SoylentNews is people
SoylentNews
Submitted via IRC for TheMightyBuzzard
A Massachusetts man was arrested late last week on suspicion of conducting a cyberstalking campaign against a female former roommate, her friends, and family. Court documents reveal that logs, obtained by the FBI from privacy service PureVPN, helped the prosecution. Until now, PureVPN had always maintained it carried no logs - almost.
[...] if one drills down into the PureVPN privacy policy proper, one sees the following:
Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a ‘connection’ and the total bandwidth used during this connection is called ‘bandwidth’. Connection and bandwidth are kept in record to maintain the quality of our service. This helps us understand the flow of traffic to specific servers so we could optimize them better.
This seems to match what the FBI says – almost. While it says it doesn’t log, PureVPN admits to keeping records of when a user connects to the service and for how long. The FBI clearly states that the service also captures the user’s IP address too. In fact, it appears that PureVPN also logged the IP address belonging to another VPN service (WANSecurity) that was allegedly used by Lin to connect to PureVPN.
I think I'll stick with PrivateInternetAccess who've had their lack of logging stand up in court.
Source: https://torrentfreak.com/purevpn-logs-helped-fbi-net-alleged-cyberstalker-171009/
(Score: 3, Interesting) by frojack on Monday October 09 2017, @08:16PM (1 child)
I suspect the perp used the VPN just to perform his nefarious acts, then shut it down and went back to his normal provider.
So any time he was on PureVPN he was engaged in what ever activity the FBI traced back to PureVPN. Probably he used email or other direct type of contact with the victims that leaves a log somewhere (like right in the headers).
Match log A with log B and you can build a track even when ONLY connections are tracked, EVEN if Pure never kept outbound logs.
Its not that hard if you have access to a bunch of logs along the route.
People who incessantly start nattering about VPN's when ever the privacy issue comes up just totally miss the point. If ALL the traffic goes through the VPN for days on end you MIGHT be able to hide in the deluge, but if you log in, do your nasty, and log out its a pointless exercise. You've left too many tracks in too many places.
No, you are mistaken. I've always had this sig.
(Score: 2) by The Mighty Buzzard on Monday October 09 2017, @10:34PM
Which is why you want to use a busy VPN endpoint. So your traffic gets mixed in with that of as many other people as possible. No logs, no way to tell which person to trace it back to. In theory anyway.
My rights don't end where your fear begins.