The Illusive Nature of Web Security: Bitcoin, Surveillance, and Cybercrime

“Security doesn’t rob ambition; the illusion of security robs ambition.”– Jay Samit


1.) Introduction
2.) VPN (Virtual Private Network)
3.) Interlude: How Does VPNs log data
4.) Smarter Cybercriminals and Better VPNs
5.) Layers, Tools, and Increasing Anonymity
6.) What Prevails in The End?
7.) Credits

1.) Introduction

The most significant vulnerability in web security is thinking that you’re not vulnerable, that you’re 100% secure.

2.) VPN (Virtual Private Network)

One can activate a VPN to access blocked sites and hide their internet activity from their ISP (ZAIN, STC, Verizon … etc.)

The ISP can see that their user uses a VPN, but they don’t know what he is browsing.

But, if the user commits a cybercrime, that is severe enough. Then national security can subpoena the VPN for their logs, and by severe crime, I don’t mean pirating movies or fraudulent credit card transactions that are not over $1k.

There are some severe cybercrimes out there.

3.) Interlude: How Does VPNs log data

There are two types of logs that VPNs usually keep:

  • Connection logs.
  • Usage logs.

Connection logs contain:

The IP Address of their device, the IP addresses of the VPN server they were connected to, the times when they connected to and disconnected from the VPN Service, and the amount of data they used while connected.

Usage logs contain:

Which websites they visited, what files they downloaded, what software they used.

National security can use the criminal’s real IP address to obtain their actual location.

Usually, the data that is obtained in the previous steps is sufficient to catch the criminal.

The type of adversary who uses a free VPN that logs data has more likely made multiple other mistakes.

Bizarrely enough, he thought that he was entirely ‘safe’ while he was committing the crime.

4.) Smarter Cybercriminals and Better VPNs

Next comes someone who is slightly more cautious:

His thought process is, “If I use a VPN that doesn’t log my data, then I can do whatever I want, and no one can catch me. I am entirely ‘safe’”

Let’s see how that would work out in the real world.

There are commercial VPN services out there that don’t log their user’s data, such as Nord VPN and Express VPN, to name a few.

So the malicious user connects to the VPN, starts performing his malicious acts or cybercrimes. If they are severe enough, then he can also get caught.

When he connected to a website, the browser sends a lot of data to the host/website, such as:

  • System information
  • Screen information
  • Plugins information
  • The user agent (browser)
  • And much more

Here’s a screenshot from

When this data is analyzed correctly, device type, screen information, keyboard language, and other data could be derived, and that would eventually lead to unraveling his identity.

Bizarrely enough, he thought that he was entirely ‘safe’ while he was committing the crime.

5.) Layers, Tools, and Increasing Anonymity

We could go deeper and deeper into this, and there are levels to one’s anonymity on the internet.

I mean, at some point, we used to believe that Bitcoin is truly anonymous, but now with the advent of blockchain analysis (e.g., Chainalysis), we realize how wrong we were. Monero is the leading cryptocurrency in terms of privacy, but maybe in a decade or two, that would change.

If you objectively observe the history of the darknet, you will find that EVERYTHING is vulnerable.

At one point, we used to believe that Liberty Reserve is 100% secure. It turns out it isn’t.

Then bitcoin. It turns out it isn’t 100% secure.
And now Monero. Is it 100% secure? Time will tell.

My point is to never rely on one technology 100% for anonymity and take every measure of safety like:

  • Qubes OS
  • Tails OS (Edward Snowden’s Favorite)
  • dban (Darik’s Boot and Nuke – cleanse hard drive),
  • Disposal of the device (I’m looking at you, Hillary Clinton – Source: CNN
  • Using public wifis
  • Residential VPS
  • Virtual Machines
  • Blocking WebRTC
  • Blocking Canvas Fingerprinting
  • Tor Browser
  • Privacy Coins

Even after this preparation, there is a probability of de-anonymization. These are simply tools.

The best way to never get caught is to never engage in malicious activities in the first place.

6.) What Prevails in The End?

Do you know what prevails in the end, my friend?
These are all tools that reduce the probability of de-anonymization and the number of people that can unravel one’s true identity. The best course of action for cybercriminals is not to engage in malicious activities in the first place.

In the end, my friend, what prevails is that no amount of anonymity measures will help these fraudsters. The good guys always win.

7.) Credits

  • Main photo from by @david_werbrouck
  • The photo that shows browser and OS data are from
  • Psychology Today Article: Security is an illusion (