I’m purposefully asking this in a simplistic way. My guess is that it’s not as simple as my question makes it to be.
A few specifics that I’m wondering:
Your network provider will only see that you are connecting to a vpn, but not which sites you are accessing.
If you use the same browser web pages will still be able to identify you through installed cookies.
To be safe from tracking you should also use incognito mode with your vpn and ideally not log into any site or open any site through non incognito web browser while beeing connected through your vpn.
You never “disappear” on the Internet because, well… you’re on the Internet. What you hope to accomplish with a VPN, however, should dictate how you use it.
Using a VPN creates an encrypted tunnel between you and the VPN service provider. Your ISP can see that you are connected to the VPN provider’s IP address and the bandwidth you are using to and from this address (through the tunnel), but cannot see anything else. The VPN provider still sees all your traffic to the Internet.
Your “public” IP address to the rest of the Internet now becomes the public IP provided by the VPN provider. This address likely will be provided through Network Address Translation (NAT), so your “public” IP will be shared with other VPN users.
As others have stated though, there are other ways that sites can track you, i.e. login accounts, cookies, browser fingerprinting, etc. So, if you’re using services and accounts tied to you personally, then you’ve lost any shred of anonymity. Who knows how much of this information about you is shared between sites and services.
So, if your objective is simply to hide your traffic from your ISP, when torrenting movies for example, then use the VPN as loosely you please. Your ISP can send warning letters about copyright violations only if they can see what you are doing. The VPN provider certainly won’t care and, if not keeping logs, cannot give you up to anyone requesting your identify.
If your objective is to be anonymous with no activity being traced to you personally, then you should be more guarded. How?
Your path to the Internet now is…
Anonymous VM (with freshly-installed OS) => Public Internet Access => Anonymous VPN => Anonymous browser and/or TOR browser => Internet
I am no security pro or hacker, but these steps should keep you relatively anonymous.
To be honest though, I doubt the above would protect you completely if some three-letter-agency is tracking you.
You will not be invisible. Your ISP can still identify you. They won’t be able to see what you are doing.
In VmWare Workstation, specifically. Digital forensics have a really tough time retrieving anything from vms in this mode, provided that you have logging disabled and run bleachbit with VM options enabled after each VM run and Shutdown. Don’t get me wrong, it’s not foolproof but it makes it MUCH harder for “them” to get anything useful. Typical VPN OpSec applies, though do not start ANY VM in bridged mode or otherwise until the host is first connected to VPN, THEN the guest is started and VPN is is another geographically disparate location, preferably offshore. Depends on your level of OpSec, I suppose. Million ways to skin a Cat, as they say but only takes one slip up to get your ass in big trouble if “they” really want you.
I believe the term in VB is, “Independent Non-Persistent Virtual Disk” or something of that nature. Feature for feature it’s close enough, including Virtual Disk Encryption. Mount an iso of Tails in a blank vm with hardly any virtual devices for really sensitive Ops.
You will never disappear unless you stop using the internet. The idea is to complicate your footprint.
VPNs are best used when surfing the net or accessing sensitive data on a public WiFi or a network with many unknown users. If you can check your banking info using your cellphone date then your golden. If you want the most secure connection to the internet use a cord not WiFi.
Remember there is no way of ever disappearing. If your surfing the net and move with efficiency then a VPN will make it harder for someone or algorithms to track you. However, most people don’t know that and surf with the same VPN host for days or weeks.
The best way to never be tracked - use a custom OS, mask the system with something like windows 10, remove all location services on your computer. Turn them super off long before surfing the net. Download TOR or similar products and use a onion server. Keep scripts to a minimum or not at all - finally only use this special computer for the job at hand. Because the more locked down your computer is the harder it will be for the mainstream websites to function well.
Finally, if you have managed to build that sleek super undercover computer, you are probably using internet services provide by your local cabe company? Well my friend, anyone with some basic to intermediate computer skills can figure out your location. And most likely you’ll be on some website that is a throwback to AOL from 98 and your hacked. You computer will serve it life as a mule covering somebody else activity. Which BtW is the most secure way for using the net.
Great summary. I have no reason to hide, but just like knowing how basic privacy works.
On the vm snapshot point, that’s not necessary. Just go into disk options and choose “non-persistent” disk type. This way, all changes are discarded at shutdown. And, encrypt the vmdk.
So when you actually connect to a VPN though what would the topology look like?
Because from what you said and what many basic discriptions on internet sites say it seems as though you are disconnecting from your ISP servers then connecting to the VPN?
This would cut out the middle man and allow you to just chew through data provided to you through the VPN then right?
Stupid question I know but from the research I’ve done it looks like that to me. What I really want to know is what part does the ISP play when connecting to a VPN.
In item #1 you say never, ever use a VPN from home, why is that? Thanks.
“Never use VPN from your home”
Never heard of such bullshit.. Ofcourse you can use it from home as well, you should ALWAYS the VPN, ALWAYS..
Any thoughts on virtual box?
Interesting, which hypervisor?
…it seems as though you are disconnecting from your ISP servers then connecting to the VPN?
You most certainly are still using your ISP, or some other ISP, for connecting to the VPN provider. The VPN “connection” is simply an encrypted tunnel that the ISP cannot see into.
This would cut out the middle man and allow you to just chew through data provided to you through the VPN then right?
No, the ISP is still in the middle, and you’re still using data, and that usage applies to any caps.