• liveinthisworld@lemmy.dbzer0.com
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        3 months ago

        Technically speaking, VPN logs tend to include the IP address of clients connecting to them, after which the good VPN providers like Mullvad, IVPN and maybe PIA tend to purge them somewhere in their process. Now, if the VPN is running in a RAM-only node, then these logs probably don’t touch storage, which means there’s not much need to shred information from hard drives for the VPN provider.

        With that said, an ISP can technically log your traffic and see that you’re connecting to the IP range associated with a VPN. That and perhaps some more covert side-channel/correlation attacks can, in theory, compromise your identity.

        Of course, this is going deep into OPSEC and forensics, and I don’t think the NSA is that interested in the average Billy torrenting “The Office” to go through that many logs, even if the studios sue in court. Hence, technically your privacy is somewhat maintained with the good VPN providers, but you’re definitely not anonymous

        • Telorand@reddthat.com
          link
          fedilink
          English
          arrow-up
          3
          ·
          3 months ago

          That’s kind of my thought as well. It’s certainly possible someone might go through the effort to find a single pirate downloading The Lion King, but that’s a lot of effort (read: money) to find just one person.

          There’s certainly the possibility that an ISP could note that you connected to a VPN, but given that it’s not a remarkable event, since people connect to VPNs for all kinds of legal reasons, they aren’t likely to track your particular IP’s connection to a VPN apart from a court ordering them to care. They get paid their monthly internet plan price whether someone pirates or checks their email.

          If someone was running the Pirate Bay from their home servers, however, more parties would likely be interested in finding that person, and that person’s threat model probably exceeds just using a logless VPN.