Can "not so reliable" VPN servers compromise my anonimity while using VPN?

Discussion in 'privacy technology' started by Bolt, Mar 20, 2010.

Thread Status:
Not open for further replies.
  1. Bolt

    Bolt Registered Member

    Joined:
    Feb 12, 2010
    Posts:
    7
    Hi there. I'm using Perfect Privacy, and by using this web (https://www.dns-oarc.net/oarc/services/dnsentropy) I found out that several of PP's servers actually use U.S.A. based DNS servers. Does using an American DNS server defeat the purpose of connecting through a server in China or Panama? What are the risks? What information could I possibly leak to this American server? Could they actually see my traffic?
     
  2. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    If the servers are not internal to their network, external observers will be able to see what website PP users are visiting.
     
  3. Bolt

    Bolt Registered Member

    Joined:
    Feb 12, 2010
    Posts:
    7
    Re: Can "not so reliable" DNS servers compromise my anonimity while using VPN?

    When you talk about "external observers", do you mean the owners of whichever external DNS server they might be using, or just anybody? Is it normal for servers from a country to use DNS servers from a different one, or is this a sign that they are indeed using external DNS servers? What about non-web based traffic, like P2P and the like, would that be exposed too?

    EDIT: Also, when you talk about "PP users", do you mean the whole of PP users, without being able to tell what each user is doing, or one particular PP user? In other words, I wouldn't care about them knowing that an unidentified PP user, using the same IP that dozens other PP users are usig, is watching site www.whatev.er, but I would definitely care about them knowing that I am watching that site, or downloading file whatev.er from some P2P user.
     
    Last edited: Mar 21, 2010
  4. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    Re: Can "not so reliable" DNS servers compromise my anonimity while using VPN?

    Anyone sitting between PP and the DNS server or the DNS server itself. If DNS isn't properly implemented (leaky), then you are leaking all websites you visit to your ISP and everyone inbetween you and DNS server, including the DNS server (who all have your real IP address).

    Generally it is abnormal to use a DNS server that is not from the local gateway of your ISP.

    Depends on the VPN protocol and client implementation. Infinite things can go wrong, only a few ways to do it right.

    If DNS is leaking, it can be used to fingerprint unique users if correlated against traffic streams. DeAnonymization is relatively easy if you have observer access to traffic.

    Hard to say without exploring their network, but they don't use multiplexing so... if a closeby ISP or regional exchange would like to give us network access, we could probably deanonymize all PP traffic and users over a weekend.
     
Loading...
Thread Status:
Not open for further replies.