Could the hosting service be logging anyway?

[Carphedon]

I somewhere came across this statement and was wondering if this is correct or not:

"It is, in fact, irrelevant whether or not we chose to log IPs. Our hosting service may anyway be logging our traffic, and their logging policy is not in our control. (This is where all the "anonymous" VPN providers lie to you…)"

If I rent a dedicated server instead of a shared service this server is directly connected to the rest of the internet with a dedicated line right? Or is there a server between the rented server and the internet that could log anyway?

 

[PP Lars]

Hi,
The statement is partially correct. The hoster where you rent a server controls the line and could log all incoming and outgoing traffic. There is no "direct connection to the internet". In the end, you always buy an internet connection from a company, in one way or another, and if that company decides to log without telling you there is no way to prevent this. However, its not as bad as it sounds, because incoming and outgoing traffic are not easy to correlate so the hoster does not know which incoming connection belongs to which outgoing connection.
So for our servers a hoster could for example tell that there are 100 active Openvpn connection on the incoming side, but not whats inside these connections because they are encrypted. And for the outgoing connections it could see that there are for example 20 connections to torrent ports, and 10 to IP that belong to Facebook. However the hoster can not easily see which outgoing connections belong to which incoming connections. But that correlation is not impossible, statistical analysis of the traffic patterns may be able to assign at least some of the connections. To make this harder to impossible you can use features like Cascading or NeuroRouting, they are especially designed to counter the "Bad Hoster" or "State sponsored large scale monitoring " scenarios.

Regards
Lars Mueller - Perfect Privacy

 

[Carphedon]

Thank you for your honest reply. I understand that cascading makes this harder. I have a question about NeuroRouting. If for example a person lives in germany and sets up a vpn connection to amsterdam. He then visits a website hosted in amsterdam, will the connection then still pass at least one hop like rotterdam first or will it leave the encrypted route directly?

 

[PP Lars]

No it won't. So if you connect to amsterdam and the website is also hosted in amsterdam the traffic directly exists in amsterdam.
The idea behind this is to reduce the lets say "flight time" in the normal internet. Best case for NeuroRouting would be that you exit in the same Datacenter where the website is hosted, and your data does not even touch the normal internet unencrypted. So for best protection against both the "Bad Hoster" and the "State sponsored large scale monitoring" scenarios combine cascading + NeuroRouting.