Submitted via IRC for TheMightyBuzzard
A Massachusetts man was arrested late last week on suspicion of conducting a cyberstalking campaign against a female former roommate, her friends, and family. Court documents reveal that logs, obtained by the FBI from privacy service PureVPN, helped the prosecution. Until now, PureVPN had always maintained it carried no logs - almost.
[...] if one drills down into the PureVPN privacy policy proper, one sees the following:
Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a ‘connection’ and the total bandwidth used during this connection is called ‘bandwidth’. Connection and bandwidth are kept in record to maintain the quality of our service. This helps us understand the flow of traffic to specific servers so we could optimize them better.
This seems to match what the FBI says – almost. While it says it doesn’t log, PureVPN admits to keeping records of when a user connects to the service and for how long. The FBI clearly states that the service also captures the user’s IP address too. In fact, it appears that PureVPN also logged the IP address belonging to another VPN service (WANSecurity) that was allegedly used by Lin to connect to PureVPN.
I think I'll stick with PrivateInternetAccess who've had their lack of logging stand up in court.
Source: https://torrentfreak.com/purevpn-logs-helped-fbi-net-alleged-cyberstalker-171009/
(Score: 3, Insightful) by TheGratefulNet on Monday October 09 2017, @02:34PM (4 children)
I used to use PIA but they are UK based (from what I can gather) and the UK is about as far from trustable for privacy as you can get!
also, their software worked for me for many months and then stopped. they could not figure it out and so I gave up.
even if I got their software to work, I have many doubts about the company.
"It is now safe to switch off your computer."
(Score: 5, Interesting) by hemocyanin on Monday October 09 2017, @02:46PM
Anyone can say anything, but this is what PIA says on the topic: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/229705288-Is-Private-Internet-Access-Located-In-A-Fourteen-Eyes-Country- [privateinternetaccess.com]
Any paranoid scenario possible is probably reasonable to think about when using any VPN provider for nefarious purposes. Lin would probably have been better off using a coffee shop (with no video surveillance) or other person's wifi, though that isn't as straightforward today as open routers/WEP encryption are mostly a thing of the past.
(Score: 2) by The Mighty Buzzard on Monday October 09 2017, @03:14PM
US-based. Always have been as far as I know. And if you sign up through non-obvious payment means all you really have to worry about is live capture; they've already proven they'll shut down operations rather than comply with that.
My rights don't end where your fear begins.
(Score: 3, Informative) by number11 on Monday October 09 2017, @03:17PM
While PIA is owned by company called "London Trust Media, Inc.", that company appears to be US-based. That may, or may not, make you feel better about them.
(Score: 2) by EvilSS on Monday October 09 2017, @05:45PM