Maybe I’m completely wrong about everything I’m going to say and in that case we can laugh about this theory I guess but here it goes…

Most people are only worried about if the VPN provider is keeping logs or not. But even if they don’t keep logs you could still be tracked by anyone who can see incoming and outgoing connections to the VPN server.

This would be easier to explain if I drew some images but I hope you understand anyway with just text. What it looks like for these adversaries is:

  1. they know your IP and who you are.
  2. They see you connect to a VPN server.
  3. They see VPN server connecting to many different servers and they don’t know which one is you.

But when it comes to number 3, they could actually figure out which one is you.

Obviously, if you are the only person connected to the VPN server they will see that there is no one else besides you using it and then any outgoing connection from the VPN server must be you.

If there are just a few users. Maybe three users are just connected to the VPN server but not doing anything, just idle. Another user is spending time reading reddit. Then you connect to the vpn server and within a minute a new outgoing connection from the vpn server starts and goes to lemmy. Pretty good guess that is you from their perspective. And to make the guess even better, when the connection to lemmy ends, you decide to immediately end your connection to the VPN server. I’m confident this would be enough evidence in a court and then it’s definitely enough for data harvesting and mass surveillance.

All this analysis can be done automatically with AI, even if there are hundreds users on a VPN server, the AI will over a larger amount of time (not just hours but days/weeks/months) collect enough data to be able to profile users and make good guesses which domains you are visiting even if the VPN prpvider doesn’t have logs.

What is the solution to avoid this type of tracking? Tor baby, tor. Leeegggoooo Whonix!

  • tetris11@lemmy.ml
    link
    fedilink
    arrow-up
    7
    arrow-down
    1
    ·
    14 days ago

    Also, if you have a limited RAM smartphone and your VPN is operating in userspace, then all it takes is for one really large image to grace your smartphone screen for your OS to go into out-of-memory kill mode. What’s it going to kill? The foreground app you’re trying to use, or the background VPN app.

    In my experience, the VPN goes down before the browser does. Mounting a swap on your phone is not the worse solution against this, but the UI starts to get really unresponsive.

      • tetris11@lemmy.ml
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        edit-2
        14 days ago

        If you are who I think you are, we’ve probably had this discussion before. Even with an always on VPN, if the system runs out of memory it will kill the VPN first before the browser. In a perfect world the traffic would still be routed into a dead tunnel. From what I’ve seen, once the VPN is killed, the tunnel device is gone and the default route snaps back to wlan

        • masterofn001@lemmy.ca
          link
          fedilink
          arrow-up
          7
          ·
          edit-2
          14 days ago

          I am not. And I’ve never had this discussion.

          Always on vs the additional option of blocking internet until the VPN connects.

          The second option is more system level?

          Using shizuku (rish) in termux I checked the active links with VPN on and then force stopped / killed the VPN in terminal and checked again. The VPN tunnel disappeared but the dummy kill switch tunnels remained. I could not access any network connection.

          *The routing table also maintains the dummy kill switch

          • tetris11@lemmy.ml
            link
            fedilink
            arrow-up
            3
            arrow-down
            1
            ·
            14 days ago

            (oh sorry, but) I’ve heard this argument before. All I can say is that in my experience, when the system is out of memory, it kills some process (e.g. the UI) which upon restarting resets the networking

            • masterofn001@lemmy.ca
              link
              fedilink
              arrow-up
              7
              ·
              edit-2
              14 days ago

              You’ll be happy to know I just force killed :

              Android system
              Google services framework
              Network
              System UI
              System WiFi Resources
              Wi-Fi
              Settings
              System connectivity resources
              Secure UI service

              The results are the same

              VPN kill switch prevents network access.

              *later, when I’m connected to a PC, I’ll try killing/restarting userspace, shell, and user to see if I can get the kill switch to fail. (If I try those now it may kill shizuku which relies on shell - not sure.)

              I’ll also see if I can’t force lmk to kill all the memory.

              In cmd settings list secure these may be some part of what keeps the system from allowing a connection.

              always_on_vpn_lockdown=1 always_on_vpn_lockdown_whitelist=

        • ERROR: Earth.exe has crashed@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          2
          ·
          13 days ago

          On Android, you can turn on “Block connections without VPN” and all connections are blocked if VPN gets disconnected. This also makes VPN based firewalls not work, and if you use “Split Tunnel”, the apps not going through a VPN and are connected directly to the internet, also not work.

    • BearOfaTime@lemm.ee
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      14 days ago

      Yet another argument for root. Then you can exclude the VPN app from OOM. Or even move it into /system.

      I understand why this isn’t done (moving such apps to system), since mobile uses immutable OS concept. But we still need a way to manage such apps appropriately.

    • harrys_balzac@lemmy.dbzer0.com
      link
      fedilink
      arrow-up
      1
      ·
      14 days ago

      I’m using Mullvad on a cheap T-Mobile phone and it never shuts down my VPN app, no matter what else is running.

      The only time it goes down is if it powers down completely. Then I have to start it manually after the phone powers on.