How viable is government  to access a user VPN history without user notice

jana
jana used Ask the Experts™
on
Hi Experts, my colleagues alleges that VPN are totally untraceable.  Yet I tell them that even though one is not traced via the use of a VPN, government can request of the users VPN provider a history of sites visited.  And if the VPN is free, it's even more viable for government access their activity logs (some stuff I learn with u guys!).  So what is the experts take on this? and How viable is my colleagues statements?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Principal Software Engineer
Commented:
I would not trust any VPN to protect my privacy.

The widely-touted Tor, it turns out, is funded by the U.S. government and has many exit nodes run by governments.  It's pretty clear they are not doing this out of a good-hearted obligation to protect the privacy of their citizens.

https://en.wikipedia.org/wiki/Tor_(anonymity_network)

"The project was originally developed on behalf of the U.S. intelligence community and continues to receive U.S. government funding, and has been criticized as "more resembl[ing] a spook project than a tool designed by a culture that values accountability or transparency". As of 2012, 80% of The Tor Project's $2M annual budget came from the United States government ..."

The same thing is probably going on with VPNs, and not even a legitimate VPN will ever disclose that they were forced to hand over records to a government agency.  Why not?  Because the very existence of such a warrant is secret.

https://www.zdnet.com/article/a-vpn-will-not-save-you-from-government-surveillance/

a) How can a VPN provider sell high-speed VPN service for $5 a month unless there's funding coming in from somewhere else?  And if the service is free, a big red flag should start waving immediately.

b) What better way to tap into people's communications who may have something to hide? Offer them a means to shield it, and then subvert the "shield."

But the fact is, governments really don't need to subvert Tor or run bogus VPNs; they're already tapping everything on the internet, and traffic analysis easily shows that this connection coming out of a VPN exit node is actually starting at your IP address.

https://en.wikipedia.org/wiki/Room_641A
Depends.

A VPN provider who is overseas is outside of the jurisdiction of the Australian Government. If they make a point of saying that they do not log connection times and IP addresses, then they possibly don't.

Author

Commented:
What about the local ISP, if one is using their service and install a VPN, can they traced the sites visited since it's their infrastructure one is using?
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

No, assuming all is set up correctly, your ISP will just see encrypted traffic passing through to the VPN provider. They could infer that a VPN is in use, but could not decode the contents.

Author

Commented:
Ok

So is it safe to say that government, with the appropriate authorization, can access the users VPN history via the VPN provider?
Dr. KlahnPrincipal Software Engineer
Commented:
Unless all DNS queries go out on the VPN and are robustly encrypted, the ISP knows exactly where you are going.  Firefox in particular is a DNS blabbermouth and downloads pages "speculatively", which means DNS queries for all links on any page you look at.

Note:  The very common 8.8.8.8 server is under the control of goofle, which just can't do enough to please the U.S. government.  Four Ones (1.1.1.1) or openDNS (208.67.220.220, 208.67.222.222) are better choices for privacy.
Dr. KlahnPrincipal Software Engineer
Commented:
So is it safe to say that government, with the appropriate authorization, can access the users VPN history via the VPN provider?

I think it's safe to say that with enough money, and governments have "enough" money, everything is for sale.

Author

Commented:
Thank u Dr. Klahn for the information.  You raised some good points made me think.

What do you mean by “Unless all DNS queries go out on the VPN” and “robustly encrypted” and “Firefox in particular is a DNS blabbermouth”?  In other words, take some of the popular VPN in the market right now like Private Internet Access, ExpressVPN, NordVPN, etc., do you mean that these VPN products can send DNS info not from its own VPN, not be encrypted and Firefox not respect that a VPN is installed so transmit the DNS info? (a bit confused – I thought that any of these popular VPN would have set these security measured in place in their product).

Author

Commented:
Thank u guys! If u can answer the last part of this question, would be great!
Dr. KlahnPrincipal Software Engineer
Commented:
If DNS queries are resolved through the serving ISP's DHCP-recommended DNS instead of through the VPN, then anyone at the ISP can eavesdrop on your DNS queries and have a pretty good idea of where you're going.

Switching to a manually set DNS provider such as Four Ones mitigates this problem a little, but anyone with access to the ISP's routers can still figure out where you're going by watching DNS request packets.

Firefox has a behavior called speculative downloading.  Unless it is disabled (it is enabled by default), whenever you bring up a new web page Firefox goes out and pre-downloads every link it finds on that page.  This means that anyone eavesdropping on your DNS traffic knows exactly what sites are linked from the page you are currently on, and from that it is possible to make a good guess at what page you are visiging.

Author

Commented:
Thank u very much!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial