Oddbean new post about | logout
gunson | 10 months ago (raw) | root | parent | reply | flag +1 
 if you visit a web page and then turn off VPN and refresh these two pieces of info are trivially linked

you've revealed a lot of information that forms a fingerprint even without an IP address. Now the site provider can trivially link these two IP addresses.

what's more is that they're probably using a CDN like AWS CloudFront who also see this info and they've probably seen your browser fingerprint and VPN IP on other sites they host, so they know who you are as an entity and can just trace back your non-VPN IP address to your ISP that knows all your identity info.

best strategy here is to retry the site with another device, or wait a few days and try without VPN from the start
galegoo⚡ | 10 months ago (raw) | root | parent | reply | flag 
 fair points

wouldn't another solution be to use several VPN endpoints? you may have tainted one but not all

but yes, privacy in the internet these days is hard. we may have tainted somethings we take for hidden
gunson | 10 months ago (raw) | root | parent | reply | flag 
 maybe, although you might get blocked for using a VPN again! 😅