5Nis
VPN Shared IP and wrongful attribution of traffic correlation of the encrypted packets by Feds/LEA
- I use Pia, arguably one of the most popular paid VPN's on the market today. Imagine this HYPOTHETICAL scenario.
- I stay on the East coast, and i use my virtual IP location as the VPN's Datacenter in New York.
- My external virtual IP from where i go out onto the internet, is a "shared ip" meaning, the same Pia IP address is used by atleast 100 other VPN customers to send out requests along with me.
- Suppose out of the 100 connected VPN customers,there are 20 users using the latest Chrome browser, and all 20 are logged into their respective gmail accounts.
- One of the users WHO IS NOT LOGGED INTO GOOGLE, searches for something illegal, illegal enough to BE FLAGGED by google's A.I., and it automatically sends this tip forward to the LEA or multiple 3 letter agencies.
- The LEA gets back to google, says we need to know the IP address of who searched for this term/combination of words, and give us information IF SOMEONE WAS LOGGED INTO YOUR SERVICE, while this flagged search term was entered into your search engine.
- Google complies, but the google team is also suspicious and apprehensive, because they realize that there are 20 other users who have the SAME IP when they logged in. So, after some deliberation of whether to forward the requested info or hold back because they are unsure/of the request from LEA is too broad, they decide let LEA handle the attribution, we will just give them all we have and exit the situation.
- Now, LEA thinks, "its one of these 20guys/girls who has searched for this information, lets try to narrow down by going after these accounts one by one. A very hard task indeed. HOWEVER, THE PROBLEM IS, THE USER WHO SEARCHED FOR THE FLAGGED INFO, IS NOT LOGGED INTO ANY SOCIAL MEDIA OR ANY PERSONAL ACCOUNT.
- So, what if LEA does some parallel construction and frames the wrong innocent guy? Could this be possible, that just using a VPN, if some idiot user decides to threaten someone or kidnap someone or email in a bomb threat, then all the 99 other users will be under scrutiny?
