VPN query in general

Discussion in 'privacy problems' started by Paranoid Eye, May 6, 2015.

  1. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    Just wondered this, lets say I use PIA or mulvad VPN provider when I connect to one of their servers, do they get my ISP (real) IP address ?

    Or does PIA/Mulvad source your IP and connection and then scramble it and route it to the server ?
     
  2. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    By "they" do you mean that VPN provider? Because considering the second sentence it seems like it could be different questions entirely. The VPN provider would indeed see your real IP/ISP. That is why the concept of nested approaches exists... to make it so that the site you're browsing cannot see your real IP/ISP, and that your ISP cannot see that site.

    If by "they" you mean "the man", I don't believe in this day & age it's possible, no matter the approach or amount of hops to truly be anonymous. Better to have your conversations in person in a crowded place or get 2 coffee cans and a VERY long string.
     
  3. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    I badly worded it or misunderstand the method of how vpns work.

    So if I connect to a VPN lets say PIA they indeed get my real ip/location, but then does the vpn provider or PIA connect to another server or datacentre in netherlands does that server or datacenter get my real ip/location ?

    Or is that not how VPNs operate?
     
  4. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    For one-hop VPN services, you generally connect to just one server. That is, the VPN exit IP address that websites see is the same as the IP address that you connect to. Sometimes the exit IP address is different, but it's normally close, in the same subnet. Some nominally one-hop VPN services may use a second server to route around network blocking. But you can always tell by comparing the IP address that you connect to with the IP address that whatismyipaddress.com or whatever reports.
     
  5. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    Not while operating systems leak user or system identifiable information like a sieve for any application to grab and secretly send over whatever connection you are using.
    Things like IP addresses, mac addresses, account user names etc should be protected by the OS and they are not. They are accessible to standard user level apps when they should require elevated permissions. I don't think it should be administrator level, but something in between standard user and administrator, a separate group permission called privacyguard or something similar.
    This would mean standard apps would not be able to get access to privacy sensitive information which only the system itself and elevated applications would be granted access to.
     
    Last edited: May 7, 2015
  6. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    hmm guess I am misunderstanding how VPNs operate then, how to best word my question...

    If a single user connects to say Mulvad VPN provider, your IP is revealed to mulvad naturally who then I assume take your connection to a server in say netherlands ?

    Your connection then goes from your ip address to a netherlands ip address (shared or otherwise)

    Is that not how vpns operate roughly ?

    I would have assumed the man in the middle or mulvad would scramble your ip address to that netherlands server/data center or do they just get your real ip from mulvad also....

    Could be wrong on how vpns operate ;)
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    When you connect to "Mulvad VPN provider", what you are in fact connecting to is some server operated by Mulvad in (let's say) Amsterdam. That server then acts as a proxy for your Internet activity. You're not connecting to some Mullvad website, and then from there to the server Amsterdam. There's just the server.
     
  8. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    Thanks that clears that up then :)

    VPN chaining still a good option as always then
     
  9. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    V
    Glad to help :)
    Yes :)

    I did leave out a couple details, though. For properly setup VPN services, there will be one or two additional servers involved in one-hop routes. One is the authentication server, ideally self-hosted in a privacy-friendly jurisdiction and well secured, that stores account information. When you connect to one of their VPN servers, it queries the authentication server, which checks your account and OKs (or not) the connection. The other is a private DNS server, typically hosted in the same data center with the VPN server, that resolves DNS lookup requests for the VPN server. But, depending on setup and load, that may be a process on the VPN server. The VPN service's website typically runs on commodity webserver, and securely sends account information to the authentication server.
     
    Last edited: May 9, 2015
  10. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    Thanks as always mirimir
     
Loading...