you don’t really need to scare quote they in this context. The NSA and similar organizations are real and operating at this scale right now.
Will they compromise their back door to go after a pirate? No. Will they collect data on you to profile you and your activities and use that in the future? Yes.
It is not if, it is when the digital police state is imposed will we know the real end state of this level of data collection. My warning about them is not just about the pirates, its about installing their software and letting them port mirror you and cache your dns calls for years to target you later.
Technically speaking, VPN logs tend to include the IP address of clients connecting to them, after which the good VPN providers like Mullvad, IVPN and maybe PIA tend to purge them somewhere in their process. Now, if the VPN is running in a RAM-only node, then these logs probably don’t touch storage, which means there’s not much need to shred information from hard drives for the VPN provider.
With that said, an ISP can technically log your traffic and see that you’re connecting to the IP range associated with a VPN. That and perhaps some more covert side-channel/correlation attacks can, in theory, compromise your identity.
Of course, this is going deep into OPSEC and forensics, and I don’t think the NSA is that interested in the average Billy torrenting “The Office” to go through that many logs, even if the studios sue in court. Hence, technically your privacy is somewhat maintained with the good VPN providers, but you’re definitely not anonymous
That’s kind of my thought as well. It’s certainly possible someone might go through the effort to find a single pirate downloading The Lion King, but that’s a lot of effort (read: money) to find just one person.
There’s certainly the possibility that an ISP could note that you connected to a VPN, but given that it’s not a remarkable event, since people connect to VPNs for all kinds of legal reasons, they aren’t likely to track your particular IP’s connection to a VPN apart from a court ordering them to care. They get paid their monthly internet plan price whether someone pirates or checks their email.
If someone was running the Pirate Bay from their home servers, however, more parties would likely be interested in finding that person, and that person’s threat model probably exceeds just using a logless VPN.
Everyone knows it’s impossible for the NSA to buy rack space in Bulgaria, where they literally don’t have to deal with any US legal process.
It’s also impossible for the NSA to market such a service via pop-privacy blogs and social media profiles.
The funny part about this is that the Snowden leaks showed that the NSA actually put a lot of effort into doing shit like this specifically to avoid all the paperwork which came with accidentally collecting data from US citizens. Keeping the data and analysis off shore means no pesky FISA paperwork.
As he said, paid with crypto and managed with his own keys. I don’t see how the seedbox provider can trace you if you do that, so there’s not that much to worry about
You’re going to connect to the seedbox at some point, which ties your IP to the traffic. If you are worried about a VPN attaching your IP to traffic, this is no different, no?
SFTP over TOR. This should be a requirement at this point.
If you’re not doing that, then yes you’re technically right in that seedbox companies can be subpoenaed too. I usually use TOR to copy over what little I torrent.
Is your home machine, your phone, better protected than the VPN servers? I bet you’re not as good at IT security as the IT security staff VPN companies hire
If your threat model includes nation state actors, you’re best off not using networked computers
I am all about good tinfoil but some of these people acting as if they are SNOWDEN lol
Yes if feds wanted to catch you shitposting, watching big titied asian porn and downloading coldplay… I think there raised ways than compromising a VPN provider.
Unless it is a honey pot, then use a different VPN provider. Gonna need trust at the end of the day.
The existence of the NSA and their activities is not proof that they have backdoors in VPNs. That’s bogeyman conspiracy theory shit—“they could be anywhere, therefore they’re everywhere!”
You still haven’t answered the question, and I’m beginning to think you are making shit up based on paranoia.
Yeah there is no way Surfshark, NordVPN and other services are compromised and or straight up run by the NSA
I don’t think they care about piracy.
In fairness I doubt the NSA give a single solitary fuck about piracy and aren’t about to give themselves up over a telesync rip of Beetlejuice 2.
But probably best to plan 9/11 part 2 over something a bit more secure.
let’s say that VPNs are compromised and “they” know that you’re downloading “illegally”
in order to prosecute, “they” have to prove you’re a pirate and show how they know
would they compromise their backDoor to go after a tiny pirate?
you don’t really need to scare quote they in this context. The NSA and similar organizations are real and operating at this scale right now.
Will they compromise their back door to go after a pirate? No. Will they collect data on you to profile you and your activities and use that in the future? Yes.
It is not if, it is when the digital police state is imposed will we know the real end state of this level of data collection. My warning about them is not just about the pirates, its about installing their software and letting them port mirror you and cache your dns calls for years to target you later.
