So I’m pretty recent to the high seas but I’ve seen a few posts now about “stop relying on your VPN” and “people that think VPNs will protect them are naive” and so on.
So since I believe knowledge is our greatest weapon/tool/super-power, can we get some answers regarding what exactly the doomsayers are getting at? ELI5 why VPNs wouldn’t protect your anonymity.
Is it about logging? The country your end-point is in? Something more technical?
Ultimately I’d like to be fully armed in order to keep making the best choices for my fledgling ship as it navigates the vast, stormy seas.
There’s often a lot of bad information about VPNs which is never backed up with any actaul evidence.
Sure, you have to make sure its working properly and bound to your torrent client, but if it is, then that’s enough to protect you from copyright claims.
There is no evidence of any commerical VPN provider ever responding to a copyright notice. People mistakenly think this, when all that’s really happened is they were not connected properly and their ISP got the notice direct. There is no situation where the copyright troll contacts the VPN provider, find the real user, then somehow makes the ISP send a notice to them. Doesn’t even make sense.
Exactly - snd yet people still claim their ‘VPN ratted them out’ - it didn’t - it might hve failed, or the user never turned it on, but the VPN provider didn’t get a copyright notice from Disney and forward it an ISP.
Spot on. All you need to do is change adaptor in your torrent client so that it is only allowed to work with the virtual network adaptor set up by your VPN software. That way even when your connection falters, it’s never allowed to send a single packet via your raw network adaptor.
Almost every time “regular” people get in trouble for piracy, the reason is that they seeded something, a copyright law firm (or their contractor) noticed it, noted their IP address and then either went and got the real life address from the ISP so that they could send you “the bill” or they made the ISP send you something, depending on where you live really.
That means, as long as that that IP address that shows up on that law firms screen isn´t actually “your own”, isn´t immediately traceable to you simply by calling up your ISP, you´re already one step ahead in the game.
That law firm might still try to contact the owner of that IP though, either to send them “a bill” or to get them to rat on you. And that´s why it is important that your VPN provider operates in a way that allows them to simply ignore that. Either by operating out of a country that doesn´t mandate them to “help finding you” or by simply not keeping any logs of what actual IP was connected to what VPN IP at what time.
So if you have a VPN provider that maybe operates out or through a country where piracy is legal or has proven through audits that they couldn´t rat even if they wanted, you´re highly unlikely to get into any trouble.
And encrypting your traffic so your ISP can’t definitively see what you’re doing. They can guess, but they can’t definitively tell. That encrypted traffic is a shield for your ISP. When an IP holder demands something, the ISP can say it is encrypted and they can’t read it. It forces the bulk of the work back onto the IP holder. If your VPN is doing what it claims to do, then the work of that IP holder gets extremely difficult to downright impossible.
Every site on earth has been using https for multiple years. The only thing that is visible to your ISP has been the server’s address for a while. VPNs just got encrypt that as well, but that’s about it.
And yet, if you use a cheapo VPN with a well-known address (shared IP) sites like Amazon, or even Wikia will block you. Why? If most of your information is ‘private’ anyways, why go through the step of preventing a potential customer/user just because of their IP?
Because in reality, even such a minor thing as a dinky $3/month VPN is a huge headache for people trying to farm relevant information from you. Public Cookies, Basic Telemetry, and really any sort of ad-relevant data is pretty much publically available to any interested party, and even the simplest VPNs screw that up to a large degree.
People don’t go out of their way to spend a couple of bucks on a VPN and reserved IP because they think they’re gonna defeat the CIA or become a Net Ghost, they do it to get around region locks, IP bans, localized pricing (and yes to pirate their favorite movies/video games).
This isn’t why. They refuse service because a large part of DDoS, scam and generally unlawful trafic comes from VPNs (because the criminals are the ones interested in masking their true IP, for police evasion). If your site has a payment form, it is financial suicide to not block common VPN IPs because carders will use it to test their ill-acquired cards. If your site has a way to make a request that cost a lots of resources, you want to block VPN IPs because otherwise your site gets DoSed to hell and back by anyone who has a problem with you. The collateral damage of blocking people who deny you one data point to track them is completely acceptable to these businesses.
