[SOLVED] What information can a good hacker with limited resources get from a decent VPN service?

[plaregev]

I’m planning to use a VPN to interact with one website. I’m concerned about a party that has access to the site and my VPN’s IP address using it to gather personal information behind the VPN like my real IP address.

I guess my question could be broken up to 3 parts:

1. Are there known exploitable aspects to hacking a VPN that I’ve not considered? (other than DNS & IPV6 leaks, blocking cookies, choosing a service with a OpenVPN protocol that has data & handshake encryption, killswitch using conditional firewall rules)

2. Assuming the known vulnerabilities from question 1 are controlled for, how hard is it for one good (but perhaps not the best in the world) hacker to get through either via exploit or directly by breaking the encryption?

3. In the astronomically unlikely case that a third party bribes my VPN service to get my original IP address- are there reasonably easy ways for a hacker to get my specific physical address from the ISP’s ip address

 

[Math Geek]

there are known exploits for getting into pretty much everything on the web. we've seen many different vpn's hacked and customer data stolen over the last few years. this would of course include payment info and any other info given when creating the account. could get your personal info that way and not even bother having to use your ip address.

it's out of your hands once you give your info and up to the service to protect it. i personally don't use a vpn service but rather created my own vpn with a cloud service. i turn it on when i need to use it and then turn it off when i am done for the moment. since i control it, i know i am not logging any data on myself to be leaked. and even better is that i get a new public ip address every time i turn it on so it's harder to keep tabs on it. i spend maybe $5 a month on the cloud server since i do not run it 24/7 but even then it would only be about $10-15 depending on the machine used.

if you're super concerned about using a service, then i'd recommend making your own server. it is involved but not impossible. i got mine up and running in about 20 minutes using openvpn and some quick start scripts given to me. it's secured with a strong key and nothing else in on that server other than the vpn software. i use digital ocean since all i need is a linux vm and they are much cheaper than the major ms and amazon services.