This is why I compose all my messages on an air gapped computer and send them out from my compound with couriers.
Unless you PGP-encrypt everything by hand you’ve just lost the fight
I personally just use a VPN that connects to NSA servers so they think it’s themselves doing the torrenting.
Oh also people use VPNs to buy DIY hormones online, what happens when the inevitable US anti trans witch hunt happens?
nothing because it’s fucking hormones. It’s not meth.
do you have a moment to talk about our lord and saviour mullvad vpn
what about proton or mullvad?
Both are considered strong choices but again… This is 100% trust me bro.
But that’s the people the bros chose to trust
Are you suggesting that it’s pointless to use a VPN?
For anonymity, yes. Sure you might fool Google trying to match your IP to your traffic but that’s about it
How so, specifically for logless VPNs?
Technically speaking, VPN logs tend to include the IP address of clients connecting to them, after which the good VPN providers like Mullvad, IVPN and maybe PIA tend to purge them somewhere in their process. Now, if the VPN is running in a RAM-only node, then these logs probably don’t touch storage, which means there’s not much need to shred information from hard drives for the VPN provider.
With that said, an ISP can technically log your traffic and see that you’re connecting to the IP range associated with a VPN. That and perhaps some more covert side-channel/correlation attacks can, in theory, compromise your identity.
Of course, this is going deep into OPSEC and forensics, and I don’t think the NSA is that interested in the average Billy torrenting “The Office” to go through that many logs, even if the studios sue in court. Hence, technically your privacy is somewhat maintained with the good VPN providers, but you’re definitely not anonymous
That’s kind of my thought as well. It’s certainly possible someone might go through the effort to find a single pirate downloading The Lion King, but that’s a lot of effort (read: money) to find just one person.
There’s certainly the possibility that an ISP could note that you connected to a VPN, but given that it’s not a remarkable event, since people connect to VPNs for all kinds of legal reasons, they aren’t likely to track your particular IP’s connection to a VPN apart from a court ordering them to care. They get paid their monthly internet plan price whether someone pirates or checks their email.
If someone was running the Pirate Bay from their home servers, however, more parties would likely be interested in finding that person, and that person’s threat model probably exceeds just using a logless VPN.
Maybe I should have said “it’s not anonymous based on your threat model”
At least if the company is run from the US
Everyone knows it’s impossible for the NSA to buy rack space in Bulgaria, where they literally don’t have to deal with any US legal process.
It’s also impossible for the NSA to market such a service via pop-privacy blogs and social media profiles.
The funny part about this is that the Snowden leaks showed that the NSA actually put a lot of effort into doing shit like this specifically to avoid all the paperwork which came with accidentally collecting data from US citizens. Keeping the data and analysis off shore means no pesky FISA paperwork.
Yes, a hosted seedbox paid with crypto and self managed keys is the way to go for torrenting
If you are worried about VPN’s, why are you not worried about seedbox providers?
As he said, paid with crypto and managed with his own keys. I don’t see how the seedbox provider can trace you if you do that, so there’s not that much to worry about
You’re going to connect to the seedbox at some point, which ties your IP to the traffic. If you are worried about a VPN attaching your IP to traffic, this is no different, no?
SFTP over TOR. This should be a requirement at this point.
If you’re not doing that, then yes you’re technically right in that seedbox companies can be subpoenaed too. I usually use TOR to copy over what little I torrent.
What evidence do you have that no-log VPNs are compromised by the NSA? What about VPNs based in other countries like Canada?
You might have heard about Edward Snowden? Have you looked into anything that he leaked?
Is your home machine, your phone, better protected than the VPN servers? I bet you’re not as good at IT security as the IT security staff VPN companies hire
If your threat model includes nation state actors, you’re best off not using networked computers
I am all about good tinfoil but some of these people acting as if they are SNOWDEN lol
Yes if feds wanted to catch you shitposting, watching big titied asian porn and downloading coldplay… I think there raised ways than compromising a VPN provider.
Unless it is a honey pot, then use a different VPN provider. Gonna need trust at the end of the day.
The existence of the NSA and their activities is not proof that they have backdoors in VPNs. That’s bogeyman conspiracy theory shit—“they could be anywhere, therefore they’re everywhere!”
You still haven’t answered the question, and I’m beginning to think you are making shit up based on paranoia.