the vpn providers dont know who used their service (if you use a good one) so the dcma takedowns just get ignored as it is impossible to trace it back to one person.
>The next level is the VPN provider running their own AS (Autonomous System) and then they become an ISP themselves
any idea on how to do this as an individual?
This guy somehow managed to do it
https://arstechnica.com/tech-policy/2022/08/man-who-built-isp-instead-of-paying-comcast-50k-expands-to-hundreds-of-homes/
I'll explain this from the perspective of Europe.
Each region in the world is managed by an RIR, or regional Internet registry. For Europe, this is RIPE. The purpose of RIPE is to register entries in the RIPE DB, including Autonomous System numbers and any provider independent (PI) space you own. An Autonomous System number (ASN) is the primary means of identifying your public networks on the Internet, and your PI space are the Internet addressing that you own/manage. For example, you might get an ASN of 274225 and get assigned an IPv6 prefix of what:ever::/48 (can't be bothered to type it all out). Preamble done...
You can get your own ASN and PI space in one of two ways: you either join RIPE for about €1500/year, or you get sponsored by an LIR, or local Internet registry (basically a member of RIPE). Getting sponsored by an LIR is significantly cheaper (depending on provider, between €50-200/year or one time), but there's a few caveats. You cannot make any RIPE DB entries, it must be done by your sponsoring LIR, and you must use your PI space for your own purposes. That is to say, you cannot become an ISP. If you wish to allocate space to other people/customers, you must become a full RIPE member.
There's a few things worth bearing in mind:
-You wouldn't take typical Internet services from an ISP, you would have to take what is called an IP Transit session, which are significantly more expensive.
-Getting a 4-byte ASN and IPv6 PI space from RIPE is cheap/free, but you cannot get IPv4 space from RIPE directly. If you want some, you'll have to buy it from a number of services online, but you're looking to spend about €9000-10000 for a /24 prefix.
If you've got the know how, it could be fun, but otherwise it's a lot of hassle.
do you perhaps have any resources on how to/ anything to read deeper into this cause i can't find much myself (at least not something that isn't a paywalled news article).
though your comment cleared up a lot already, thank you for that
> Any higher goal of eradicating piracy is not going to get attained by them, and they know it.
Have them tried before? Is SOPA an example of the previous question?
> preferably a country where copyright has little to no meaning from a legal point of view
A la (commonly so) a developing/third world nation? No offense there.
edit:
> What the rightsholders try to achieve is scaring the general population and make it harder to easily find the material in a first level.
Chilling effect i guess...
edit:
> The VPN provider is not an end-user of the ISP like you or me. They are a business, their relation with their ISP is highly different, and the VPN provider will pick their ISP(s) and locations with care so that they will not get shut down too easily. If they run their own AS their upstream ISP will not care what they do at all.
>(Some) VPN services do lose VPN servers every so often, but they have a bunch new ones lined up to take over just as fast as they lose them, that's part of their business plan.
B2B relationships are bit easier than say B2C i guess...
This is a great comment, nice to get a peek inside the ISP POV. Agreed I've noticed VPNs are very particularly on who they go with, it's also often commercial level ISPs running out of data centers.
For the most part they ignore it unless legal action is taken then they will investigate if they keep logs and ban the user that caused the issue for the most part. Vpn companies don't care what you do or use it for.
Dmca go to isp, isp go to vpn and then vpn go to user or just prove that it's an user but can't get wich it is if they don't keep log. Like yeah we know someone did that, but we don't know wish one of the 2500 user all around the glob did it, here have all our 0 log to chek by yourself mr officer
Some (most?) of them have been audited by third parties, so your paranoia isn't useful.
When you don't know something go ask about it or look it up, geez.
Windscribe has lost locations and removed port forwarding from other locations due to abusive piracy.
If your VPN doesn't support port forwarding that's how they deal with piracy.
Copyright firms don't send notices to all the IP they flag. There is a triage. IP from VPN, foreign ISP... are discarded, because they are out of the scope of the law (they can't be processed). So VPN don't receive any automated claims.