Try to find a VPN that’s a nonprofit or community oriented. Usually the VPNs with the most marketing and advertising are the most profit driven and less concerned about your privacy. Use DDG, Brave search or anything but Google to research. A lot of people don’t understand that Google is just an advertising company that uses it’s search engine sell products, they also get commission through referral, so it’s in the company’s interest for you to pay more.
VPNs protect your IP address, which is useful, but it ends there. Your IP is known to your VPN provider and can even still be found by those tech-savvy enough if you don’t take the right precautions. Basically, VPNs are useful, but don’t expect them to be the ultimate privacy multi-tool. It’s more like one of many different tools to protect yourself online
@PurrJPro@jordank1977 The thing is, VPNs create enough friction for authorities to stop them from tracking you down for downloading a movie.
Also, in some countries it’s not even authorities catching you torrent stuff, it’s asshole lawyers who basically bounty hunt for media companies. It’s only viable for them to screw over hundreds of people at once, they’re unlikely to try and argue with a VPN provider.
The thing with VPN’s is that you’re only shifting the trust from your ISP to your VPN provider. That provider can still see pretty much everything you’re doing and your real IP, if they wanted to. To add to this, plenty of VPN companies have been found logging when they said they didn’t. I would say either set up traffic for I2P, or simply go with an actually no logs VPN company like Mullvad, who’s been battle tested and doesn’t log, and you’ll be fine.
People also say that because it’s important to understand what a VPN is and does as well. It wasn’t originally meant to be any sort of anonymity tool, the technology exists to make it seem as if your traffic is coming from somewhere else - which allows for things like remote work on a local network.
Skip Mullvad. They’re removing port forwarding at the end of the month. I’ve been with them for years and unfortunately have to switch providers yet again.
Eh don’t bother. You weren’t as anonymous as you thought using port forwarding if you’re doing anything bad enough to warrant NSA attention. Most users probably are not. Mullvad is just being honest about their limitations here.
I doubt the NSA will come after me for sharing some movie files, so I’m not really worried about that. Port forwarding is essential though as you won’t be able to seed any files to 99.9% of leechers, which is an issue with private trackers and goes against the concept of p2p sharing in general.
Mullvad is removing port forwarding because a few bad apples spoiled the bunch by using their service for highly illegal things and its bringing too much attention to the company, as they described in their press release. They aren’t removing it because they can’t keep things anonymous (which is why they removed the automatic monthly subscription some time ago).
I am going to switch to AirVPN after some limited googling based on price, popularity, and port forwarding (the three 'P’s). I dunno a whole lot about them but my main priority is just hiding my IP from movie studios and port forwarding. I don’t need my traffic locked down like Fort Knox.
Important to note that Mullvad has stopped allowing port forwarding, if that is important to your VPN needs. I’m giving ProtonVPN a try now (though they don’t make Linux usage as friendly as I’d like)
Any ideas on how to do this? I’ve tried using i2p–in Firefox–and can’t seem to make it work. Sites that are supposedly up won’t load. I’ve followed all the tutorials that I’ve found, and it doesn’t seem to be doing what’s expected. And no, I can’t give any details at this second, because I’m away from my home computer, and it’s been a few months since I tried.
@HelixDab@jordank1977@CausticFlames you should look into lokinet. i initially made it for the sole purpose of torrenting linux isos and linux iso accessories. it can do internal bitorrent just fine if your client follows the bittorrent spec religiously.
I think this is not how it works. It’s like saying: I’ll connect a physical lock to my laptop and I’m more secure. (Many PC laptops have on the side a standardized connector for physical locks which is often used in electronics stores)
Better to go a step back and to consider your Threat Model. What are you doing? What are things that could likely happen right now? Is <insert security solution> adding to your security/backing up your Threat Model or is it making things worse because it’s adding stuff that you don’t need, making workflows so complicated you’re likely to misconfigure?
To give a more practical example, there have been a lot of conspiracy theories about Antivirus software. In some sense the nay sayers are right and it actually adds possible holes since they tend to run with elevated privileges. On the other hand, does it really matter for your use case? If you download random stuff online, you should probably install one. (Probably also for your fellow humans so your computer doesn’t end up being a botnet host) But if everything on your computer is hand-picked ™, you might be actually right and they decrease security.
