[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Using VPN less safe?



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



On 01/24/2016 03:22 PM, aka wrote:
> Oskar Wendel:
>> Today I thought about something...
>> 
>> Let's assume that attacker (government) seizes the hidden service
>> and wants to run it and deanonymize its users with traffic
>> correlation.
>> 
>> Attacker could easily tap into major VPN providers traffic and
>> try to correlate their traffic with hidden service traffic. And
>> there are fewer VPN providers than Tor entry guards (and much
>> less than home connections around the globe).
>> 
>> Does it mean that routing Tor through a commercial VPN could
>> actually lower the security, compared to routing Tor directly
>> through a home connection? It's in contrast with what many say,
>> that you should use a commercial VPN for extra security.
>> 
>> 
> 
> Why not Tor over Tor? Using a Tor exit to connect to the first
> hop. Would require traffic correlating twice.
> 

Quoting https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO:

" When using a transparent proxy, it is possible to start a Tor
session from the client as well as from the transparent proxy,
creating a "Tor over Tor" scenario. Doing so produces undefined and
potentially unsafe behavior. In theory, however, you can get six hops
instead of three, but it is not guaranteed that you'll get three
different hops - you could end up with the same hops, maybe in reverse
or mixed order. It is not clear if this is safe. It has never been
discussed.

You can âchoose an entry/exit point, but you get the best security
that Tor can provide when you leave the route selection to Tor;
overriding the entry / exit nodes can mess up your anonymity in ways
we don't understand. Therefore Tor over Tor usage is highly discouraged.
 "
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCgAGBQJWpTM5AAoJECVOC2Tp0QhT/AIQAJIo6EgeBWWplZ8bU9tx/YHR
umkS8tRy03WX89a6P9MXfnvV3ZTWmHhxWol7ekBhLbU1vZLN9yblEgUDsqX1I2t3
OVHopy+4WzE48u1KRogCVvcmKvhwNAM5TblET8Euq9Op6tXKLZDVJFqDJ9Z64efO
iJ/G86+d5nc9rz8a0krz2E1GvYV7fJrXn9LivNaf/IYHZsvObgQM+OWyxf8MP7F2
PWI1cRTHZFMNInZ2KemiANaUGVSqbUmauygosBSUFygIEiRD8cEOh8v79/BIF3nk
JGzGLE/oCSPSPb0gJdfu83+SmdN36zkrFwc4uVfCAqDD7IaUHtDvPvy4SYsLeGJi
wSA1wewYuZ88UrtQ7CYRggAOpINEIQMs2RaskJQ7/PPWHVDA8Lo/IgzS1JV09hP0
tBr49uZKsXVS6Y3YOxI6PEdIcZprWb75/PzrV0Vq6UpSnyC+JQBVAj4v7i4CfAC1
/koTsp1Evn1Sul88TjeP7WVY63jdv8C9SFB40VB6u1Hb+s7LxuPk8Z0Ev66Y5Uoy
QNzozyOS/qvye2MLois99Ge+IetA/I/IgksL6jzXDm/+QXUaE5b9PutIfpWWYbb1
QXvoBmAJ6iQSLOB/zxTK38Y0avm37ZetuKvT0eheT8jczixeAWB08Walnx3n8j/i
yqxbBSiyLM98XueLhgzF
=r1Bz
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk