>Further, records from Pure VPN show that the same email
accounts Lin's gmail account and the teleportfx gmail account-were accessed from the same
WANSecurity IP address. Significantly, Pure VPN was able to determine that their service was
accessed by the same customer from two originating IP addresses: the RCN IP address from the
home Lin was living in at the time, and the software company where Lin was employed at the
Also, it seems Lin knew or suspected this at least, seeing as he doesn't believe in a VPN service that doesn't keep logs:
>For example, on June 15, 2017,
Lin ... re-tweeted a tweet from "IPVanish," that read: "Your privacy is our priority. That's why we have a strict zero log policy." Lin criticized the tweet, saying, "There is no such thing as VPN that doesn't keep logs. If they can limit your connections or track bandwidth usage, they keep logs."
This will be a useful .pdf to keep on hand because I also don't believe in VPN's that don't keep logs. At a minimum they'll keep 30 days worth and in many countries may actually be required by law to keep them longer than that even (60-90 days usually).
As an aside, it's good to see another example that the FBI does actually investigate cases of cyberharrasment and takes doxing seriously, contrary to popular opinion.
E: A few typo fixes and the last 4 words.
Instead, reading through the allegations, Lin came off as abominable. Contrary to your conclusion that this shows the FBI takes cyber harassment seriously, it seems like law enforcement generally allowed Lin to publicly subject this poor woman to psychological torture for a couple years before doing anything about it.
Provided the allegations are true, whatever sentence he gets will not be enough...
He has already been sentenced to 17.5 years in federal prison (and federal time has no parole).
Also, this is not going to be some "white collar resort" prison!
Anyway, it's worth noting how Lin's behavior was not just criminal to the point of outright sociopathy, but also - like most criminals' - incredibly lazy and complacent. That anyone knowledgeable in a CS-related field could target a vulnerable individual in such an extreme, sustained and long-lasting cyber-abuse campaign and expect to get away with it, is rather surprising to say the least.
As for why my intuition went that way, I suspect it's because, from the title, I felt like Lin was wronged by the VPN company which misled him, I generally distrust the FBI, deanonymizing VPN traffic seems troubling to me, "cyberharassment" sounds more like being mean to people online than the things Lin did and I don't think sending rude words to people should be criminal, and I suppose that I personally am more likely to be (falsely) accused of cyberharassment than I am to be victimized by it which probably results in implicitly identifying more with the attacker than the victim.
Maybe we should think about how we act online if we feel that there is a significant risk of being accused of cyberharassment, even if such conduct should not be illegal (and I suspect we also disagree on where the line ought to be drawn here).
In the context of criminal behavior I'd expect harassment to be a campaign of intentionally bothering someone and invading their space. I'd assume someone like Lin might be guilty of criminal harassment if he waited outside this girl's house and lewdly propositioned her every day, bothered her at work, etc.
I think we should have a higher bar for what constitutes cyberharassment because it's so much less invasive and threatening than physical harassment and so much easier to ignore. It's also possible that it's easier to inadvertently participate in cyberharassment when you can't see how the other person is reacting to you or feel how inappropriate the behavior is.
What Lin did in this case is far beyond any of what I described above. I think of his behavior as transcending what I'd describe as cyberharassment - in my earlier comment I called it psychological torture and I think that's far more apt than cyberharassment which seems too milquetoast a phrase for what happened here.
> FBI arrests PureVPN user with log data that was said to not exist (justice.gov)
Nothing about cyberstalking. I too figured it was going to be something stupid like piracy.
Kindly remove or correct your comment. Thanks.
While Lin is undoubtedly a terrible person, I still think 17.5 years in federal prison is rather excessive unless you've actually killed someone.
"the fact that VPN's track activity with logs."
>As an aside, it's good to see another example that the FBI does actually investigate cases of cyberharrasment and takes doxing seriously, contrary to popular opinion.
Seriously, all this over a roommate found on Craigslist. I did like the part where his victim repeatedly smashed his computer monitor with a hammer, though.