You shouldn’t even to it that way. If you run possible malicious Software, the antivir has a chance to miss it. If it’s a new virus. Run everything in a sandbox and check if it calls some kind of control server and let the antivir check it in said sandbox. Than you can transfer it to your main PC
It depends what are you doing. Torrenting child porn? A VPN won’t change anything because they’ll hopefully collaborate with law enforcement to track you down.
Torrenting a tv show? Usually the vpn company will ignore any requests from law enforcement as it’s not a real crime
because they’ll hopefully collaborate with law enforcement to track you down.
Unlikely - most of the time they won’t have any logs anyway.
People get caught for CP and other crimes due to lapses in their own security usually - reusing user names across sites, details in photos that can be identified, or simply using a non encrypted connection one time.
Copyright infringement is not a crime. It’s grounds for a civil suit, but it looks really bad for Sony entertainment to try to bleed tens of thousands of dollars from a poor family trying to watch a movie they couldn’t afford to watch in theaters.
Possessing or viewing CSAM is so severe a crime, you need a lawyer to dispose of it. To not do so is to stay in possession of it, which is a felony. To destroy it is destruction of evidence, which is a felony. Your only recourse is to stuff it in an unmarked box, and ask your lawyer to anonymously hand it over to the local precinct. It is essentially social toxic waste.
ETA [rant] Note that a) Sony (and all the other major studios and publishers and record labels) gladly pirates IP that is not theirs, and also underpays the people that produce their content. And b) Sony freely engages in dark patterns and odious TOSes which is one of the reasons I haven’t been able to play Sony games in years. So it is actually more ethical to pirate Sony content (or again, that of any major studio, record label, publishing house or AAA game company) than it is to pay the company and support their ongoing abuse of workers, end consumers and the market.
Also there is one thing you can do to them that is worse than pirating their content, and that is not pirating their content. [/rant]
I dont think the person you replied to talkes about morals but about legality. I do not know about the laws in your country but copyright infringement is a real crime that could allow the police to search my home and seize my devices. Nobody here would argue about csam beeing worse but that was not the point for sure.
I’m not against pirating, I’m all for it. But copyright infringement is a crime (it might not be the case for all countries though!) Companies might not necessarily act on it on an individual level, but they still can put pressure on ISPs to track this kind of traffic.
Either way, it’s better to use a VPN than not using one just to be safe!
You’re right that I should have specified the US, and will edit my original comment.
It’s not a crime in the US that has state-served sentences like fines or imprisonment, rather is a civil infraction. Granted, the media trade organizations like the MPAA and RIAA would very much like to make copyright infringement felonious, but that could easily lead to overenforcement and filling our already impacted prisons even more.
I’ve heard the European watchdogs are more severe and will go after grandmothers who play radios too loudly regarding public performance regulations.
But we’re in an era in which states are passing laws to make persons illegal or strip them of their rights, so we can’t rely on the state (any state) to fairly assert how their populations should behave, and Disney has been an IP-maximalist shit since the mid 20th century.
So our respect of legality should only extend to what can and will be enforced. The Sheriff of Nottingham does not deserve our obedience. (Prince John neither)
That sentiment isn’t so much about piracy, but general security. Do keep in mind that the NSA can easily sniff your VPN traffic, even through logless Mullvad in theory, and access your account information to correlate and deanonymize you via subpoena. This is done routinely, and there are thousands of illegal subpoenas done yearly with no repercussion. Fortunately it seems the NSA is only going after heinous criminals, but that could also change. To be truly NSA safe is nearly impossible - did you know your password can be determined by a simple audio recording of you typing it? The NSA has frequently snuck into private residence to install keyloggers as well. What will a VPN matter in such a case?
So a VPN might prevent a DCMA notice from your ISP, but if the NSA starts caring about piracy y’all are out of luck.
Do keep in mind that the NSA can easily sniff your VPN traffic, even through logless Mullvad in theory, and access your account information to correlate and deanonymize you via subpoena.
Its trivial to find out youre using a VPN and which one and which of their servers youre using. If you pay for your VPN with identifying information (a card, PayPal etc) then they can theoretically make the provider log your specific activity.
