|
|
|
|
|
|
by Cyph0n
488 days ago
|
|
|
It ultimately depends on your threat model. But assuming a state actor has access to NetFlow data, an attack could work like this: * State actor determines that an IP belonging to a VPN company had a session on example.com around t1-t2 * You -> VPN server at t1 * VPN server -> example.com at t1+latency * More traces from both sides until around t2 as you browse the site By correlating multiple samples, and accounting for latency between you and the VPN server and delay introduced by the VPN itself, they would be able to get decent confidence that it was you. |
|
|
I feel sad that we have given governments such major accesses in the name of unification.
We need more decentralization at the political level & economical level as well (like most money goes to your city , then state , then at the country , very nominal amount)
Let city decide what it wants with major town hall discussions.