[mindslight]

Of course one has to wonder how much of that "poor OPSEC" is actually just parallel construction. The linked article doesn't sound like it. But on the other hand with the way mass market VPN software generally works, how many people are going to be absolutely sure that all of their traffic definitely went out the tunnel?

The FBI having access to an NSA-provided tool that takes some IP addresses and returns other "associated" IP addresses (from trivial packet correlation on PIA's upstream) would produce a pattern of investigation that essentially looks the same.

[mirimir]

Sure, a lot of it may be parallel construction. We do know that the NSA shares with the FBI and other TLAs.

If your threat model includes the NSA or the like, VPN services are at best a minor hindrance. Possible options include Tor and "anonymously" using WiFi hotspots.

I only know of one fundamental fail for Tor: the relay-early bug that CMU exploited. The others have involved Firefox and Windows bugs. People using Whonix in Linux hosts, and hitting Tor through nested VPN chains, would have been safe from any attack that I've heard of. But then, maybe I just haven't heard of the juicy ones.

I've tried the "anonymously using WiFi hotspots" approach. It's a pain in the ass. And in today's high-surveillance environment, I believe that it's a dumb idea.

It's true that VPN leakage is a serious risk. But you can use firewall rules to prevent DNS and traffic leaks. Or you can use VPN services whose client apps do that for you.

Also, I'm talking about desktop use. Doing any of this on mobile devices is a lot harder, I think. I'm not sure that I'd even bother.

[mindslight]

The quip about someone being sure absolutely no traffic went out their access IP is that without extreme confidence, they won't be pushing their lawyer/team to scrutinize the chain of custody for the server logs, hinging their case on procedural grounds. Someone diligent enough to setup proper firewall rules is probably also forethinking enough to not go cracking random newspaper websites for fun.

And yeah in regards to criminal activity, I think it would be prudent to consider the NSA, specifically bulk processing of dragnet surveillance, part of the threat model in the modern age. It's very easy for the public narrative to focus on a guilt-implying needle in a haystack, regardless of how that needle was actually found.

[jedberg]

> Possible options include Tor

I thought most folks believe that the NSA/CIA/some other TLA has control of more than 50% of the exit nodes, which should be enough to reconstruct the sources of most traffic.

[deno]

It seems rival agencies (Chinese, Russian) should be interested in doing the same, or at least denying NSA this capability. I mean adding some exit nodes is not exactly expensive, seems like a low hanging fruit, doesn’t it?

[mirimir]

Yeah, that's another argument. The NSA competes with its counterparts to own Tor infrastructure. And that competition prevents any one from owning enough to pwn users.

And it's no accident. Tor was designed that way.

[mindslight]

Listen-only access is non-exclusive, and works for packet correlation attacks.

Security wise, we really need to be moving away from this instantaneous-datagram model.

[mirimir]

Some people do. If that's true, all hope is lost ;)