As we know many VPN providers (almost all of them) are renting servers from various hosting providers so they can offer more locations to their users. But if VPN company doesn’t have full control (physical) access of their infrastructure, how can we be sure that hosting providers don’t log all the data? They can see users IP, and know where the traffic goes next? Could you please explain me how it actually works?
This isn’t limited to VPN providers, but true for mostly everything on the internet.
For instance, many logically different web servers/mail servers etc. operated by private individuals are physically hosted by a small amount of companies (e.g. OVH, Hetzner, DigitalOcean, Host Europe). Of course, these companies can monitor the complete IP traffic and most of them officially do it for security and maintenance purposes. If you don’t operate your private server at home, it is likely that you will never see your physical server.
Besides, there are virtual servers. In this case, you share physical resources with different logical instances on the same machine. This is when CPU vulnerabilities can become dangerous if they leak secret data between logic instances.
Bigger companies use Google, AWS, Azure etc. to host their content.
It’s difficult, you generally have to trust the host. It’s one of the many many reasons I don’t recommend a VPN provider to most people.
If you use Tor this issue is significantly mitigated because no single party in the chain between you and the service you’re visiting will be able to gather too much information on you. That’s probably the only way around the issue.
Thank you for clarification. That’s one of the reasons why I switched to Tor instead of VPN for browsing. Though for torrenting we have no choice