Hacker News new | ask | show | jobs
by richbell 1439 days ago
Unfortunately Google is failing me right now. There was a case within the last few years where someone was convicted because their VPN provider was sharing raw traffic (not logs) with the government. If anyone knows what I'm referring to, please chime in.

But given the existence of Room 641A[0], and other extra-judicial mass surveillance, I am confident in my assertion. Moreover, the explosion of VPN companies with large marketing budgets over the past few years has always made me suspicious.

[0] https://en.m.wikipedia.org/wiki/Room_641A
3 comments
mike00632 1439 days ago
You're probably thinking of the big story from January of this year:

https://www.pcmag.com/news/nordvpn-actually-we-do-comply-wit...

NordVPN says they don't collect logs, but then it came out that they send information to law enforcement. So the big question is what information is being sent to law enforcement. Despite what NordVPN maintains, it seems like they do keep incriminating data about their users.

link
Terry_Roll 1439 days ago
Maybe the vast majority of big companies listed on stock markets work for the govt, and the price of a CEO or board member keeping quiet is the income and wealth gained from these stock market listed entities?
link
darkhorn 1439 days ago
https://blog.hidemyass.com/en/lulzsec-fiasco
link
mandelbrotwurst 1439 days ago
What does raw traffic that is not in the form of logs look like? Maybe you mean that they are streaming logs in real-time rather than sending log files in batches periodically?

You don't mean sharing raw traffic as in forwarding actual requests, I wouldn't think?

link
drdaeman 1439 days ago
It could be either mirroring all the traffic to an agency-provided black box, or sending just NetFlow (or sFlow) metadata about the traffic.

And if someone thinks the first option is not realistic - this is how almost every ISP in Russia works (search for SORM-2 and SORM-3 for more detail, typically traffic is mirrored at ISP's border gateway(s)). Sure, Russia or China wouldn't be great examples, but the point is that it's technically possible, even at scale, and all the real problems are in the meatspace (legal enforcement or coercion).

link
_jal 1439 days ago
> You don't mean sharing raw traffic as in forwarding actual requests, I wouldn't think?

The usual method is either to use a splitter or switch configuration to mirror traffic to another interface, attached to a machine running packet capture/analysis tools.

link
dicknuckle 1438 days ago
Unencrypted obviously.
link