[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Using VPN less safe?
-----BEGIN PGP SIGNED MESSAGE-----
Roger Dingledine <arma@xxxxxxx>:
> It's a tradeoff -- if somebody somehow breaks the anonymity of your Tor
> circuit, it's nice to have another layer behind that. But if somebody
> guesses that you're using a particular VPN, or you pick a VPN that they're
> already monitoring for other reasons, then you basically let them see the
> beginning of your circuit when otherwise they might not have been able to.
Yeah... and considered that there is no known method of breaking the
anonymity of circuit, but correlation attacks are known and any realtime
anonymity network without some kind of noise injected is susceptible to
them, I guess one should fear correlation more than breaking the circuit
anonymity and minimize places, where one's traffic could be correlated
with HS (or exit node) traffic and traced back to him...
So, with this assumption, running Tor directly from home connection should
be safest, right?
> In a sense you're selecting your VPN to be your guard. If there were
> one super-popular guard in the Tor network, and people used it forever
> rather than doing normal guard rotation, seems to me it would become an
> appealing point for surveillance.
I wonder how many entry guards are monitored, by the way, and if
correcting bug 17772 didn't make it worse from the surveillance point of
view, as now there are much fewer nodes to observe...
> Also, this issue is pretty much the same whether you're visiting onion
> sites or other domains.
Right, I am concerned more about hidden services, but it definitely
applies to both.
Oskar Wendel, o.wendel@xxxxxxxxxxxxxxxxx
Fingerprint: C8C4 B75C BB72 36FB 94B4 925C 6690 CC52 318D B84C
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to