Can someone clarify for me how signing into websites using a vpn works and if my privacy is compromised by doing this? Can my proxy isp (or real isp) be traced or cross referenced using my login information? Does it totally defeat the purpose of a vpn’s anonymity if I use personal login information (to a bank or school account with my name for example)?
Some context: I do use Firefox with HTTPS everywhere and other privacy trackers I’m not sure if that’s relevant.
I log in to normal web sites all the time while using VPN. It’s better than letting all those sites know your real IP address.
If you did something illegal and the VPN was logging everything, the VPN company could trace back to your real IP. If they were keeping just limited server logs, they’d have to be fast to trace you.
If you did something illegal, they were not logging, but you did sign-ons in the same VPN session, the VPN company or outsiders might be able to correlate the two activities (by IP address and timestamp) and identify you.
So, if you want to do something illegal, don’t sign in to other services in the same session, and hope your VPN isn’t logging or won’t cooperate with authorities.
You’d be confirming, at the very least, that you’re using the service. It’s generally not recommended if privacy is your main concern.
You don’t need to sign in to other services to be able to be tracked. For example let’s imagine that you are connecting to a little forum with a few members and imagine that you are connected to the same IP for an hour. You’ll be the only one browsing the site and that way pinging the VPN server each time you are loading a page, so if any third party want to know who you are, they have to check each time the IP used to ping the website and check with ISP logs which IPs (users) sent a request to the server at the exact time where the IP was getting the page from the website. That way, they will get a bunch of different IPs, but they will have an IP that is recurrent at each timestamps, that’s here they find you. The VPN server can have a lot of users connected to it, but they are not sending requests at the same time as others, so sometime you are the only one sending a request to the server. To avoid that, the best bet is to use multihop, so they have to work harder to find you and will play with lot more users per IP.
What people need to realize is that in order to properly manage VPN traffic, VPN’s have to log your status (whether you are using the VPN or not) while most don’t log activity/browsing. Now, my VPN states they permanently delete status logs daily, so assuming my VPN is telling the truth by not keeping activity/browser/website logs and permanently deleting status logs daily, a correlation attack would be tough with my VPN.
If u want to mask something why using VPN? VPN is for securing connection and privacy. Use Tor then…
Even with logging sessions, if your VPN obfuscates well you should be able to get around VPN restrictions. Also, I don’t see how a website sees your session logs. They are on a main VPN server. They way websites figure out you are on a VPN is by the type of server that is connecting to the website. If it is a data center server they figure VPN, but a good VPN will obfuscate that.
check with ISP logs which IPs (users) sent a request to the server
Except to do this, the third party needs to know which ISP the user is using to enter the VPN network, not which ISP the VPN server is using to exit the VPN network. And they need cooperation from the user’s ISP.
You can’t check ISP logs when your on VPN, at least, its meaningless. The ISP only knows that there is an open connection to a vpn server - it can’t see what websites you went to and at what time.
There are other ways to track users, usually its all about scripts the run on websites and noscript is your friend here
I’m talking about the VPN Server ISP, not the user. User is pinging with his real IP the IP of the VPN server, that way they can compare and find the user based on the request they made.
Maybe you should read my comment again.
When you are connected to a server, it’s not a continuous connection you are pinging the server when you need it, so when you browse a website and you reload it 5 times at different moment, the ISP of the server know exactly what was the exact moment for each. So, if there are 50 peoples connected to a server, but they didn’t sent a request at the same time, you’ll be alone (on a specific timestamps) or you’ll have 3 or more users doing a request so the third party need more information to know which IP is the correct one. A lot of people are using Tor for this situation, since there are a lot more people per IP, it’s very hard to know who did the request even more when you are connected to 3 nodes (I’m talking about normal browsing since .onion domain work differently). Tor is just like a VPN but with a lot more user per IP.
Warrant canary would not work in U.S. If they can’t figure out who a user is and the VPN does not keep activity logs, a judge can order the VPN to start logging and issue a gag order that the VPN keeps its lips shut. That’s why I use a VPN outside 14 eyes.
ofc, but for mere mortals should be enough to secure browsing by trusted VPN and using TOR for restricted net connections… I don’t want to be tracked, spammed, advertisized or let someone to see my login credentials and that’s all…
For killing people, selling drugs and doing pedophilian stuff, I preffer personal contacts… 
if any third party want to know who you are, they have to check each time the IP used to ping the website and check with ISP logs which IPs (users) sent a request to the server at the exact time where the IP was getting the page from the website.
That’s assuming the VPN doesn’t have relays among servers; some do. And it assumes the “third party” has full access to the server’s ISP, which is possible.
What makes you think the VPN’s upstream ISP is logging the real IP address of the user? And what makes you think they’d co-operate if asked? A major VPN provider I know of has proven twice in US court that they know nothing of who accessed what and where, and another major VPN provider has proven it in Turkey for a murder case. I doubt any reputable VPN provider uses ISPs that log.
Maybe you should rethink your knowledge. It seems you are fucking up the idea of timing attacks, but you are also fundamentally misunderstanding VPN.