The NSA has unlimited legal power in this context. They can legally go to any US VPN, copy all traffic onto their massive servers, and use it as they want. They probably already do this, although that claim is unverifiable. That traffic contains your IP address and the websites you’ve viewed, clear data of torrents you’ve downloaded, etc. Mullvad, being outside its jurisdiction, is possibly safer, but presumably since they operate servers in the United States at least those could be sniffed. There is precedent for all of this.
While it’s unlikely for you to specifically be targeted, my point is that you can never be truly anonymous on the internet.
The NSA is always going to have bigger fish to fry than busting individuals for IP violations. Risks exposing their methods in court and allowing their real targets the opportunity to harden their security even more. It would be an incredible waste of their resources.
They’re pretty exposed already, and in my opinion their targets probably can’t do much to protect themselves unless they are part of a foreign government, like the Kremlin. But yea they haven’t gone after piracy yet.
VPNs are one tool to help. They’re not the end-all-be-all. If the VPN provider is reliable, they can protect your IP address and keep your internet link more secure if using public network facilities (wifi or cellular) as the VPN tunnel is (should be) encrypted.
That said, if you are using software that fails to protect your user information by defect or by design, it can still leak data at the endpoint you are using, even though your connection is (hopefully) more secure.
Interesting, that’s exactly what I did. I am renting a VPS and am running my own OpenVPN server on that, and then my OpenVPN client connects to that VPN, and the OpenVPN server forwards traffic for specific ports to my OpenVPN client using iptables prerouting DNAT rules.
Using a VPN and HOW you use it all depends on your operational security (OPSEC).
If you’re a pirate consumer, then basically you need to keep your ISP from knowing what you’re doing, to prevent copyright strikes or shit-letters from Disney etm. A good VPN is fine.
If you’re a torrent creator, you need to raise your security a bit, depending on the “hotness” of the content. Rare anime torrent? Eh who cares. But you’re hosting HDCams from a movie released yesterday, or games that will be released officially in a week? You need to use a VPN in a country that does not have good relations to your country of origin. Yes, that means if you’re in the USA, get a Russian or Chinese VPN.
If you’re leaking state secrets, Snowden talked about what he did. He cracked wifi within a 2h drive distance, used a 12dBi yagi antenna, with a burner laptop loaded with Tails (Tor linux distro), and only used 1 cracked wifi per use. Never went back to the same place. Then again, he didn’t exactly fare well eventually.
If you’re doing the snowden shit your best covering your entire face and going to a local Starbucks with a tails laptop, dumping every file at once, and ditching the laptop.
Still just get out of the country and upload then.
In addition to this, boost your anonymity by buying second hand equipment off local marketplace apps. And make a mobile jumpbox that you can plug into random USB ports and leave there, connected to public wifi.
Tbh, I’m hesitant to ever suggest a Chinese VPN. That’s a great way to paint yourself with a target. 90% of good tradecraft is never giving anyone a reason to look at you.
Because it’s all a scam. You aren’t any more private than before. You just shift from point A to point B who knows the most about you. Then there are advanced analytics. You have a encrypted connection but if they know you used a VPN-Y. to talk to server X and server X has a seed for the new flash movie they still got you. It’s just a bit more complicated to get beyond resonable doubt. So the protection is that you hope your enemy isn’t interested in a bit more work. In a way you put a marker on your traffic by using a VPN that there might be something interesting.
I use a VPN to avoid captivation portals. That alone makes it worth it for me since I can have free internet connection, my ISP just puts a captivation portal instead of just cutting off your internet access.
Yes, an VPN is not private, because you trust your VPN provider instead your internet provider. But as a german, it’s pretty clear that all internet providers would give your name and adress to everyone that asks for it, regardless if you download something through torrent or stream something without the license. I would bet, in near future you cant even download a 30 years old ROM for an emulator, without getting a mail from Nintendos lawyers.
And yes, i trust Mullvad more then my internet provider. All of my devices are connected to Mullvad and i had never any problems.
Interestingly, Mullvad was recently raided by the Swedish authorities. They’ve got documents from the police about the raid: no customer data compromised because there wasn’t any.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !piracy@lemmy.dbzer0.com
⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.
There’s often a lot of bad information about VPNs which is never backed up with any actaul evidence.
