I’m gonna sounds so stupid here but my understanding of vpns (let’s say nordVPN) is that you make a request to say reddit and nord encrypts your data locally and then sends it to one of its many hosts, decrypts the data, and then forwards that request to reddit. So once the data has left your machine any stops it makes along the way from your machine to the vpn can’t see what the data is. Not to mention that the end website sees nord as the requester not you. Thus hiding the origin.
However my boyfriend is a network engineer and he said that the packets of data themselves will contain information like your IP address and the destination site can easily still see who you are if they want to take the time to do this.
If that’s the case then why are sites like nord even popular? It would seem to defeat the whole purpose if our info is baked directly into the packets.
When you are using a VPN-service that will masquerade your real IP address by replacing the source ip part of the packets with itself. That is also called source nat (network address translation).
However there are ways for the site to detect if its plausible that the vpn exit node who sits in say USA actually have the client behind at the same location or if the client is elsewhere lets say in Europe.
Through http headers and javascripts cookies can be set so if you use the same browser without clearing cookies in between you might give out your old identity to the visiting site.
Other methods is to locate local time of the browser as in which time zone it uses.
Yet another is to profile your browser and combine a large sets of metrics to find out if its plausible if you are the client that previously visited the same site. Like combination of available fonts, screen resolution, operating system, browser version etc etc etc.
Or by just measuring how long time certain requests will take. Lets say if the VPN exit node in USA sits close to the visiting webserver (10ms or so) but when the webserver sends a script to the webbrowser it takes more than 300ms for it to reply its safe to say that the client isnt located where the VPN exit node is located.
Other than that the IP addresses used by the VPN exit node can be registered on lets say NordVPN so by a whois or reverse dns lookup one can find out that the visit comes from a VPN customer and there likely that the true client is located elsewhere.
On top of this you also have dns cache leaks specially if you use the same computer without the VPN service every now and then.
I’m also a netsec engineer. Your boyfriend is wrong.
Some info on digital fingerprinting and you can test this aswell on this site:
Top notch information right here…
Great response my only addition would be that if you really want to stay completely private that it’s pretty difficult to do as soon as you are logging into services. If you are logged into your google account on chrome and surfing the web it’s pretty easy for services to identify you.l despite the vpn. There are use cases for VPNs but the privacy gains are not as simple as they are advertised.
Tails box on an empty laptop, connecting via Internet Café. Using Tor and maybe even a VPN, paid with crypto. Not perfect for illegal stuff but enough so that a normal site won’t track you ever. They are concentrated on mass data, not on catching every individual.