[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Using VPN less safe?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Using VPN less safe?
From: Mirimir <mirimir@xxxxxxxxxx>
Date: Sun, 24 Jan 2016 19:52:30 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 24 Jan 2016 21:52:46 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1453690353; bh=LK7lTsPb1xprm7P7duQ4udKh8imWn6wR3O9H2wMECco=; h=Subject:To:References:From:Date:In-Reply-To:From; b=cSsKi+8MR+OJy9CwxE0lRosb7bIbe7ZZddh+iPrcYBDPtMTfGOyRHilcovoxuPjSe t2JbwJVL12iohzLsV8AUi9Ytf4Cx4sjY9ju80XjGEdfARNjnaSGgpHW+1hipSMbKOZ YvyF/Qb8JWehd3WEviNYH0N8HkntfM8VVHUSJPm0=
In-reply-to: <20160124163841.GI7734@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <n82b3t$g4v$1@xxxxxxxxxxxxx> <20160124163841.GI7734@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1

On 01/24/2016 09:38 AM, Roger Dingledine wrote:
> On Sun, Jan 24, 2016 at 11:04:30AM +0000, Oskar Wendel wrote:
>> Attacker could easily tap into major VPN providers traffic and try to 
>> correlate their traffic with hidden service traffic. And there are fewer 
>> VPN providers than Tor entry guards (and much less than home connections 
>> around the globe).
>>
>> Does it mean that routing Tor through a commercial VPN could actually 
>> lower the security, compared to routing Tor directly through a home 
>> connection?
> 
> Yes, I think this is correct.
> 
> It's a tradeoff -- if somebody somehow breaks the anonymity of your Tor
> circuit, it's nice to have another layer behind that. But if somebody
> guesses that you're using a particular VPN, or you pick a VPN that they're
> already monitoring for other reasons, then you basically let them see the
> beginning of your circuit when otherwise they might not have been able to.

The same is true if someone guesses the user's ISP. Or if they're
already monitoring that ISP. Also, I can chain multiple VPN services. So
the VPN exit that hits the entry guard isn't directly associated with
me. Bottom line, I'd rather have those extra layers, even if some of
them attract attention. And revealing Tor use to my ISP would attract
even more attention.

> In a sense you're selecting your VPN to be your guard. If there were
> one super-popular guard in the Tor network, and people used it forever
> rather than doing normal guard rotation, seems to me it would become an
> appealing point for surveillance.

Maybe so, "in a sense". But I'm still using a Tor entry guard.

> Also, this issue is pretty much the same whether you're visiting onion
> sites or other domains.
> 
> --Roger
> 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Using VPN less safe?
  - From: Oskar Wendel
- Re: [tor-talk] Using VPN less safe?
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] trusting .onion services
Next by Author: Re: [tor-talk] Private Internet Access VPN drops Tor connection randomly
Previous by thread: Re: [tor-talk] Using VPN less safe?
Next by thread: Re: [tor-talk] Using VPN less safe?
Index(es):
- Author
- Thread