Sure, you have to make sure its working properly and bound to your torrent client, but if it is, then that’s enough to protect you from copyright claims.
There is no evidence of any commerical VPN provider ever responding to a copyright notice. People mistakenly think this, when all that’s really happened is they were not connected properly and their ISP got the notice direct. There is no situation where the copyright troll contacts the VPN provider, find the real user, then somehow makes the ISP send a notice to them. Doesn’t even make sense.
Because doing so would put them out of business faster than you can say “fuck Spez”.
Your comment made me laugh. Seriously though, fuck Spez!
Exactly - snd yet people still claim their ‘VPN ratted them out’ - it didn’t - it might hve failed, or the user never turned it on, but the VPN provider didn’t get a copyright notice from Disney and forward it an ISP.
Spot on. All you need to do is change adaptor in your torrent client so that it is only allowed to work with the virtual network adaptor set up by your VPN software. That way even when your connection falters, it’s never allowed to send a single packet via your raw network adaptor.
This is the answer.
Almost every time “regular” people get in trouble for piracy, the reason is that they seeded something, a copyright law firm (or their contractor) noticed it, noted their IP address and then either went and got the real life address from the ISP so that they could send you “the bill” or they made the ISP send you something, depending on where you live really.
That means, as long as that that IP address that shows up on that law firms screen isn´t actually “your own”, isn´t immediately traceable to you simply by calling up your ISP, you´re already one step ahead in the game.
That law firm might still try to contact the owner of that IP though, either to send them “a bill” or to get them to rat on you. And that´s why it is important that your VPN provider operates in a way that allows them to simply ignore that. Either by operating out of a country that doesn´t mandate them to “help finding you” or by simply not keeping any logs of what actual IP was connected to what VPN IP at what time.
So if you have a VPN provider that maybe operates out or through a country where piracy is legal or has proven through audits that they couldn´t rat even if they wanted, you´re highly unlikely to get into any trouble.
removed by mod
And encrypting your traffic so your ISP can’t definitively see what you’re doing. They can guess, but they can’t definitively tell. That encrypted traffic is a shield for your ISP. When an IP holder demands something, the ISP can say it is encrypted and they can’t read it. It forces the bulk of the work back onto the IP holder. If your VPN is doing what it claims to do, then the work of that IP holder gets extremely difficult to downright impossible.
The copyright troll would be sending the emails to the VPN provider’s host. They won’t even know who your ISP is.
Exactly this - the troll will never know your ISP, so you literally cannot get a notice.
Every site on earth has been using https for multiple years. The only thing that is visible to your ISP has been the server’s address for a while. VPNs just got encrypt that as well, but that’s about it.
And yet, if you use a cheapo VPN with a well-known address (shared IP) sites like Amazon, or even Wikia will block you. Why? If most of your information is ‘private’ anyways, why go through the step of preventing a potential customer/user just because of their IP?
Because in reality, even such a minor thing as a dinky $3/month VPN is a huge headache for people trying to farm relevant information from you. Public Cookies, Basic Telemetry, and really any sort of ad-relevant data is pretty much publically available to any interested party, and even the simplest VPNs screw that up to a large degree.
People don’t go out of their way to spend a couple of bucks on a VPN and reserved IP because they think they’re gonna defeat the CIA or become a Net Ghost, they do it to get around region locks, IP bans, localized pricing (and yes to pirate their favorite movies/video games).
This isn’t why. They refuse service because a large part of DDoS, scam and generally unlawful trafic comes from VPNs (because the criminals are the ones interested in masking their true IP, for police evasion). If your site has a payment form, it is financial suicide to not block common VPN IPs because carders will use it to test their ill-acquired cards. If your site has a way to make a request that cost a lots of resources, you want to block VPN IPs because otherwise your site gets DoSed to hell and back by anyone who has a problem with you. The collateral damage of blocking people who deny you one data point to track them is completely acceptable to these businesses.
Try to find a VPN that’s a nonprofit or community oriented. Usually the VPNs with the most marketing and advertising are the most profit driven and less concerned about your privacy. Use DDG, Brave search or anything but Google to research. A lot of people don’t understand that Google is just an advertising company that uses it’s search engine sell products, they also get commission through referral, so it’s in the company’s interest for you to pay more.