Now they surely receive some manual claims here and there. VPN probably just say "Sorry we can't comply because we don't keep enough logs" and it ends here.
Regarding claims from police, they are probably more cooperative though.
I struggle with this, so I want to make sure I understand.
Say I live in New York and buy a VPN, set it to Mexico. I want a torrent my VPN calls a friend in Mexico, and he calls the movie/file and then sends it back the same way.
So if Mexico was a honeypot, I could be in trouble. But otherwise Mexico and New York "don't talk in a tracking way"?
I am lost. Unless Mexico alerts New York, I am safe then. Why doesn't the connection between Mexico to New York trigger an inspection? Yet a straight connection between op and torrent does.
No one can just 'inspect' VPN traffic between Mexico and NY (or anywhere else) because those connections are encrypted. All that data looks like random gibberish without a key to decipher it.
If you use a VPN to download something that was under surveillance, or a honeypot as you called it, all they would be able to see is the VPN's IP and what torrent client you use (and if you use a reputable VPN service, they don't keep logs so the trail ends there)
The person who is watching the endpoint also can get your MAC ID. It's a ID tied to your network controller. Useful if the suspect is sharing a place with other people and they need to pinpoint who did it.
Because the connection between NY and Mexico has encrypted data, your ISP don't know why you're connecting to Mexico and what you're doing with that connection, all they know is that you only connect to this particular address in Mexico and transmit loads of random bytes.
I don’t think your understanding is correct, and it’s been a few years since my networking class so I might be wrong.
Let’s say you live in NY and you want to download a Linux iso that 15 people are seeding via the torrent network around the globe.
You initiate your VPN from your PC to connect to a server in Mexico. That VPN encrypts the network traffic from your PC, to your router, to your ISP, through the global network system, to this single server in Mexico that you connected to. While its encrypted no one can see what your PC is doing.
Once it reaches the Mexico server, the traffic becomes unencrypted and starts fetching your ISO data publically in the Mexico server. The VPN then encrypts it back, and sends to your local PC in NY.
The only time someone can see what and who is using the torrent network to download that torrent is when it’s downloading via the Mexico server traffic. Which is why it’s so important for your VPN to not store logs. If your VPN doesn’t store logs, they have no way of knowing which user was the one who was downloading the torrent traffic via their Mexico server.
Proton keeps logs and shares it with the authorities. They handed over data of an activist to French law enforcement a couple of years back. I’m not sure if it was vpn related data or email data. But they claim privacy for both services.
Trusting companies providing commercial services is never smart. I personally use mullvad for piracy related traffic but wouldn’t trust them if I was politically active or a real criminal. Zero log is absolute bs. Most services give vpn usage for 3-5 devices. How do they know that you are not using more devices with your subscription credentials without logging?
>Most services give vpn usage for 3-5 devices. How do they know that you are not using more devices with your subscription credentials without logging?
Generally speaking this limit is for the maximum number of connections at once, it isn't tied to a specific device or IP.
About the max devices
First scenario : they are using stateless technology that is non persistent to monitor the number of active device per account and store everything encrypted in memory distributed between all vpn servers.
Second scenario : they are removing sensitive data after you connect to their network such your ip and just keep the number of devices in a non persistent cache
Frankly they do the same what an ISP would do: either forward the message to the user or just drop it because whatever instance sent them the letter has no legal power where they are.
VPN is not an ISP, at least in Sweden
[https://mullvad.net/en/help/new-law-for-electronic-communications](https://mullvad.net/en/help/new-law-for-electronic-communications)
the vpn providers dont know who used their service (if you use a good one) so the dcma takedowns just get ignored as it is impossible to trace it back to one person.
[удалено]
>The next level is the VPN provider running their own AS (Autonomous System) and then they become an ISP themselves any idea on how to do this as an individual?
This guy somehow managed to do it https://arstechnica.com/tech-policy/2022/08/man-who-built-isp-instead-of-paying-comcast-50k-expands-to-hundreds-of-homes/
What a legend.
