The general consensus that an Anonymous VPN connection makes your Bittorrent or web surfing habits “anonymous” has recently been debunked at the famous (or is that infamous?) Telecomix Cipher Conference.

Alas, the billion of Torrent users who chose to hide their identities through the use of Anonymous VPN services may not be as anonymous at all.

It’s estimated that more than 2+ billion Internet users have now decided to protect their privacy, by using so called ‘Anonymous VPN‘s to connect to torrent swarms.

Those who use IPv6 in combination with a PPTP-based VPN such as swissvpn, ipredator, witopia are broadcasting information linking to their real IP-address on BitTorrent.

This issue is caused by the combination of IPv6 and PPTP-based VPN services, which is obviously very common in almost all operating systems.

>> Windows, Linux, OSX, Unix, FreeBSD.

>> IPv6 is the Internet protocol that will succeed IPv4)

The protocol is enabled by Windows 7 and Apple OSX (be default) and most people most probably don’t even realise they’re using it.

The technical details of the vulnerability, explained in this talk (see below), reveal that the true IP-address of users using IPv6 can be easily traced. Even worse, Anti-piracy Bureaus may already be using this flaw to gather data on ‘anonymous’ users.

The vulnerability is not just limited to BitTorrent. It can expose people who believe that they are hiding their real IP-address through nearly every connection.

Solution:

From our understanding of the issue, turning IPv6 off should alleviate the threat and make users fully anonymous again.

… Good old IPv4 to the rescue!

Companies such as supervpn, Ipredator, witopia, swissvpn are apparently already aware of this issue and are working on a solution.

… It’s probably a good idea to remember that “If you’re on the internet, you’re never anonymous.”

Be safe kids!

And don’t forget your tin foil hats.

Cheers,
Alex.