Ally countries usually have extradition treaties, and have a greater chance of sharing intel.
NSA has your international traffic logged and timestamped. If you're doing nefarious activity from a non-MLAT country's IP, and you're the only one connecting to it from the US, it's a simple matter of parallel construction for domestic law enforcement to pop you.
This is more just putting some circumstantial evidence together. Parallel construction refers to going out and getting evidence a second time, because you don’t want to reveal how you got it the first time. Usually because the first time it was collected was without a warrant, or collected from a sources or via a method you want to keep secret. So the evidence is reconstructed in parallel.
Couldn't that be countered by using two foreign IPs for your VPN, one for your inbound connection and another for your outbound traffic? It would make it more difficult to correlate your US IP with the outbound VPN traffic without extra information.
No offense or anything, but it sounds like you actually have very GOOD reasons for not trusting them.
We have something known as Secure Core VPN that offers additional protection if our Brazilian ISP starts monitoring our connection: https://protonvpn.com/support/secure-core-vpn/
All of what is claimed in the statement would be possible even if we assume no logs are stored for the VPN Server they run, which makes no guarantees about access to their HTTP properties.
It’s still an open question afaik
edit: I've worded this weird. I was typing on my phone at lunch stuff I'd just learned this morning which referenced this article saying running a log-less Wireguard might not be possible.
AirVPN in :
> "Wireguard, in its current state, not only is dangerous because it lacks basic features and is an experimental software, but it also weakens dangerously the anonymity layer."
and Perfect Privacy:
> "WireGuard has no dynamic address management, the client addresses are fixed. That means we would have to register every active device of our customers and assign the static IP addresses on each of our VPN servers. [...]"
Things may have changed, but it appears that running a log-less vpn provider is actually more complicated with Wireguard than at first glance. Namely the issues around DynamicIPs.
This is a really bizarre misunderstanding of the events.
Wireguard does not generate any log entries by default.
zx2c4 wrote a rootkit which makes it more difficult to retrieve connected users IPs from a running wireguard instance.
But the parent post is wrong, the defensive rootkit is not to prevent logging, it's to prevent extracting the configuration from the kernel. It effectively makes the WireGuard configuration write-only from the perspective of userspace. WireGuard does not do any access logging by default as far as I am aware.
Probably cos they investigated certain cases and found nothing, to the great dismay of certain people who wanted to be seen as victims and others who wanted to be seen defending them.
> While each of these incidents in isolation may appear relatively harmless, the cumulative effect of this behavior is both harassing and indicative of a significant attachment, disproportionate to the amount of time they spent together.
Specifically the first part "While each of these incidents in isolation may appear relatively harmless". I've had friends harassed online and when you try to explain to law enforcement it sounds petty or minor but I've seen first hand it weigh on my friends who have experienced it.
Services like TextNow and Pinger and amazing tools for someone looking to make someones life a living hell. I've still got screenshots of PAGES of new text messages (from different numbers) all from some asshole who has nothing better to do than harass people.
In my situation I had finally had enough and thew up a webpage explaining how to block ALL TextNow/Pinger numbers and calling out the individual in question (trust me this was done tastefully and with tact) then ran Ads on FB to raise awareness in my community. Turns out way more people that just my immediate friends had been affected by this toxic individual (I had a number of people reach out to me). I spent $40 on ads for 67 clicks, 1,465 reach, and 37,454 impressions. It was worth every penny. I'm not going to say this will work for you OR that it worked for me (the harassment stopped but, you know causation/correlation and all that) but I know I would do it again in a heartbeat.
It's important to note the police were next to useless for this entire saga. I'm not sure what percentage was apathy vs a lack of skills but yeah...
Last year I was desperate for extra work, and met a guy hiring programmers on Craigslist. I ran his name and found a website from a guy saying never do business with him, that he doctored financial documents and was a liar. It was kind-of a crazy site, so I met with the liar anyway, and he brought it up pretty quickly, saying it was an old neighbor and that he's crazy. I went to work for him, but he kept bringing it up, wondering how he could get the site taken down (queue me trying to explain slander and him saying "there's gotta be another way!"), until one day he was exploded with a "I could go over to his house and fucking kill him!".
