VPN Provider's No-Logging Claims Tested In FBI Case

An anonymous reader writes from an article published on TorrentFreak: [A] criminal complaint details the FBI's suspicions that 25-year-old Preston McWaters had conveyed "false or misleading information regarding an explosive device." The FBI started digging and in February 2016 two search warrants against Twitter and Facebook required them to turn over information on several accounts. Both did and the criminal complaint makes it clear that the FBI believes that McWaters was behind the accounts and the threats. With McWaters apparently leaving incriminating evidence all over the place (including CCTV at Walmart where he allegedly purchased a pre-paid Tracfone after arriving in his own car), the FBI turned to IP address evidence available elsewhere. "During the course of the investigation, subpoenas and search warrants have been directed to various companies in an attempt to identify the internet protocol (IP) address from where the email messages are being sent," the complaint reads. "All the responses from [email provider] 1&1, Facebook, Twitter, and Tracfone have been traced by IP address back to a company named London Trust Media [doing business as] PrivateInternetAccess.com. A subpoena was sent to London Trust Media and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States," the FBI's complain reads. "However, London Trust did provide that they accept payment for their services through credit card with a vendor company of Stripe and/or Amazon. They also accept forms of payment online through PayPal, Bitpay, Bit Coin, Cash You, Ripple, Ok Pay, and Pay Garden."

While McWaters is yet to be found guilty, it's a sad fact that some people will use anonymizing services such as VPNs, pre-paid phones and anonymous email providers to harass others. And thankfully, as this case shows, they'll need to hide a lot more than their IP address to get away with that level of crime.

Re:+1 for PIA

[tlhIngan]

Just remember to cycle your connection periodically - at least once a day if not longer.

Even if a VPN provider doesn't log, if the authorities are fast enough, they can query who might be on a machine at a particular time and request that information be saved.

All VPN providers will "log" to that extent - they need to know you're logged in after all, so if you're logged into a machine for days at a time, they do have that information available while you're connected. By cycling your connection (disconnect then reconnect), you destroy any record that you were previously on and only have information when you were on now.

Also, don't be an idiot and use a machine as the only person on it. There are actually things called "real time DMCA" where they can deliver DMCA notices to users. But only if they can identify the user - so if you're the only person using a VPN server, makes life easy. Ditto if you use port-forwarding and such since while you're connected, that port is yours and can be accounted for.

The "no logging" part of any VPN means that the moment you disconnect, all trace of your activities as well as the fact you even logged in, are gone. But while you are connected, a temporary "log entry" is created for book-keeping and system upkeep purposes, and those "logs" can be subpoenaed. So cycling often (once a day or so) makes it harder to track you.

Re:To be fair, the Feds seemed to be pretty thorou

[RubberDogBone]

The FBI and other police are all well aware of course that serious bombers with actual plans and devices almost never make THREATS.

No, they act. They attack. They detonate their device and then later take credit for it, if at all. They do not phone ahead.

People who phone ahead are making empty threats or they are late for work or out sick and want to be away from their job for the day without penalty. There is a LOT of "hey I don't want to have THAT meeting with my boss today so I'll just phone in a bomb threat and then I won't have to deal with the boss!" bullshit.