VPNs protect your IP address, which is useful, but it ends there. Your IP is known to your VPN provider and can even still be found by those tech-savvy enough if you don’t take the right precautions. Basically, VPNs are useful, but don’t expect them to be the ultimate privacy multi-tool. It’s more like one of many different tools to protect yourself online
@PurrJPro @jordank1977 The thing is, VPNs create enough friction for authorities to stop them from tracking you down for downloading a movie.
Also, in some countries it’s not even authorities catching you torrent stuff, it’s asshole lawyers who basically bounty hunt for media companies. It’s only viable for them to screw over hundreds of people at once, they’re unlikely to try and argue with a VPN provider.
all countries*. in no country is it the law enforcement tracking movie torrenting
The thing with VPN’s is that you’re only shifting the trust from your ISP to your VPN provider. That provider can still see pretty much everything you’re doing and your real IP, if they wanted to. To add to this, plenty of VPN companies have been found logging when they said they didn’t. I would say either set up traffic for I2P, or simply go with an actually no logs VPN company like Mullvad, who’s been battle tested and doesn’t log, and you’ll be fine.
People also say that because it’s important to understand what a VPN is and does as well. It wasn’t originally meant to be any sort of anonymity tool, the technology exists to make it seem as if your traffic is coming from somewhere else - which allows for things like remote work on a local network.
Skip Mullvad. They’re removing port forwarding at the end of the month. I’ve been with them for years and unfortunately have to switch providers yet again.
Eh don’t bother. You weren’t as anonymous as you thought using port forwarding if you’re doing anything bad enough to warrant NSA attention. Most users probably are not. Mullvad is just being honest about their limitations here.
I doubt the NSA will come after me for sharing some movie files, so I’m not really worried about that. Port forwarding is essential though as you won’t be able to seed any files to 99.9% of leechers, which is an issue with private trackers and goes against the concept of p2p sharing in general.
Mullvad is removing port forwarding because a few bad apples spoiled the bunch by using their service for highly illegal things and its bringing too much attention to the company, as they described in their press release. They aren’t removing it because they can’t keep things anonymous (which is why they removed the automatic monthly subscription some time ago).
Decided where to go yet? In the same boat here…
I am going to switch to AirVPN after some limited googling based on price, popularity, and port forwarding (the three 'P’s). I dunno a whole lot about them but my main priority is just hiding my IP from movie studios and port forwarding. I don’t need my traffic locked down like Fort Knox.
Important to note that Mullvad has stopped allowing port forwarding, if that is important to your VPN needs. I’m giving ProtonVPN a try now (though they don’t make Linux usage as friendly as I’d like)
I would say either set up traffic for I2PAny ideas on how to do this? I’ve tried using i2p–in Firefox–and can’t seem to make it work. Sites that are supposedly up won’t load. I’ve followed all the tutorials that I’ve found, and it doesn’t seem to be doing what’s expected. And no, I can’t give any details at this second, because I’m away from my home computer, and it’s been a few months since I tried.
@HelixDab @jordank1977 @CausticFlames you should look into lokinet. i initially made it for the sole purpose of torrenting linux isos and linux iso accessories. it can do internal bitorrent just fine if your client follows the bittorrent spec religiously.
There’s an i2p extension in Firefox add ons
Best place to start is right here in this instance :)
https://wizanons.dev/post/4528
How would I setup traffic for i2p?
https://wizanons.dev/post/4528
I think this is not how it works. It’s like saying: I’ll connect a physical lock to my laptop and I’m more secure. (Many PC laptops have on the side a standardized connector for physical locks which is often used in electronics stores)
Better to go a step back and to consider your Threat Model. What are you doing? What are things that could likely happen right now? Is <insert security solution> adding to your security/backing up your Threat Model or is it making things worse because it’s adding stuff that you don’t need, making workflows so complicated you’re likely to misconfigure?
To give a more practical example, there have been a lot of conspiracy theories about Antivirus software. In some sense the nay sayers are right and it actually adds possible holes since they tend to run with elevated privileges. On the other hand, does it really matter for your use case? If you download random stuff online, you should probably install one. (Probably also for your fellow humans so your computer doesn’t end up being a botnet host) But if everything on your computer is hand-picked ™, you might be actually right and they decrease security.
