[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Using VPN less safe?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Using VPN less safe?
From: Oskar Wendel <o.wendel@xxxxx>
Date: Sun, 24 Jan 2016 21:51:03 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 24 Jan 2016 16:51:23 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <n82b3t$g4v$1@xxxxxxxxxxxxx> <20160124163841.GI7734@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Roger Dingledine <arma@xxxxxxx>:

> It's a tradeoff -- if somebody somehow breaks the anonymity of your Tor
> circuit, it's nice to have another layer behind that. But if somebody
> guesses that you're using a particular VPN, or you pick a VPN that they're
> already monitoring for other reasons, then you basically let them see the
> beginning of your circuit when otherwise they might not have been able to.

Yeah... and considered that there is no known method of breaking the 
anonymity of circuit, but correlation attacks are known and any realtime 
anonymity network without some kind of noise injected is susceptible to 
them, I guess one should fear correlation more than breaking the circuit 
anonymity and minimize places, where one's traffic could be correlated 
with HS (or exit node) traffic and traced back to him...

So, with this assumption, running Tor directly from home connection should 
be safest, right?

> In a sense you're selecting your VPN to be your guard. If there were
> one super-popular guard in the Tor network, and people used it forever
> rather than doing normal guard rotation, seems to me it would become an
> appealing point for surveillance.

I wonder how many entry guards are monitored, by the way, and if 
correcting bug 17772 didn't make it worse from the surveillance point of 
view, as now there are much fewer nodes to observe...

> Also, this issue is pretty much the same whether you're visiting onion
> sites or other domains.

Right, I am concerned more about hidden services, but it definitely 
applies to both.

- -- 
Oskar Wendel, o.wendel@xxxxxxxxxxxxxxxxx
Pubkey: https://pgp.mit.edu/pks/lookup?search=0x6690CC52318DB84C
Fingerprint: C8C4 B75C BB72 36FB 94B4 925C 6690 CC52 318D B84C
-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJWpUdEAAoJEGaQzFIxjbhM+yAH/0tm0ecxBzptw9iSTPoOMb6Q
5zLry+ziUGrxKfsDgRrkOJD7LYncbwL18ze15hwVGysVOr2Lpt7YK5Gkvj/oD8U8
Wi7W+bDUXF/q8VeQynjv5GQ1uzHu8xi5Er2c3dDBkNWhhSrLOCTzlx/8ESkBbUBQ
10E1GLpdZsXFSdpiHsvHAISgajdgsg3nJgDHjPBe0YqjTXQNZFYB+lJD6bya+EmS
qpRiUniZ5Wn+2m8rmK+Bpt4OCQvPnefTO/xzrSc+mxskuXbQSgrmCZFymAxGxH2g
Vg0F4JpCY2+sS2FD2AjG2Cc4kgrqmq7eJtNXmxrAGx/xbiYgLeEp3nRAxiFfnuU=
=HSmc
-----END PGP SIGNATURE-----

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Using VPN less safe?
  - From: Oskar Wendel
- Re: [tor-talk] Using VPN less safe?
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] Using VPN less safe?
Next by Author: Re: [tor-talk] Using VPN less safe?
Previous by thread: Re: [tor-talk] Using VPN less safe?
Next by thread: Re: [tor-talk] Using VPN less safe?
Index(es):
- Author
- Thread