Faking a VPN
Feb. 20th, 2026 03:43 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
elisheva_m posting in ![[community profile]](https://www.dreamwidth.org/img/silk/identity/community.png){kind=small}
little_detailsWhat would be involved in setting up a fake facsimile of a VPN service to gather intelligence on a criminal organisation?
Would this essentially be a VPN where the relay saves a copy of the traffic? Everything I've found to read on the internet assumes more knowledge of tech and jargon than I have. Could a choice of servers in different countries be faked? A UI seems easy enough, but what about the ISP it connects to? If it was simply a gateway to a real VPN, would the real VPN notice? Could it at some point send a second copy elsewhere without being noticed?
This could be a scheme the character is pondering near the end, so it doesn't have to work - it could simply be trying to find solutions to some of the concerns. He has a habit of staring out the window late at night mulling over such things. He really wants to be able to build a phone case with a rechargeable listening device but we've gotten lost on the physics of discretely charging it from the phone.
There's the social infrastructure to make it appear legit, website & fake reviews and social engineering to get them to bite. I've already written this for a different operation, not in great detail but enough for my purposes. If faking a VPN is feasible, I'd probably replace the existing scheme in those scenes with this one. But the marketing email may be more along the lines of "Police and governments can't subpoena a service they don't know exists" with a link to the dark web.
Edit: It doesn't need to actually work as a VPN, the character won't care about hiding the users' info. It just needs to look like one from their side of things.
Please be careful with how much detail and tech-speak you throw at me, my health is poor and I am easily overwhelmed. If this is a rubbish idea, please be kind in putting it down.
Thank you for any help.
This could be a scheme the character is pondering near the end, so it doesn't have to work - it could simply be trying to find solutions to some of the concerns. He has a habit of staring out the window late at night mulling over such things. He really wants to be able to build a phone case with a rechargeable listening device but we've gotten lost on the physics of discretely charging it from the phone.
There's the social infrastructure to make it appear legit, website & fake reviews and social engineering to get them to bite. I've already written this for a different operation, not in great detail but enough for my purposes. If faking a VPN is feasible, I'd probably replace the existing scheme in those scenes with this one. But the marketing email may be more along the lines of "Police and governments can't subpoena a service they don't know exists" with a link to the dark web.
Edit: It doesn't need to actually work as a VPN, the character won't care about hiding the users' info. It just needs to look like one from their side of things.
Please be careful with how much detail and tech-speak you throw at me, my health is poor and I am easily overwhelmed. If this is a rubbish idea, please be kind in putting it down.
Thank you for any help.
(no subject)
Date: 2026-02-20 05:23 pm (UTC)The TL;DR here for me would be that - as layman's terms as possible - you would probably need to actually have servers in those countries to connect to, the scope of what you'd need to make it work would be akin to 'you might as well just create a real VPN.'
You might want to consider some kind of malicious keystroke logging software on the phone and/or laptop, though it will drain battery fairly fast, a lot of folks just think they need to replace their phone, or that they have some background app operation (not a keystroke logging program). That software records everything a person plugs into their phone including passwords, meaning that you could simply access the keystroke software from a remote place to see what they're looking for. Keystroke logging is sadly pretty common/easy (plenty of folks figure out how to use it on cheating spouses, among other things), and it's one of those 'the simplest solution is probably the one that's likely to be the most successful.'
If it's a criminal organisation, they might be wise to keystroke loggers (they might be using this technology themselves, lol, depending on how good/sophisticated they are), but they've absolutely been used on criminal organisations irl. It is a legitimate surveillance tool for law enforcement in many countries, and is often successful, depending on how lightweight the software is (i.e. if it doesn't cause rapid battery drain, people are less likely to realise something is up).
If it were me writing a character like that, I'd have him realise the 'fake VPN' is not really doable, but that it might be worth looking and seeing how much progress tech has made in keystroke loggers.
Like I don't know what your character wants to surveil, but presumably they want to see what the criminal organisation is doing, and this is a very easy way to make that happen. Well ymmv on "very easy" - I definitely think it would be way easier than creating essentially a real VPN service to pretend to be a fake one to gather intel on a criminal organisation.
Expertise: Some ethical hacking education, father worked in law enforcement in this arena, but some time ago, there might be more modern methods outside of keystroke logging re: easy surveillance in law enforcement (and for other people too). I know enough about VPNs to know that I don't want to pretend to make a fake one by actually making a real one to get intel, and I know enough about keystroke loggers to know they're easy enough to get on someone's phone that I could do it, and you could too, if you knew the person. So there's that.
(no subject)
Date: 2026-02-20 09:38 pm (UTC)The role of this in the narrative is less about what info they might obtain and more about the character's creativity in finding new and unusual ways to get surveillance in place. These sequences are more about humour at the expense of his targets and adding lightness to melodrama. I haven't figured out a way to make a keystroke logger surprising or entertaining. I did wonder if a transmitter in the actual keyboard might work (and bypass the computer's protections), but keyboards aren't replaced often. He's sold them surge protectors with listening devices already.
He doesn't have physical access to their phones. There is a big sequence where he gets two to install software with a virus onto their computers, but mostly they'll be careful about downloading unknown software.
I just thought a way to fake or piggyback onto a VPN might work. It doesn't need to actually be a functioning VPN, it just needs to look like one to the users. But if that's impossible, so be it.