You shouldn’t even to it that way. If you run possible malicious Software, the antivir has a chance to miss it. If it’s a new virus. Run everything in a sandbox and check if it calls some kind of control server and let the antivir check it in said sandbox. Than you can transfer it to your main PC
It depends what are you doing. Torrenting child porn? A VPN won’t change anything because they’ll hopefully collaborate with law enforcement to track you down.
Torrenting a tv show? Usually the vpn company will ignore any requests from law enforcement as it’s not a real crime
Unlikely - most of the time they won’t have any logs anyway.
People get caught for CP and other crimes due to lapses in their own security usually - reusing user names across sites, details in photos that can be identified, or simply using a non encrypted connection one time.
Loving the nonchalantness.
Copyright infringement is not a crime. It’s grounds for a civil suit, but it looks really bad for Sony entertainment to try to bleed tens of thousands of dollars from a poor family trying to watch a movie they couldn’t afford to watch in theaters.
Possessing or viewing CSAM is so severe a crime, you need a lawyer to dispose of it. To not do so is to stay in possession of it, which is a felony. To destroy it is destruction of evidence, which is a felony. Your only recourse is to stuff it in an unmarked box, and ask your lawyer to anonymously hand it over to the local precinct. It is essentially social toxic waste.
ETA [rant] Note that a) Sony (and all the other major studios and publishers and record labels) gladly pirates IP that is not theirs, and also underpays the people that produce their content. And b) Sony freely engages in dark patterns and odious TOSes which is one of the reasons I haven’t been able to play Sony games in years. So it is actually more ethical to pirate Sony content (or again, that of any major studio, record label, publishing house or AAA game company) than it is to pay the company and support their ongoing abuse of workers, end consumers and the market.
Also there is one thing you can do to them that is worse than pirating their content, and that is not pirating their content. [/rant]
I dont think the person you replied to talkes about morals but about legality. I do not know about the laws in your country but copyright infringement is a real crime that could allow the police to search my home and seize my devices. Nobody here would argue about csam beeing worse but that was not the point for sure.
I’m not against pirating, I’m all for it. But copyright infringement is a crime (it might not be the case for all countries though!) Companies might not necessarily act on it on an individual level, but they still can put pressure on ISPs to track this kind of traffic. Either way, it’s better to use a VPN than not using one just to be safe!
You’re right that I should have specified the US, and will edit my original comment.
It’s not a crime in the US that has state-served sentences like fines or imprisonment, rather is a civil infraction. Granted, the media trade organizations like the MPAA and RIAA would very much like to make copyright infringement felonious, but that could easily lead to overenforcement and filling our already impacted prisons even more.
I’ve heard the European watchdogs are more severe and will go after grandmothers who play radios too loudly regarding public performance regulations.
But we’re in an era in which states are passing laws to make persons illegal or strip them of their rights, so we can’t rely on the state (any state) to fairly assert how their populations should behave, and Disney has been an IP-maximalist shit since the mid 20th century.
So our respect of legality should only extend to what can and will be enforced. The Sheriff of Nottingham does not deserve our obedience. (Prince John neither)
Me too! The world would be worse without free TV/movie/software.
That sentiment isn’t so much about piracy, but general security. Do keep in mind that the NSA can easily sniff your VPN traffic, even through logless Mullvad in theory, and access your account information to correlate and deanonymize you via subpoena. This is done routinely, and there are thousands of illegal subpoenas done yearly with no repercussion. Fortunately it seems the NSA is only going after heinous criminals, but that could also change. To be truly NSA safe is nearly impossible - did you know your password can be determined by a simple audio recording of you typing it? The NSA has frequently snuck into private residence to install keyloggers as well. What will a VPN matter in such a case?
So a VPN might prevent a DCMA notice from your ISP, but if the NSA starts caring about piracy y’all are out of luck.
Can you say more about this?
Its trivial to find out youre using a VPN and which one and which of their servers youre using. If you pay for your VPN with identifying information (a card, PayPal etc) then they can theoretically make the provider log your specific activity.
