And shitposting here in germany has become slightly more dangerous. If you use a vpn to call your local politician an idiot, you are much less likely to get into legal trouble.
Here in the United States, I don't know that I could trust the vpn to protect me from that. I remember an incident from a few years ago, some idiot at Harvard emailed in a bomb threat to get out of finals. They arrested him only a few hours later. It's possible he misused the vpn, but I suspect that they merely contacted the vpn provider, got a shortlist of people going through that endpoint, and eliminated all of them not in Boston. Didn't require any Stuxnet-type fuckery or super-secret technology. Be careful and good luck.
I remember that, Schneier talked about it on his blog.
It was actually tor (the threat came from tor), and harvard 'found' him by constantly logging what connections were going to known tor entries from on campus. As it turns out he was one or possibly the only one using tor that morning from harvard.
Bruce outlines it that he certainly could have stayed tight-lipped (all evidence was circumstantial) but, nevertheless confessed as soon as they approached him.
Network traffic analysis/DPI strikes again. I wonder how many people think that their VPN usage obscures their identity, when the flow of traffic at certain times gives X% probability that this person visited the site based on the timing/size/speed/length of each TCP stream, increasing in confidence every repeated visit. Hell, how often will someone download a file of exactly 7060378032 bytes? It may not be damning evidence, but it'll surely put you under suspicion; sometimes that's all it takes.
I'm looking forward to when VPNs always throw up chaff traffic.
> I'm looking forward to when VPNs always throw up chaff traffic.
Mullvads DAITA (Defense Against AI-guided Traffic Analysis) is going into that direction[0] and Mullvad is one of the better providers. Tor also has some protections against this afaik and the upcoming nym vpn is also doing some traffic obfuscation [1]. But as the saying goes: Correlation Attacks are a bitch.
It's not even that complicated, the list of Tor entry nodes is public, all they had to do is look in their logs for connections to those IP addresses coming from their network.
Yeah, it's not gonna help you for that but for low level "crime" (and those "" do some heavy lifting) where the police basically asks providers for logs once and than give up you are fine with any of the more "trustworthy" (and those "" do some heavy lifting) vpn providers.
Correlation attacks are a bitch and i'm sure i'm on a shortlist already but calling a politician an idiot with a burner account made using a vpn should be fine.
My ISP is smarter - they just block all the torrent and streaming site I visit, and try to push me to upgrade to a plan with many streaming platforms bundled in it. Sucks for them, because I already subscribe to a few of them but still prefer torrent-ing to download videos to watch them offline whenever I want, without unnecessary time limits, in the video / audio quality I want, in the medium I want (TV, computer, mobile devices etc.), with the software (player) I like, without ads and other nags.
I used to do private P2Ping actively. Now I don't. Not enough time - for that, not motivated enough - for that. So I was planning to let go of that VPS of mine where my Seedbox resides. But I am not sure anymore. I do feel I may let it up and running just like many others who did it when I couldn't afford a Seedbox.
Then on the other hand I feel that the real need are from people who come to find those Linux ISOs from public P2Ps and for that I think I will be booted off my VPS in a day or two. So eventually I think this will be better - dust off that old r-pi (or maybe get a new one), get a cheap HDD, get a VPN and let it stay at home and keep seeding.
I'm a happy PIA user for many years, but I probably won't really trust any US-based VPN with what the Republicans are going to be doing in the next couple of years. They will absolutely destroy all privacy for the "save the children" boogeyman. A VPN not based in the US is the only workaround I can see, and that's if we're even allowed to use them.