It is my understanding that many ISPs and backbone providers sell or otherwise disclose full detailed packet metadata, including precision timestamps, and that there are companies that aggregate this data across the entire Internet.
At which point your VPN becomes just another hop in the trace.
VPNs, no matter how secure they themselves are, are effective for accessing lightly geo-locked content and defeating unsophisticated analytics and tracking. They are really not a serious privacy solution in any sense, unfortunately.
I don't understand this area well enough, I think. Doesn't a VPN encrypt the routing information that tells the packet where to ultimately end up? I.e. my ISP can see the traffic going to the VPN, but can't look inside it, and can't see where it goes from there?
Correct, but the destination ISP chain (and of course the destination service itself) can equally see the traffic coming from the VPN, and if you have packet metadata (precise timing and packet sizes) from two sources on either side of the VPN, it is trivial to correlate those two streams.
Note that Mullvad's WireGuard settings offer a "multihop" feature, meaning the VPN destination your ISP sees and the VPN endpoint the end service sees differ.
I'm not sure how that protects you though. ISP sees your traffic going into WG1. They know all of Mulvad's IPs, so isn't it just as easy to correlate that traffic when you exit through WG2?
Assuming the ISP monitors the entire network graph (your computer, the VPN server's activity, and the end service's server), you wouldn't. At that point, it's game over unless you're using mixnets or something.
If they merely monitor your computer and the end service, the correlation weakens a little with plausible deniability.
The real win is when the ISP adversary is monitoring your computer and the WG servers and NOT the end service. In that case, say they see you go to WG1, and then they see WG1 going to an end service. This is also correlation, and pretty undeniable. But say they see you go to WG1, then they see WG1 go to WG2, and they have no visibility of WG2's traffic. Then the tracking's broken; the footprints run off into the surf.
So multiple hops buy you defense in depth assuming it eventually gets you outside your adversary's monitoring range.
> VPNs, no matter how secure they themselves are, are effective for accessing lightly geo-locked content and defeating unsophisticated analytics and tracking
Circling back to this statement: aren't they also useful on public Wifi?
the reason the uk wants an encryption backdoor is because it's expensive to do statistical analysis of encrypted traffic. there's ways to make it more difficult, but if you own the certificate that a tls endpoint uses you can just open it and reencrypt it for the destination. this is called break and inspect. if a vpn uses different certificates and is built well, there would have to be a flaw (spyware, vulnerability, etc) on one of the endpoints for anyone other than you and the vpn to read the encrypted data.
Why would they even do so ?
Large ISPs are public, so this activity would appear as extra revenue (if they sell traffic data) in their financial reports and annual reports.
The most likely is that ISPs are just respecting the local laws, and doing the minimum retention as required by the law (because more data storage = more costs),
and that their actual fear is that someone leaks this data and causes reputation damage, so they'd avoid storing anything if they can.
ISPs are also in the business of analytics [1, 2], and a significant percentage of customers hiding their traffic reduces the value of their analytic products.
This view is extremely western, not all ISPs are obligated to show "financial reports", and "shady analytics" does not imply a user's complete network traffic record into perpetuity. And even if your arguments were valid, this is not limited to the ISPs financial gain, but surveillance which occurs in every country.
(A) there is no singular market. Each city, job, bidding process, and work crew is subject to their own specific market forces and expecting all to behave in an idealized way is silly.
(B) Your assumptions about what happens in a healthy free market are incorrect.
You act as if this is a brave new experiment in deregulation but this is how it already is in many places. Dozens of workers have died from heat stroke in the past few years in Texas while working construction and many cities do not have water break rules (its just those to chose to enact them that are having those laws overturned). It is widely believed that the actual amount of people who die is much higher but due to the insurance reasons you mention those deaths are often categorized as not being related to worker mistreatment. Worth pointing out the people running crews are pretty far removed from their company’s insurance policies so your idea that’s on their mind when deciding whether or not to enforce water breaks seems shaky to me.
Are you saying that when “laid off” began being used 30-40 years ago it implied you’d be rehired? Because that’s the claim being made above about the current meaning of the term.
Edit: Wikipedia agrees that this is a generational difference and the term laid off used to imply it was temporary. Today I learned…
That is not what the terms mean. Firing implies let go for cause and laid off implies it wasn’t for cause. Being laid off doesn’t imply you could be rehired, perhaps you are thinking of the term “furloughed”.
Can you elaborate on this? So ISPs often engage in tactics that thwart VPN usage? Which ISPs? What tactics?