Most Dedicated VPN IP-Addresses Are Not Anonymous (torrentfreak.com) 27
"Many VPN services advertise themselves as ideal tools to offer security, privacy, and anonymity. To ensure the latter, they often have no-logging policies to prevent individual users from being exposed," writes Ernesto Van der Sar via TorrentFreak. "However, this is not necessarily true for the small group that use dedicated or static IP-addresses." From the report: Today, most of the top providers pride themselves on their "no logging" policies. They go to extreme lengths to ensure that anonymity is taken seriously, and some have hired third-party auditors to back up this claim. While we have no reason to doubt these results, not all VPN subscriptions are perfectly anonymous. Even companies with no-log policies can keep records that can link VPN IP-addresses to user accounts. That is, when they also offer dedicated IP-addresses, which are different from regular VPN connections.
With a dedicated IP-address, which is often sold as an add-on, users get a unique IP-address as opposed to a shared one. This can be very convenient as it reduces annoying captchas and can bypass regular VPN blacklists. However, it comes at an anonymity cost. By connecting through a single IP-address, monitoring outfits can build up a profile of the user's online activity. The real anonymity tradeoff, however, is that the VPN provider knows the user's IP-address and can connect it to other account information it has on record. This sometimes includes an email address. This may not be a concern for most people, but it's certainly something to keep in mind for the small subset of subscribers that use a dedicated VPN IP-address.
Broadly speaking, we would say that the "no logs" policies of VPN providers don't apply to dedicated IPs. That conclusion is backed up by several VPN providers we reached out to, which include VPNArea, NordVPN, CyberGhost, and Torguard. These providers all have a no-logging policy for their regular VPN service, which relies on shared IP-addresses. However, they see dedicated IP-addresses as a separate and different service, which is treated differently anonymity-wise.
With a dedicated IP-address, which is often sold as an add-on, users get a unique IP-address as opposed to a shared one. This can be very convenient as it reduces annoying captchas and can bypass regular VPN blacklists. However, it comes at an anonymity cost. By connecting through a single IP-address, monitoring outfits can build up a profile of the user's online activity. The real anonymity tradeoff, however, is that the VPN provider knows the user's IP-address and can connect it to other account information it has on record. This sometimes includes an email address. This may not be a concern for most people, but it's certainly something to keep in mind for the small subset of subscribers that use a dedicated VPN IP-address.
Broadly speaking, we would say that the "no logs" policies of VPN providers don't apply to dedicated IPs. That conclusion is backed up by several VPN providers we reached out to, which include VPNArea, NordVPN, CyberGhost, and Torguard. These providers all have a no-logging policy for their regular VPN service, which relies on shared IP-addresses. However, they see dedicated IP-addresses as a separate and different service, which is treated differently anonymity-wise.
Funny it's TorrentFreak... (Score:2)
To those sharing torrents, this is an "downgrade" of a service... you get a unique IP, now they know you by it.
Really, we don't have an anonymous Internet anymore. VPN allows you to claim the work ID instead of a home ID... and there's not much more to it that that. These "private" VPNs slow you down, and are really only useful to avoid public WiFi snoops.
Re: (Score:3)
you get a unique IP, now they know you by it.
That's OK with me. TOR is for popping up at random places on the Internet. A VPN is logically a very long Ethernet cable plugged in a jack in Monaco, for example. I want my Monegasque bank to think that I'm just down the road in my condo overlooking the yacht basin. Not sitting in some shitty little US flyover state with all the bullshit extra tracking that would trigger.
Same thing for my US bank (except no VPN is required). If perchance I should connect from some unrecognized IP address, I am subject to t
Re: (Score:2)
you get a unique IP, now they know you by it.
Know who by it? If you're accessing personal accounts online using the same VPN connection you're using for torrenting, you've already lost the game. But if you're opening web browsers in Private/Incognito mode to stop cookies from working, not checking your email or logging into your bank, etc, what will the usage of the dedicated IP address say about your to third-parties.
Re: (Score:2)
You were logged into Slashdot when you made that post, so Slashdot knows your IP address, your e-mail address, and that you like to call yourself "SeaFox". Most likely this info is worthless. But, if this does become interesting, your info can be shared with sponsors, spooks, and police.
