rendered meaningless by technological advances over the past decade, the massive expansion of government, as well as several disastrous Supreme Court rulings. If you don't take your own rights into your hands, you're toast. That's why I'm here.

People who use services like these are generally concerned about overall security and anonymity and for sites that you use to reveal your true identity it's best if you can leave an alibi that you don't even know what a VPN is. You don't want to give them a reason to think that they can make any connections to you. It doesn't take for them to break into your house and plant a sniff on your wire to capture your data. There are already LEOs surveilling Facebook on a regular basis and Facebook will freely give any information about you that they ask. Look at the case of Brandon Raub.

The comparison with Raub doesn't make much sense to me. He used his real name on Facebook and his real IP address. Unlike us here, who are using VPN services without our real names. Either way, everyone who's security conscious at all knows that scores of people have been arrested for making inflammatory posts on Facebook. So, whether you use your real name or not, inflammatory posts on Facebook will result in arrest, or you will be reported at the very least. If you want to criticize the government or blow the whistle on something, Facebook is the last place you should be doing it. Even if you don't use your name and cover your tracks via TOR and a VPN, if the post is effective enough, it'll surely be removed. Kinda defeats the purpose.

it's best if you can leave an alibi that you don't even know what a VPN is

This is extremely self-defeating and only serves to propagate the security-industrial complex at the expense of every individual's God-given right to be free, and to remain as private as they choose. Just think: what would happen if 50 million Americans used VPNs with their internet services?

Do I need to answer that?

You can live in a very safe neighborhood where there are little or no burglaries, but who in that neighborhood would have the balls to leave their door unlocked when they leave? When you mix identities like that you give the Man more clues as your to movements on the Internet.

How is using Air VPN like leaving your door unlocked??? That IS the lock. A lock on a steel-reinforced door, too.

Like I said, if you're truly that paranoid about someone snooping on your online activity, then you're best to use TOR over VPN 100% of the time. Or not access the internet at all. Honestly.

[Baraka 30]

To add some quick snippets about Brandon Raub, he's an ex-marine (i.e. he received a government paycheck) who made a Facebook post critical of the Federal Reserve and 9/11. Then he was arrested by the FBI and detained in a psychiatric hospital. So, not only did he use his real name and IP address, but the government automatically knew who he was because he was former military. They decided to teach him who's boss. Big surprise there.

Here's the post that did it:

http://wtvr.com/2012/08/21/full-text-brandon-raubs-proclamation-take-our-republic-back/

Remember, Facebook was designed to follow you around, know who you are, and know who you associate with. For that reason, using it for whistleblowing activities or for posting inflammatory material is a terrible idea. Any non-social networking site with SSL would be a vast improvement. Regardless, always beware.

[hashtag 151]

Paranoia?

CIA: We 'Try To Collect Everything And Hang On To It Forever'

http://www.huffingtonpost.com/2013/03/20/cia-gus-hunt-big-data_n_2917842.html

US plan calls for more scanning of private Web traffic, email

http://www.nbcnews.com/technology/technolog/us-plan-calls-more-scanning-private-web-traffic-email-1C9001922

Under CISPA, Who Can Get Your Data?

https://www.eff.org/deeplinks/2013/03/under-cispa-who-can-get-your-data

Microsoft, Too, Says FBI Secretly Surveilling Its Customers

http://www.wired.com/threatlevel/2013/03/microsoft-nsl-revelation/

[Baraka 30]

And doesn't the use of Air VPN completely combat all of these various surveillance programs??

I'm certainly paranoid. I've admitted that on numerous occasions on these boards and have said that's the entire reason I even use this service. But I'm not excessively paranoid, to the point that it consumes all of my thoughts and my time. To each his own, though.

[Md6iJVT5 1]

And doesn't the use of Air VPN completely combat all of these various surveillance programs??

I'm certainly paranoid. I've admitted that on numerous occasions on these boards and have said that's the entire reason I even use this service. But I'm not excessively paranoid, to the point that it consumes all of my thoughts and my time. To each his own, though.

Again, what good does a VPN do if you are using your real ID anyway? It's little putting a mask on writing your name on the mask. The whole purpose of AirVpn is to protect anonymity. You don't want your true identity tied in any way to the AirVpn servers. That's why Bitcoin is recommended for purchasing memberships. And I do that over TOR. If the Feds really do happen to think that you really are important enough for them to collect logs on all of your activity from Facebook or other sites have your real ID, they can easily match your IP addresses to another site that you may have visited using the same IP address as a VPN server. So what if there were 50 other people using the VPN server at that time? You are the one that they are investigating. Even if the evidence isn't damning, it's another piece of the puzzle that they can use against you.

Why would you want to give them that?

While it is true that Brandon Raub should have known to lay low on Facebook, if you do read his statements, he really didn't say anything wrong. They came to his house and took him because they felt that they statements he made are "Terroristic is nature" which they clearly weren't. He wasn't even criticizing the Government. It was the Federal Reserve. He had every right to say what he said paycheck or not.

[Baraka 30]

...If the Feds really do happen to think that you really are important enough for them to collect logs on all of your activity from Facebook or other sites have your real ID, they can easily match your IP addresses to another site that you may have visited using the same IP address as a VPN server. So what if there were 50 other people using the VPN server at that time? You are the one that they are investigating. Even if the evidence isn't damning, it's another piece of the puzzle that they can use against you.

How? Your connection is encrypted and they can't conclusively prove that you were the one using that particular VPN IP address (no logs). Unless, of course, they have physically bugged your computer at the source, or placed a rootkit on your machine. Either method will circumvent any VPN. That includes whole disk encryption, as well.

Brandon Raub... had every right to say what he said paycheck or not.

Agreed completely. I never said anything to the contrary. I only brought up the government paycheck, since the government always keeps very close track of its employees- both present and former. Especially the military. Had Raub not been military, I don't think he would've been bothered by the goons. After all, countless others have posted far more damning and critical comments of the Fed, but the storm troopers were never called. Either way, being forewarned is being forearmed. And using Air's VPN is the first way of becoming forearmed.

[shiro21 4]

I gotta agree with everything Baraka has said. Mainly that it's just not very practical to be super paranoid about our privacy. Certainly not good for your stress. Just chillax.

[IceEzio 0]

 

 

How? Your connection is encrypted and they can't conclusively prove that you were the one using that particular VPN IP address (no logs). Unless, of course, they have physically bugged your computer at the source, or placed a rootkit on your machine. Either method will circumvent any VPN. That includes whole disk encryption, as well.

 

 

Hi!

What do you mean with "whole disk encryption"? I thought it was a real safe method to protect everything just in case someone wants to access physically to your computer? Isn't it safe to use it while using a VPN?

And yes, I'm another paranoid 

[Baraka 30]

By whole disk encryption I mean something like TrueCrypt (look it up and also read its Wikipedia entry). Even it won't help you if your computer has been compromised by a rootkit, or physically bugged. Or both. This is how the "evil maid attack" was coined by people in the crypto biz.