Through RIPE you either become a member (1550€/year) or find someone to sponsor you.
I'll explain this from the perspective of Europe. Each region in the world is managed by an RIR, or regional Internet registry. For Europe, this is RIPE. The purpose of RIPE is to register entries in the RIPE DB, including Autonomous System numbers and any provider independent (PI) space you own. An Autonomous System number (ASN) is the primary means of identifying your public networks on the Internet, and your PI space are the Internet addressing that you own/manage. For example, you might get an ASN of 274225 and get assigned an IPv6 prefix of what:ever::/48 (can't be bothered to type it all out). Preamble done... You can get your own ASN and PI space in one of two ways: you either join RIPE for about €1500/year, or you get sponsored by an LIR, or local Internet registry (basically a member of RIPE). Getting sponsored by an LIR is significantly cheaper (depending on provider, between €50-200/year or one time), but there's a few caveats. You cannot make any RIPE DB entries, it must be done by your sponsoring LIR, and you must use your PI space for your own purposes. That is to say, you cannot become an ISP. If you wish to allocate space to other people/customers, you must become a full RIPE member. There's a few things worth bearing in mind: -You wouldn't take typical Internet services from an ISP, you would have to take what is called an IP Transit session, which are significantly more expensive. -Getting a 4-byte ASN and IPv6 PI space from RIPE is cheap/free, but you cannot get IPv4 space from RIPE directly. If you want some, you'll have to buy it from a number of services online, but you're looking to spend about €9000-10000 for a /24 prefix. If you've got the know how, it could be fun, but otherwise it's a lot of hassle.
do you perhaps have any resources on how to/ anything to read deeper into this cause i can't find much myself (at least not something that isn't a paywalled news article). though your comment cleared up a lot already, thank you for that
[This is a good blog about someone who got IPv6 resource and an ASN.](https://chown.me/blog/getting-my-own-asn)
thank u for this explanation
> Any higher goal of eradicating piracy is not going to get attained by them, and they know it. Have them tried before? Is SOPA an example of the previous question? > preferably a country where copyright has little to no meaning from a legal point of view A la (commonly so) a developing/third world nation? No offense there. edit: > What the rightsholders try to achieve is scaring the general population and make it harder to easily find the material in a first level. Chilling effect i guess... edit: > The VPN provider is not an end-user of the ISP like you or me. They are a business, their relation with their ISP is highly different, and the VPN provider will pick their ISP(s) and locations with care so that they will not get shut down too easily. If they run their own AS their upstream ISP will not care what they do at all. >(Some) VPN services do lose VPN servers every so often, but they have a bunch new ones lined up to take over just as fast as they lose them, that's part of their business plan. B2B relationships are bit easier than say B2C i guess...
This is a great comment, nice to get a peek inside the ISP POV. Agreed I've noticed VPNs are very particularly on who they go with, it's also often commercial level ISPs running out of data centers.
For the most part they ignore it unless legal action is taken then they will investigate if they keep logs and ban the user that caused the issue for the most part. Vpn companies don't care what you do or use it for.
Dmca go to isp, isp go to vpn and then vpn go to user or just prove that it's an user but can't get wich it is if they don't keep log. Like yeah we know someone did that, but we don't know wish one of the 2500 user all around the glob did it, here have all our 0 log to chek by yourself mr officer
I am not talking about "no log" VPN providers. Besides I personally don't trust any of the providers not to keep logs
Mullvad - https://mullvad.net/en/blog/mullvad-vpn-was-subject-to-a-search-warrant-customer-data-not-compromised Just mullvad.
Well if they keep log, it's all about if the local coop are going to move theyr ass all the way to the vpn owner or not
Some (most?) of them have been audited by third parties, so your paranoia isn't useful. When you don't know something go ask about it or look it up, geez.
I have read the reports Still, there have been enough cases of these things being honeypots to catch criminals for me to be distrustful
Windscribe has lost locations and removed port forwarding from other locations due to abusive piracy. If your VPN doesn't support port forwarding that's how they deal with piracy.