I already had a new job lined up at that point, so I just left my key on the desk and never came back. I still wonder if I should email the guy that made the website just to let him know how much it gets under his enemy's skin.
If you do something illegal on a VPN connection and think the VPN providers have no logs/evidence, you'll be very surprised when the cops show up.
A VPN may slow a nation-state down a little, but it will certainly not stop them.
"You are Invisible – Even We Cannot See What You Do Online
We DO NOT keep any record of your browsing activities, connection logs, records of the VPN IPs assigned to you, your original IPs, your connection time, the history of your browsing, the sites you visited, your outgoing traffic, the content or data you accessed, or the DNS queries generated by you." 
> We Do Not monitor user activity nor do we keep any logs. We therefore have no record of your activities such as which software you used, which websites you visited, what content you downloaded, which apps you used, etc. after you connected to any of our servers. Our servers automatically record the time at which you connect to any of our servers. From here on forward, we do not keep any records of anything that could associate any specific activity to a specific user. The time when a successful connection is made with our servers is counted as a “connection” and the total bandwidth used during this connection is called “bandwidth”. Connection and bandwidth are kept in record to maintain the quality of our service. This helps us understand the flow of traffic to specific servers so we could optimize them better.
They appear to have made the policy (and presumably connection logging) change in June 2018. For reference, Lin pleaded guilty to charges related to the criminal complaint posted by OP in April 2018. I would imagine PureVPN's lawyers had advised them to wait until the case had ended before enacting the new policy.
But the rsyslog was delivering the logs to *.fbi.gov
And not retaining logs would still be correct. They said nothing about transporting them to the relevant feds.
Link/proof asserting Apache NiFi is one of the NSA data analytics tools: https://www.forbes.com/sites/adrianbridgwater/2015/07/21/nsa...
If you actually need a VPN, the last thing you want is for the service to create an opportunity, which wouldn't otherwise exist, for a malicious 3rd party to quietly obtain existing records of DNS queries, connections, and other traffic data.
By not storing the data in advance, the risk is reduced. A malicious actor would have to compromise the servers and either use one as a network tap to send the traffic somewhere else, or enable logging or other analytics locally.
Both are more likely to be detected than a one-time access or leak of data that was already stored.
The sad part is yes, it also enables bad people to do bad things without consequence, however, that is the bet that we make. That the bad people doing their bad shit, is a small price to pay to prevent bad people in power from doing very very bad shit
And when it comes to overthrowing corrupt ruling class, do people seriously believe anonymously complaining online is going to do anything?
How many of those 'anonymous americans' (who were concered about the emails, or spouting off about clinton having parkinsons, or bernie or busters, etc etc) were not americans, but non-americans or bots/sockpuppets created to amplify the signal of a vocal minority of americans or non-americans.
Because of platforms that are largely anonymous you can never know if an anonymous user is your next door neighbor or a bot tied to the marketing arm of some product you might be interested in or the agent of a foreign government.
An interesting concept might be a social network where all users are verified and their profile contains only general information about them, letting you know if their opinion matters or is misleading.
I’d say, overall, it’s been worth it so far.
so while the internet broadens their reach it doesn't always give them more anonymity, if anything their trail is easier to follow by more people, especially law enforcement. people just don't understand the depth of a trail they leave when using the net
There's another key difference that you are completely ignoring.
The return on effort invested with internet harassment is much better then the ROI with harassment in the physical world.
Sometimes, an improvement in ROI produces a categorically new thing. An automobile is just a horse buggy with a better ROI - yet, for some reason, neither society, nor the law treats them like it did horse buggies.
This Is Why We Can't Have Nice Things
This type of information couldn't be provided by VPN logs due to gmail using TLS encryption. If they gained physic access to a device that he was currently logged into, they just needed to look at the gmail account activity. Anyone can look at all the IP addresses they have accessed their gmail account from. They could have also just got a warrant.