Re: (Score:2)
I don't log into Slashdot when I'm on the VPN is the point. If you don't use anything personally identifiable with the dedicated IP, the IP no longer really identifies "you".
A few weeks back I saw something I did want to comment on, and I wanted to post as AC. Since you can't do unregistered posting on Slashdot anymore I had to boot up another computer so I could come back to the same story not-through-the-VPN to log in and post as AC.
Re: (Score:2)
It's only if you want a dedicated IP, or even a dedicated port. While you're connected and using it, it links back to you because well, you paid for it. (
Duh! (Score:1)
Next story.
Who would have though (Score:4, Insightful)
Seriously, do things that can be attributed to you with an identity (IP) that is persistent or longer-term stable and suddenly you are not anonymous anymore? What a surprise.
Re: (Score:2)
Re: (Score:3)
Well, "blessed are the incompetent, for they will ever be surprised by even simple facts".
Re: (Score:1)
Re: (Score:2)
Perhaps you are not aware that VPNs provide perfect anonymity to anybody with a credit card and $9.95/month. It is the perfect way to prevent cybercrime hackers from geolocating your IP and stealing your identity. It protects you from digital larceny at all times, and will allow you to break through firewalls. With a VPN you can break any number of so-called "laws" and "regulations" with impunity, because of their impenetrable defenses and robust "No-Log Promise(TM)".
You call yourself a Slashdotter? Pssh, y
Re: (Score:2)
$9.95? Naa, cannot be secure, too cheap!
Anonymous is not possible in a client/server setup (Score:1)
Gotta go ad hoc, peer to peer, not too easy with your ISP
Re: (Score:2)
P2P/TOR is too slow to reach the datacenter-driven sites... the design of the current network is stuck on Client/Server, and anonymity is out the window.
We'll be right back... (Score:2)
Uh, Slashdot Deals is offering non-work VPN services for discounts off of their own website price. Those sites claim it's an upgrade to get a private server with a dedicate IP... uh, that's not right.
Stop trusting VPN's (Score:2)
Unless it's your work VPN and your using it for work you should never trust any VPN. Really, you should treat any VPN as being no better than the public Internet - because it isn't. Encrypt your traffic going over your VPN just as if it's going over the Internet. If it is your work VPN provider trust it only for work purposes and nothing more.
If it is any other VPN provider you should never trust it. You almost certainly have no idea who owns your VPN, or whether or not they operate a secure shop. How do yo
Re: (Score:2)
Really, you should treat any VPN as being no better than the public Internet - because it isn't
Oh I forgot. Talking to a random stranger in private is 100% identical having a shouting competition with using megaphones over a crowded square.
Privacy is not an absolute it's a sliding scale and saying a VPN isn't any better than the open internet is quite stupid.
Re: (Score:2)
Trust them for what?
If my crappy ISP wants an extra $100/m for static IPs and a VPN provider wants $10/m for static IPs, I know which I would trust to provide the same service at a cheaper price.
No kidding (Score:2)
To use a static dedicated IP address the provider must store the link between your user account and the IP somewhere. Regardless if you call it a log or a configuration. It's always stored somewhere.
User accounts ... There's your problem already. (Score:2)
If the accounts are linked to actual people, like via payment information, or via using the same e-mail address or the same browser with the same cookies and cache and webstorage etc, the service is already a failure.
Ideally, it should be throwaway payment tokens with a password to prevent others from using what you paid for, and for using customer service.
Make sure that payments for usage can be made anonymously, or at least semi-anonymously via cryptocurrencies.
Also, the session database should only inclu
Meh (Score:2)
Should offer several different static IP Addresses (Score:2)
And make it easy to switch which one you use.
Static IP on a VPN? (Score:1)
Re: (Score:2)
Re: (Score:2)
Why would anyone use a static IP address on a VPN service? This undermines the fundamental reason for using a VPN. This seems more like a case of "Stupid is as stupid does."
So you can point DNS at it and run a server.
That's how I can log into my home linux boxes and security cameras.
The reason for using a VPN for static IPs is because it's cheaper than what an ISP typically charges for static IPs.