IP detected using Tixati with VPN

I've been using PIA VPN for many years now, apart from a few times I've not used Peer to Peer software for years though (I think Napster was the last time I was a frequent user!) but I used Tixati the other day (used it a couple times, but rarely) and while someone on my connection may or may not have inadvertently seeded something, I got an email the next day from my ISP stating that Copyrighted material had been shared.

Of course I'd never intentionally use my connection for anything illegal, but I had my VPN so was very surprised to have received this email. Now, my DNS were set as default, and my un-encrypted connection's DNS are google, what am I doing wrong? Could it have been an ipleak or does P2P not connect through VPN the same way as browsers?

Like I said, I'm pretty hot on general connection and browser security but I know little about P2P security - is there a way to test if my Tixati connection is secure?

It's worrying because I also want to use my connection for whistleblowing and that must be secure with no chance of leaks as some people's safety/jobs could be at risk when I move.

Comments

  • @jimnoble I'm not qualified to comment on the Tixati issue so I'll let someone else field that one. As for whistleblowing, if you haven't done so already I would highly recommend you seek advice on how to do it properly to stay secure.

    As with all security, there is a threat model to consider before specific tools can be decided on. If you are for example an employee of Walmart and want to anonymously whistleblow to your boss about the sexual misconduct of another employee, then probably any operating system, browser and email provider in combination with PIA will suffice.

    If you're a government worker and just discovered the vice-president has been funneling drug money to have witnesses against the government murdered, you better be rethinking your approach to something like TailsOS booted from a CD, connecting only over Tor, and using a Riseup email account while encrypting everything over GPG and using Wikileaks and SecureDrop to make sure the information gets out there quickly and in a decentralized fashion.

    Good luck and keep up the good fight :)
  • Posts: 265
    The letter or email you have received from your ISP should list exactly what file you were caught with as well as the timestamps of it, so can you maybe use that to first confirm whether it's you and when it leaked?

    P2P is a bit tricky as some clients could unknowingly expose you via your router with UPnP and accepting incoming connections on your normal IP despite it using the VPN for outbound connections. I don't know that client either so it's hard to tell for sure, but I would definitely recommend running the leak tests to verify it all.

    Technically if the VPN is working correctly, your ISP cannot possibly see anything but encrypted garbage from the VPN. If they caught you it means that your IP somehow ended up listed on a tracker somewhere, so something at some point let traffic out of the VPN.


    Can you detail more what your setup is with Tixati? How is it configured, and how is PIA configured?
Sign In or Register to comment.