I know changing the country brings some implications when it comes to usung certain apps that use the geolocation service. What do u recommend?
Depends on the level of threat you have. If you use vpn and log in to facebook, they can still track you even when you use servers hosted on the Moon.
Consider that the vpn server location and it’s distance from your origin will impact speed.
Just pick a nearby server, from a nearby area or nearby country that gives you good speeds (use Speedtest.net for testing). The further away the server is geographically the worse speeds you’re going to get. If you use any streaming servers that block certain countries then you need to pick another location that isn’t blocked. Case-by-case and little of manual control.
Privacy-wise picking another city doesn’t make much difference - you are already sharing the same VPN server IP with hundreds/thousands of other users of the same VPN provider.
I pick the nearest POP (point of presence) to maximize speed,
Yeh thats the kind of shhh im scared of… sometimes i even wonder if it worths paying for this vpn service!
To stay anonymous, an anonymous VPN is important but you also need to prevent tracking through the browser. You can use one browser for logging into Facebook and Google, and whatever; and another browser for anonymous stuff. Different browser fingerprint.
You don’t need to change your country at all, it doesn’t matter. The site you are browsing still has no idea if you’re actually in that country, all they know is that your IP is. So probably just randomly select a server - sometimes a close server, sometimes one further away.
If you really want to segregate things, do your anonymous stuff in a virtual machine using bridged networking, so that the VM becomes its own device on your network, bypassing the host’s network stack. Tell the VM that you are located in a different country, just in case of a browser vulnerability. A VM isn’t that difficult to get going and will be great for security, but like the other guy said, depends on how cautious you want to be.
Much cheaper to just delete your Facebook account
It is not some black magic they do, but if you keep using your old accounts the websites you use will still know it is you because they keep track of the accounts’ IP history, regardless of the VPN locations you select.
The biggest misconception of VPN is that you if you just turn it on and keep it on 24/7 you’re suddenly safe. You’re not unless you quit using all of your previous accounts (of course that’s not always feasible, e.g. social media & IRL friends).
Please, VPN’s are a privacy tool and aren’t in any case a way to be anonymous on internet. Being anonymous is all about your habits.
The site you are browsing still has no idea if you’re actually in that country, all they know is that your IP is.
This is false. A browser is using a lot of information about your current machine. So for example if you are coming from Germany, your browser will return the value “de-DE” in the user-agent so website know that you are coming from a country that speak german. The only way to counter this is to set any browser in english (since it’s a global language) or to spoof it to that language. There is also the geo localization activated on most browser that will leak your current location.
If you really want to segregate things, do your anonymous stuff in a virtual machine using bridged networking, so that the VM becomes its own device on your network, bypassing the host’s network stack. Tell the VM that you are located in a different country, just in case of a browser vulnerability. A VM isn’t that difficult to get going and will be great for security, but like the other guy said, depends on how cautious you want to be.
Like I told you before VPN are not a tool for anonymity in the first place, if you want to be anonymous we need to trust the VPN provider that they don’t log anything first and you also need to use Multi-hop for your activity using the same first entry (server) each time you connect (like Tor is doing to protect from timing attack). Only using 1 server and changing it each time can be used against you in a timing attack since your IP will be logged by ISP on each server with precise timestamps.
Damn… Privacy and Security are hard man! I thought i was doing it all right using a VPN + Brave browser on all of my devices!
Thanks for the replies!
Yes, you can be tracked through the browser, and I said as much on my first line. VPNs can be a tool for anonymity, if the VPN provider has a proven no-logs policy. For example, PIA has a few cases with the FBI where they couldn’t identify the user. That’s anonymity.
They “can be” like you’re saying. You can be anonymous (for example) if you do something unique related to a server breach on the same server IP on the same day. FBI can’t know who did it since the server have maybe hundred of people connected to it and that sent requests at the same time. But, in a case where the user connect or do the same as above but with more IP, FBI here can know who did this, since only 1 user is doing this unique request and they can check with the ISP logs who was connected to those servers at each timestamps, after checking every logs, they will find out the IP of the attacker.
It’s also the same for a website login system, if you log in today at 1 pm and tomorrow you connect to the same website at 2 pm but with a new IP, they can know who you are with timing attack.
VPN’s are for privacy, not to be anonymous in the first place.
But, in a case where the user connect or do the same as above but with more IP, FBI here can know who did this, since only 1 user is doing this unique request and they can check with the ISP logs who was connected to those servers at each timestamps, after checking every logs, they will find out the IP of the attacker.
Your ISP may log which VPN servers you are connecting to, but how will the FBI get this info from them? They would have to know who you are, to then know your ISP, and they don’t know who you are because they have to go through your VPN provider, who doesn’t log your activities. They won’t even know which ISP to subpoena.
Yes, if you log into a website with multiple IPs, they may track your IPs, so you need to be aware of that. I think this is actually illegal under GDPR however.
But aren’t they the only people that can see your IP, and you’re anonymous to everyone else?
There is something you don’t understand with no log VPN’s. When they tell you they are not logging, they are talking about the server itself, not the traffic. Servers are in a datacenter and datacenter are using an ISP to be able to use internet. In most case, ISP or Datacenter log outgoing and ingoing traffic and keep them for a long time. So, when you connect to a VPN server, your personal IP ping the IP of the chosen server so the ISP know you are connected to this server (because each server have a unique IP) and know when you are requesting something (since they can’t know what you are doing with encryption), all they know is when you ping the server and what are the packet size. When FBI want to track an user, they have an IP and an ISP to ask logs from, VPN’s can’t protect anyone from this. GDPR don’t protect against illegal scenario and following IP is not a privacy concern since they can’t see the traffic itself.
Datacenter and ISP see your IP since they see it sending information to the server, they can’t know what the data is but they can see who contacted the server.
There are lots of avenues for logging. PIA, for example, has a proven no logging policy. It’s kept people safe so far. I would assume that what you are talking about is not an issue.
So the datacenter’s ISP knows you have connected to the datacenter, or maybe even to a specific server. I still don’t think this is going to prove anything, except possibly that you use a particular VPN.
But you’re anonymous to the public and the websites you’re visiting, right?
There are lots of avenues for logging. PIA, for example, has a proven no logging policy. It’s kept people safe so far. I would assume that what you are talking about is not an issue.
Not an issue ? It’s not an issue when there are a lot of users on a server that do request at the time as you, otherwise ISP know who did the request. Maybe you don’t know how internet work or something, ISP know you connect to a server because your IP is pinging their IP at each request you make (browsing web, download etc) it’s not replacing your current internet provider in any way. When you take this into consideration, imagine there are 100 people connected to the same server, let’s assume that you browse a page but only 10 people did a request at the same second like you, so only 10 people are concerned out of 100 originally, lot of people on a server doesn’t mean they are doing something at the same time.
So the datacenter’s ISP knows you have connected to the datacenter, or maybe even to a specific server. I still don’t think this is going to prove anything, except possibly that you use a particular VPN.
It can prove something, it can help identify a user based on what he’s doing. No log VPN only don’t keep what user do and who they are based on their account but it doesn’t hide how many time you pinged the server. Assume that your are hacking a website and you browsed the website 5 times at different time the same day. If the server hosting the website log each visit, they can then with timing attack know who did the request based on the ISP logs of the VPN server IP. Police take the logs and then compare at each timestamps who did a request at this exact second, they will get a lot of different IP but 1 will come a few times.