Fixxx
Moder
- Joined
- 20.08.24
- Messages
- 635
- Reaction score
- 2,127
- Points
- 93
When it comes to VPNs, the idea of setting up your own VPN on a rented server often comes to mind, supposedly securing yourself from the VPN service handing over logs and your data to third parties. After all, if it's your own VPN, how could they request your data? In reality, things are much more complicated, and they can indeed provide information about you. A request goes to the hosting provider where you rented the server, asking who was using a specific IP address at a certain time. Most hosting providers will hand you over (specifically, the data you provided when renting the server, the IP address and possibly even fingerprints of the device you used to connect to their servers). They might also disclose all your traffic, which most hosting providers log.
You might argue that you can rent a server from a provider that doesn’t disclose user data...
However, there’s a BIG BUT: I have yet to encounter any providers that have their own data center. Almost all such hosting providers rent large servers from some data center. So, while your data may not be disclosed to a third party, the inquiry can go directly to the data center. And in 99% of cases, the data center will provide it because these centers are heavily regulated by law and local authorities. Additionally, there’s a very interesting point: people from the data center or hosting provider can easily access your rented server and log all your actions on the server, or even send malicious code to your server that can manipulate your traffic by injecting viruses and sending you incorrect responses (for example, you click a button on a website, and instead of a response from the desired site, you receive malware).
They have complete control over the server you rented!
Moreover, without touching on data disclosure, consider this: when you access a website using your VPN, the site might decide to de-anonymize you. For instance, authorities might request from the Internet provider or a law enforcement agency who connected to the IP address of your VPN at a certain time. In the case of your own VPN, you will likely be the only one in the entire country. In the case of a commercial VPN, they will disclose all clients of that VPN who were using that IP address at that time, and the attacker will then have to figure out who specifically among them visited that site.
Conclusion
Having your own VPN often provides even less anonymity than a regular commercial VPN (not to mention those specifically aimed at privacy and anonymity). Therefore, having your own VPN is not necessarily better and certainly doesn't guarantee anonymity. In fact, it may even expand the circle of those who can de-anonymize you.