> On April 14, 2017, at 15:06:27, the email address firstname.lastname@example.org, provided by "Ashley Plano" to Rover, was accessed from the same exact WANSecurity IP address, 184.108.40.206
This is more interesting. It doesn't seem likely they caught him logged into this account, or that would be all the evidence they needed. I suspect they issued a warrant to Google for this account and got a list of IP addresses back. I can't imagine that the VPN provider allocated a unique IP addresses for each subscriber. This seems like a really weak correlation unless they are leaving out some important information.
This article is two years old. Current status, from US Bureau of Prisons Inmate Locator:
RYAN S LIN
Register Number: 00578-138
Located at: Brooklyn MDC
Release Date: 01/02/2033
Let's do a very quick experiment where we evaluate a few popular VPN services at a glance, and critique them using non-technical insights which can generally be applied to any business trying to sell you a product. In other words, there's no excuse for not being able to develop these insights just because you aren't a "tech person".
Googling PureVPN provides the following summary:
"The best VPN service in 2018. PureVPN leads the industry with its massive network of more than 2000 encrypted VPN servers, around 300000 anonymous IPs..."
PureVPN only has a 150 character limit to describe their business, and they use it for:
1) Overzealous claims about being "the best" and the "industry leader"
2) Throwing out large numbers which they hope the user will correlate to excellence as a VPN service. The clueless user will think, "the more the better, right?"
Nord VPN's summary:
"Protect your privacy online and access media content with no regional restrictions. Strong encryption and no-log policy with 5000+ servers in 60+ countries..."
1) No regional restrictions? That's a given for any decent VPN. Useless noise meant to paint the product in a better light.
2) They claim strong encryption, but again, that's a GIVEN for any decent service. More deception.
3) They immediately try to sucker people in with the "no logs" bullshit
4) More stupid large numbers.
See a trend?
Now look at Mullvad VPN's summary:
"Mullvad is a VPN service that helps keep your online activity, identity, and location private. Only €5/month - We accept Bitcoin, cash, bank wire, credit card..."
Wow! No claims about being the best, no claims about anything. It "helps" keep your data private. No claims about 100% privacy. Then they list the price and payment methods. Informative and non-deceptive.
I don't see how this is deceptive whatsoever? It states known facts about the VPN while also giving a basic outline on their policies. I'm inclined to believe that Nord doesn't keep logs (as of Nov. 1 of 2018) due to their audit by an external company. The report is available: https://ucp.nordvpn.com/audit-report/
I'm not saying that Nord is 100% safe, as others mentioned in this thread, it is completely possible that any "no-logs" VPN provider may store logs somewhere else or an organization may store their data. It allows a provider to claim they keep no logs, which also technically being truthful. I'm intrigued by Nord's stance to this (as their audit has no mention of it at a quick glance) and I will email their support about this.
Not only that, regional restrictions may apply to services such as Netflix, which have been battling VPNs for years now. Most VPN providers don't work with many of these services, and due to the fact Nord does, I'd claim that as a good advertising standpoint. Never tried "Mullvad", but I doubt they can bypass restrictions of these same sites.
Now onto Mullvad...
The reason they can't claim to be the best, in any field for that matter, is because they aren't. Isn't keeping your data private "a GIVEN for any decent service" (to quote your own words...)? I'm also worried about that price, are the potential legal fees Mullvad may pay to keep your privacy safe worth the 5 pounds a month you pay? Same with any VPN for that matter - the cheaper it is, the less likely it is safe.
And I was briefly dissecting the Google summaries of these services, but I have read much, much more than that for every major VPN provider before settling with Mullvad.
I recommend Mullvad and if you took more than a cursory glance at their blog and documentation then you would get an understanding of what kind of service they want to be. They strive for top-notch security and service.
Nord also seems like a decent choice, even if they are not for me. For me, a company's ethos is extremely important and comes first. However, Nord still has the standard scummy sales tactics employed by so many companies, as you can see from their summary.
Dropbox's value is derived from it's ability to make something like rsync more human for non-tech folks.