they could be running the vpns Quoting: Anonymous Coward 77390702
also there are various ways to identify a computer, such as mac address, browser fingerprint, ect ect ect
Your writing style and compare it with other identities you have not masked online, they could control the ISP you use or rather have access to either willingly or they hacked the ISP and have backdoors to it.
When they got their suspicion they go look what ISP you pay for and send a request or they have access already or use a backdoor into the ISP and then monitor your traffic at the ISP and then the supiscion is either confirmed or you were not the one they were looking for.
And also there's plenty of programs that send shit to the makers and those makers probably like to share or they're hacked.
Also there's the data gathering centers, like Echelon.
Sweden has a ginormous data collecting center with the Swedish FRA
Pretty cool logo:
[link to upload.wikimedia.org (secure)
Here's the swedish wiki about Försvarets Radioanstalt:
[link to sv.wikipedia.org (secure)
it catches all traffic from Russia that goes between Russia and the US from say Moscow.
Some detective work but they can find you.
They found that guy Sabu of LulzSec and he was way more careful than most.
[link to en.wikipedia.org (secure)
still he messed up in one point and they got him.
[link to www.youtube.com (secure)
there's probably more ways to find out who people are, the experts here will probably tell us.