Is it possible for my IP address to be used by other parties when I use a VPN? My friend says that someone who is computer smart can use it for illegal activities, so it´s traced back to me.
-
Please specify whether you're talking about VPN *services*, offered for free or for charge by various organizations, or VPN *tunnels*, which are the underlying mechanism by which they work and may be public, leased, or private. – iAdjunct Sep 25 '16 at 23:31
2 Answers
Even when you use a "VPN done right" which makes all activity originate from the external IP of the VPN provider, you might still trigger a false positive and get wrongly accused for what another VPN user did.
- VPN User A has an account on example.com. A is a perfect model citizen of the example.com community.
- Then VPN User B also creates an account on example.com, and proceeds to break every written and unwritten rule of the website.
- The admin of example.com intervenes. They check the IP of User B and see that A and B both have the same IP address. They therefor believe that A and B are the same person and both accounts get banned.
When the admin of the website notices that the IP is a VPN exit point and they are reasonable, they might revoke the ban for A. But they might not notice that unless contacted. That appeal process will still be inconvenient for A.
I've also seen websites which experienced increased abuse over VPNs and overreacted by assuming that nobody would use a VPN unless they have nefarious intentions (after all, if you have nothing to hide...) and decided to proactively ban all users who use VPNs.
-
Great answer! One question comes to mind though: how can you tell whether or not a person is connected through a VPN? Do websites maintain a list of known IP addresses for VPN providers? How would they keep that list updated? – Vinayak Sep 30 '16 at 11:05
-
@Vinayak not only are such lists maintained by various groups (most charge for an aggregation like service), it's not overly difficult for some site admins to _home brew_ their own via [`dig`](https://www.cyberciti.biz/faq/linux-unix-dig-command-examples-usage-syntax/) and [`whois`/`host`](https://www.cyberciti.biz/faq/linux-unix-command-to-find-who-owns-domainname/) command line tools. Though _difficulty_ being somewhat relative, and specific tools may vary; _`dig`-n-such_ just being some that are easily installed, and only part of a larger intrusion monitoring/prevention system. – S0AndS0 Apr 23 '19 at 19:26
If the whole VPN thing is done right, then there is no such risk for you.
However, there are "community powered" VPN providers that route other peoples traffic through your system, and one example is Hola:
Hola built a peer-to-peer overlay network for HTTP, which securely routes the sites you choose through other Hola users' devices and not through expensive servers.
You don't want to use a service that uses your bandwidth and potentially gets you in trouble.
Bottomline: If you want a VPN, pay for it. There is no such thing as free bandwidth.
- 3,158
- 1
- 15
- 20
-
by definition of done right I assume you mean that you don't share the VPN with others? – TheHidden Sep 25 '16 at 22:45
-
@silverpenguin I would consider setting up your own VPN server "done right". – Jason Sep 26 '16 at 14:25
-
As described, Hola sounds a lot like [Tor](https://en.wikipedia.org/wiki/Tor_(anonymity_network)). – user Sep 27 '16 at 14:30