Comment by lorenzohess
9 hours ago
The purpose of a VPN does not include anonymizing users with respect to the sites they visit,so it shouldn't be too surprising that Mullvad doesn't enforce unique exit IPs. Users who want anonymity should use networks like Tor.
Why not? Why can’t it be the purpose of a given VPN service?
If you use the VPN for the Web, browser fingerprinting is a major threat outside of specialized scenarios
In other words: a VPN service can't by itself solve all problems which potentially lead to deanonymization, it can only provide anonymous networking.
Why can't it aim to solve what it can do? TOR is a great example: the TOR network itself can't perfectly anonymize you due to browser fingerprinting, but users of the TOR Browser get both the TOR network resisting deanonymization on a network level and a browser with plenty of anti-fingerprinting measures built in. A VPN could aim to prevent deanonymization on a network level so that users who want to stay anonymous can use the VPN in combination with fingerprinting-resistant software.
Isn't Tor a us government project that has been shown to be deanonymizable?
Sort of. There are a bunch of timing attacks bug in general it still works fairly well.
Also, a buch of conspiring entry-/exit-nodes will do the trick, if you have a budget for enough of them.
It has been successfully deanonymized, and resistance to NSA-level capabilities is explicitly not a stated goal.
Do you have a source for this?
1 reply →
and so is ARPANET
That is exactly the point of public VPNs..
If I'm on a public VPN, I don't want anyone to know who is making the request, including the terminating IP.
Think about it. By your logic, VPNs shouldn't be used for torrents because VPNs shouldn't anonymize you to the terminating IP. Whereas they work gangbusters for that.
If you are talking about private VPNs.. Mullvad isn't one.
Public VPNs only protect you from your ISP
And, arguably more importantly, from the service you're using.
I think you are misreading his comment. He is saying that on a VPN it is standard behavior that if you visit site A and site B they will both see you connecting from the same IP and can infer you are potentially the same person.
Site A and B have to collude in order to make that inference. Outside of Cloudflare, no one is colluding at that level.
2 replies →