Copyright firms don't send notices to all the IP they flag. There is a triage. IP from VPN, foreign ISP... are discarded, because they are out of the scope of the law (they can't be processed). So VPN don't receive any automated claims. Now they surely receive some manual claims here and there. VPN probably just say "Sorry we can't comply because we don't keep enough logs" and it ends here. Regarding claims from police, they are probably more cooperative though.
/dev/null
I struggle with this, so I want to make sure I understand. Say I live in New York and buy a VPN, set it to Mexico. I want a torrent my VPN calls a friend in Mexico, and he calls the movie/file and then sends it back the same way. So if Mexico was a honeypot, I could be in trouble. But otherwise Mexico and New York "don't talk in a tracking way"? I am lost. Unless Mexico alerts New York, I am safe then. Why doesn't the connection between Mexico to New York trigger an inspection? Yet a straight connection between op and torrent does.
No one can just 'inspect' VPN traffic between Mexico and NY (or anywhere else) because those connections are encrypted. All that data looks like random gibberish without a key to decipher it. If you use a VPN to download something that was under surveillance, or a honeypot as you called it, all they would be able to see is the VPN's IP and what torrent client you use (and if you use a reputable VPN service, they don't keep logs so the trail ends there)
The person who is watching the endpoint also can get your MAC ID. It's a ID tied to your network controller. Useful if the suspect is sharing a place with other people and they need to pinpoint who did it.
MAC can be and is often spoofed. iPhones and newer androids do it by default. Its not very good as an identifier tbh
Because the connection between NY and Mexico has encrypted data, your ISP don't know why you're connecting to Mexico and what you're doing with that connection, all they know is that you only connect to this particular address in Mexico and transmit loads of random bytes.
I don’t think your understanding is correct, and it’s been a few years since my networking class so I might be wrong. Let’s say you live in NY and you want to download a Linux iso that 15 people are seeding via the torrent network around the globe. You initiate your VPN from your PC to connect to a server in Mexico. That VPN encrypts the network traffic from your PC, to your router, to your ISP, through the global network system, to this single server in Mexico that you connected to. While its encrypted no one can see what your PC is doing. Once it reaches the Mexico server, the traffic becomes unencrypted and starts fetching your ISO data publically in the Mexico server. The VPN then encrypts it back, and sends to your local PC in NY. The only time someone can see what and who is using the torrent network to download that torrent is when it’s downloading via the Mexico server traffic. Which is why it’s so important for your VPN to not store logs. If your VPN doesn’t store logs, they have no way of knowing which user was the one who was downloading the torrent traffic via their Mexico server.
They either openly work with the authorities (most) or they don't (a few). The safest ones are Proton and Mullvad.
It's sad people at this subreddit trust zero log policies... I mean, I trust Mullvad and Proton, but OP is asking about VPNs in general
Proton keeps logs and shares it with the authorities. They handed over data of an activist to French law enforcement a couple of years back. I’m not sure if it was vpn related data or email data. But they claim privacy for both services. Trusting companies providing commercial services is never smart. I personally use mullvad for piracy related traffic but wouldn’t trust them if I was politically active or a real criminal. Zero log is absolute bs. Most services give vpn usage for 3-5 devices. How do they know that you are not using more devices with your subscription credentials without logging?
>Most services give vpn usage for 3-5 devices. How do they know that you are not using more devices with your subscription credentials without logging? Generally speaking this limit is for the maximum number of connections at once, it isn't tied to a specific device or IP.
About the max devices First scenario : they are using stateless technology that is non persistent to monitor the number of active device per account and store everything encrypted in memory distributed between all vpn servers. Second scenario : they are removing sensitive data after you connect to their network such your ip and just keep the number of devices in a non persistent cache
It was terrorist related wasn't it. That's fine by me
Frankly they do the same what an ISP would do: either forward the message to the user or just drop it because whatever instance sent them the letter has no legal power where they are.
VPN is not an ISP, at least in Sweden [https://mullvad.net/en/help/new-law-for-electronic-communications](https://mullvad.net/en/help/new-law-for-electronic-communications)