Ask HN: Could Brazil's Supreme Court IT team track VPN usage on X?
It's more of a technical question and maybe is a really noob one. Although the restriction on VPN apps in general was dropped, the fine for VPN usage on X is still up.
Many people point out that this type of tracking would only be possible if VPN companies handled logs to the Supreme Court, others say that patterns on the VPN connections could be detected and then the access to X be uncovered, at least partially (technically they only need to know you used X on a VPN, not what you saw on X or anything else). Others say that, besides logs, it is impossible to know if a citizen Y used X.
If you were, let's say, in the Supreme Court IT team and needed to detect who is using X through a VPN, how would you do it (besides asking the companies for the logs). > how would you do it Subpeona the ISP for a list of users that have consistently connected to a range of known VPN provider IP ranges. Then they can filter by other heuristics like amount of data transferred and histograms that show when/how they used it. Unless the VPN provider is implementing advanced antitracking techniques or multihop gateways, it should be pretty easy to get that info since most ISPs are very much at the beck and call of the government. I should've asked in the OP, but what about if some create an instance on e.g. AWS, GCP outside of Brazil and connect to it using a personal Wireguard/OpenVPN. Would it help? The restrictions apply to X, so you can use your vpn to anything else. I use it daily on my job (it’s being hard to resist the temptation of take a look on X). Also, I saw many people saying that a read only access is fine, but posting could be more problematic. The only reason posting there is problematic is it provides the judge with direct proof you disobeyed his order. DNS leakage and query logs I should've asked in the OP, but what about if some create an instance on e.g. AWS, GCP outside of Brazil and connect to it using a personal Wireguard/OpenVPN. Would it help? It would make it a bit harder to detect that you are using a VPN, but it shouldn't be hard for the ISP to detect that all your traffic is being sent encrypted to a particular IP address. They wouldn't be able to see you are using X in particular. There may be very specific timing patterns that the X app or the X web app use when fetching related images, new posts, etc, but this also depends on how you scroll the site, and this seems infeasible to prove beyond any reasonable doubt, and also that any ISP would have logs with that granularity. As the parent said, you should make sure no DNS queries go outside of the VPN, for example. Now, if you post to X, then it would be clear that you used it, which would be a problem according to the resolution, as long as you were in the country.