The NSA has unlimited legal power in this context. They can legally go to any US VPN, copy all traffic onto their massive servers, and use it as they want. They probably already do this, although that claim is unverifiable. That traffic contains your IP address and the websites you’ve viewed, clear data of torrents you’ve downloaded, etc. Mullvad, being outside its jurisdiction, is possibly safer, but presumably since they operate servers in the United States at least those could be sniffed. There is precedent for all of this.
While it’s unlikely for you to specifically be targeted, my point is that you can never be truly anonymous on the internet.
The NSA is always going to have bigger fish to fry than busting individuals for IP violations. Risks exposing their methods in court and allowing their real targets the opportunity to harden their security even more. It would be an incredible waste of their resources.
They’re pretty exposed already, and in my opinion their targets probably can’t do much to protect themselves unless they are part of a foreign government, like the Kremlin. But yea they haven’t gone after piracy yet.
VPNs are one tool to help. They’re not the end-all-be-all. If the VPN provider is reliable, they can protect your IP address and keep your internet link more secure if using public network facilities (wifi or cellular) as the VPN tunnel is (should be) encrypted.
That said, if you are using software that fails to protect your user information by defect or by design, it can still leak data at the endpoint you are using, even though your connection is (hopefully) more secure.
Here you go, this is the truth.
Interesting, that’s exactly what I did. I am renting a VPS and am running my own OpenVPN server on that, and then my OpenVPN client connects to that VPN, and the OpenVPN server forwards traffic for specific ports to my OpenVPN client using iptables prerouting DNAT rules.
I work in aviation so my use of a VPN is limited to the public wifi at the airport and torrenting.
Using a VPN and HOW you use it all depends on your operational security (OPSEC).
If you’re a pirate consumer, then basically you need to keep your ISP from knowing what you’re doing, to prevent copyright strikes or shit-letters from Disney etm. A good VPN is fine.
If you’re a torrent creator, you need to raise your security a bit, depending on the “hotness” of the content. Rare anime torrent? Eh who cares. But you’re hosting HDCams from a movie released yesterday, or games that will be released officially in a week? You need to use a VPN in a country that does not have good relations to your country of origin. Yes, that means if you’re in the USA, get a Russian or Chinese VPN.
If you’re leaking state secrets, Snowden talked about what he did. He cracked wifi within a 2h drive distance, used a 12dBi yagi antenna, with a burner laptop loaded with Tails (Tor linux distro), and only used 1 cracked wifi per use. Never went back to the same place. Then again, he didn’t exactly fare well eventually.
If you’re doing the snowden shit your best covering your entire face and going to a local Starbucks with a tails laptop, dumping every file at once, and ditching the laptop.
Still just get out of the country and upload then.
In addition to this, boost your anonymity by buying second hand equipment off local marketplace apps. And make a mobile jumpbox that you can plug into random USB ports and leave there, connected to public wifi.
Tbh, I’m hesitant to ever suggest a Chinese VPN. That’s a great way to paint yourself with a target. 90% of good tradecraft is never giving anyone a reason to look at you.
Because it’s all a scam. You aren’t any more private than before. You just shift from point A to point B who knows the most about you. Then there are advanced analytics. You have a encrypted connection but if they know you used a VPN-Y. to talk to server X and server X has a seed for the new flash movie they still got you. It’s just a bit more complicated to get beyond resonable doubt. So the protection is that you hope your enemy isn’t interested in a bit more work. In a way you put a marker on your traffic by using a VPN that there might be something interesting.
I use a VPN to avoid captivation portals. That alone makes it worth it for me since I can have free internet connection, my ISP just puts a captivation portal instead of just cutting off your internet access.
Yes, an VPN is not private, because you trust your VPN provider instead your internet provider. But as a german, it’s pretty clear that all internet providers would give your name and adress to everyone that asks for it, regardless if you download something through torrent or stream something without the license. I would bet, in near future you cant even download a 30 years old ROM for an emulator, without getting a mail from Nintendos lawyers.
And yes, i trust Mullvad more then my internet provider. All of my devices are connected to Mullvad and i had never any problems.
Interestingly, Mullvad was recently raided by the Swedish authorities. They’ve got documents from the police about the raid: no customer data compromised because there wasn’t any.
The Swedish authorities answered our protocol request
Contains the documents and the relevant pieces of Swedish law. Now, up to anyone to decide if that’s secure enough with other precautions.