[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Silk Road taken down by FBI

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Silk Road taken down by FBI
From: mirimir <mirimir@xxxxxxxxxx>
Date: Tue, 08 Oct 2013 01:20:36 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 07 Oct 2013 21:26:29 -0400
In-reply-to: <20131006113216.52a0e9ac@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <97B1D7328248AF741F66B299@F74D39FA044AA309EAEA14B9> <524E23CE.3000407@xxxxxxxxxx> <20131004022115.GP31806@xxxxxxxxxxxxxx> <524E3470.1070804@xxxxxxxxxx> <1380898900.17441.1.camel@anglachel> <CAM=ga6_7bFjOMFuxR2z4ZBGa8Cv6F5jvKoHL0s3ZPN2EhymQ2w@xxxxxxxxxxxxxx> <46676544-A80B-470A-B363-0B544A50917F@xxxxxxxxxx> <c219e2feb9a5242b2fa622519de770c2@xxxxxxxxxxxxx> <20131005120829.GA1268@loar> <5250CCA4.4010807@xxxxxxxxxx> <20131006113216.52a0e9ac@xxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0

On 10/06/2013 10:32 AM, mick wrote:

> On Sun, 06 Oct 2013 02:36:20 +0000
> mirimir <mirimir@xxxxxxxxxx> allegedly wrote:
>>
>> Still, if one uses nested VPN tunnels from multiple providers in
>> suitably chosen spheres of influence, it will be nontrivial for
>> adversaries to install enough taps. Going through China, for example,
>> would be a serious roadblock for US-aligned TLAs. Even with four
>> nested VPN tunnels, latency and bandwidth are far better than using
>> Tor.
>>
>> Finally, it's not either/or. It's easy to include Tor in nested VPN
>> configurations. Latency is typically over two seconds, but bandwidth
>> is adequate, especially for UDP traffic.
>>
> Forgive me, I'm not sure I understand this. Could you elaborate please
> on the nesting of the VPN tunnels with Tor? Since Tor does not
> (currently) support UDP, what architectural model do you have in mind?
> (e.g. openVPN tunnelled through openVPN to a Tor guard entry?)

Yes, Tor supports only TCP. But OpenVPN can optionally use TCP, and once
the VPN tunnel is established, it supports both TCP and UDP traffic.
It's easy to tunnel a VPN through Tor using Whonix in VirtualBox. First
get a free SecurityKISS account. Then install network-manager-openvpn on
the Whonix workstation, and configure Network Manager for SecurityKISS
in TCP mode. By default, Whonix will use the transproxy port for
OpenVPN. Once the VPN tunnel is up, you can use both TCP and UDP with
remote sites. However, you can't access hidden services, for obvious
reasons.

You can also run an OpenVPN server in TCP mode as a Tor hidden service.
You install the server on the Whonix workstation, and configure torrc on
the Whonix gateway. Alternatively, you can use ra's Tor gateway, which
is an OpenWRT VM with a Tor client and DHCP server, plus a Debian VM for
the OpenVPN server.

More generally, you can use multiple pfSense router/firewall VMs as
clients for various VPN providers, and OpenWRT Tor gateway VMs. Internet
traffic routing reflects the local routing of gateway VMs.

> Mick
> ---------------------------------------------------------------------
> 
>  Mick Morgan
>  gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
>  http://baldric.net
> 
> ---------------------------------------------------------------------
> 

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mick

References:
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Juan Garofalo
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mirimir
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Roger Dingledine
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mirimir
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Ted Smith
- Re: [tor-talk] Silk Road taken down by FBI
  - From: shadowOps07
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Jerzy Åogiewa
- Re: [tor-talk] Silk Road taken down by FBI
  - From: BM-2cWto4coLsoD6LrFmFcUeBAua7UU2gvTSR
- Re: [tor-talk] Silk Road taken down by FBI
  - From: Lunar
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mirimir
- Re: [tor-talk] Silk Road taken down by FBI
  - From: mick

Prev by Author: Re: [tor-talk] Freenet and hidden services
Next by Author: Re: [tor-talk] More Questions
Previous by thread: Re: [tor-talk] Silk Road taken down by FBI
Next by thread: Re: [tor-talk] Silk Road taken down by FBI
Index(es):
- Author
- Thread