When you are on VPN, no ISP in the world knows what website you are connecting too. So, this little known forum in your example might have exactly 1 user on it at a specific point in time, but if your on VPN, there is no way to use “timing” to trace it back to you because your ISP has no knowledge that you are connecting to the website. The third party trying to trace back this “ping” would have to scope every ISP in the world, and all traffic looking for this singular “ping” of yours and try to say “oooh, on ISP Verizon, in New York, some traffic left someones house at precisely 11:23:89 milliseconds to destination VPN” and that that MUST mean that this person was the forum user! Except you can’t do that. Destination VPN has thousands’s of users from hundreds of ISPs around the world and no logging. The ISP has no logs since its all a tunnel through VPN. You literally can’t load up all ISPs logs in the world into a single dataset, narrow that down to every packet sent precisely at 11:23:89 and deduce the which ISP was the origin let alone person. There are literally billions of packets being sent at precisely that time on VPN, the ISP has no real knowledge between get and post events - its a black hole to them. You would need more knowledge if the problem was to be solved, like actually ISP logs, or a VPN logs or a drastically reduce target profile instead of “someone on the internet”.
If they have relays, then it’s considered like a multihop situation, not a direct connection to the server IP that’s what I was pointing out earlier in my comment, if you use Multihop it will help a lot but will not make it impossible, just more harder. Nowadays, anyone with social engineering capacities can get logs from ISPs even more if it’s coming from a Datacenter, they can ask on the behalf of the attacker, so they don’t have to ask them-self.
If you use a VPN it’s because you don’t want your ISP to see what you’re doing right ? They are all logging and maybe sell your information. ISP will co-operate, they have to do it or they will be in big trouble. VPN can tell anything they want, they are not logging anything on their servers but ISP are. Your “major VPN” service you are talking have hundred of people sending request to every server they own, they don’t risk anything since they don’t log anything, but ISP again does. You can’t know if the concerned user was someone using their real IP in the service, maybe it was coming from a cyber-coffee shop and they can’t track him back so they attacked the “major VPN” service as a last chance to get him.
What the f are you talking about ? You are false everywhere.
When you are on VPN, no ISP in the world knows what website you are connecting too.
Never told the opposite, I’m talking about servers ISP logs. VPN are renting or using their own server but they are using an ISP to be able to connect to internet and allow their user to connect to them. You can’t see what is the content since it’s encrypted but that’s actually not what I was talking about in my comment.
So, this little known forum in your example might have exactly 1 user on it at a specific point in time, but if your on VPN, there is no way to use “timing” to trace it back to you because your ISP has no knowledge that you are connecting to the website.
Once again, not talking about user ISP but VPN server ISP
The third party trying to trace back this “ping” would have to scope every ISP in the world
Wtf ? Server from your VPN provider have only 1 ISP attached to it, just track an IP from a VPN provider and you’ll see lol.
all traffic looking for this singular “ping” of yours and try to say “oooh, on ISP Verizon, in New York, some traffic left someones house at precisely 11:23:89 milliseconds to destination VPN” and that that MUST mean that this person was the forum user!
When you browse a website, you don’t send only 1 ping. Each request ping the server IP and is logged by the ISP of the server.
Destination VPN has thousands’s of users from hundreds of ISPs around the world and no logging.
You can have 500 users on a server if you want, but they don’t make request all at the time as others. In a 2 seconds log from the VPN server ISP you’ll have maybe 20 IPs because others are just not there browsing or using Internet.
The ISP has no logs since its all a tunnel through VPN.
They don’t see what you’re doing but they log timestamps and your IP.
You literally can’t load up all ISPs logs in the world into a single dataset
Again, we are talking about the VPN server ISP and not users.
narrow that down to every packet sent precisely at 11:23:89 and deduce the which ISP was the origin let alone person.
Using IPs from an exact second with ISP logs coming from the VPN server ISP can prove you are the user that did the request, I don’t know what provider you’re using but send them an email and ask them why Multi-hop and double vpn exist, maybe you’ll understand (and why Tor is using multiple proxy and not only 1 btw).
There are literally billions of packets being sent at precisely that time on VPN
Yes, but not on a single VPN IP lol.
the ISP has no real knowledge between get and post events - its a black hole to them.
Again, IPs.
You would need more knowledge if the problem was to be solved, like actually ISP logs, or a VPN logs or a drastically reduce target profile instead of “someone on the internet”.
“Knowledge” when you don’t know what you’re talking about. Like I told earlier, ask your VPN provider why using multihop increase your security and privacy. VPN are a privacy tool and not a way to be anonymous. If someone want to know who you are they can do it anyway even with multihop, it’s just harder and need more time to gather information.
Nord is well priced, no logs, works with Netflix, has Tor over VPN servers and double-hop, outside 14 eyes. Only downsides are variable speeds (heard some bad stuff about speed, but also heard it improved so either do a trial or start on a one month plan) and a ton of virtual servers. I prefer dedicated servers only, but not a big deal for most people. Nord puts 4 virtual servers on every dedicated one and this can cause speed issues. Nord also has a huge user-base and really advertises. I prefer a more low key VPN. While I figure the NSA is all over all VPNs, I’m sure the big ones are big targets.
Not a fan of PIA. Based in U.S. OK, but not great speeds. Lots of complaints about customer support on PIA forum. Not for me. They use an American server company called Total Server Solutions. Bound by U.S. laws. Their CTO is Mark Karpeles, who had acquired now bankrupt Mt. Gox. He “lost” 850k Bitcoin of his customers due to hacks, incompetence and deception during his tenure. Was arrested for embezzlement and fraud. Not sure what happened with the criminal trial, but PIA hired him when out on bail in Japan.