[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Email through Tor and VPN questions

> I recently setup my own Tor relay, and its exciting!


> (1) I read in a recent list posting that paid "private" VPN services
> provides no anonymity. According to some of those providers, they
> don't keep any log of your connections. Is this just a marketing
> gimmick, or are there other reasons why a VPN service provides no
> anonymity? Is there a side by side comparison between using Tor vs
> VPN?

Regardless of whether or not any provider routinely maintains logs...
They may choose to ignore requests for records/action from those
having no authority over them. Or they may choose to provide
records/action on a whim so long as it does not hurt them. These
two occur quite frequently in the ISP space behind the scenes.
And usually completely independant from the marketing and sales
teams who wrote the website.

Since most VPN services are one hop solutions, any 'legal' request
for the production of records/action is very likely to produce the
source records sought, if they exist. 'Action' refers to closing
accounts, future making of records, etc.

Tor, I2P, and Phantom are designed to make it impossible for such
standard traceback techniques to work. They do that very well.

> (2) The Tor network discourages some uses of it like BitTorrent (and
> other file sharing?). I can understand that from a bandwidth/speed
> perspective, but if I want to share files via BitTorrent (such as a
> GNU/Linux distro image), is there a way to make it more private?

Using BT with Tor, or any other system, may not be 'private'. See
the torproject blog for why. So long as you share entirely within
Tor/I2P... and as long as you figure and give back your bandwidth
as empty pipe... that would be private, and network friendly. I2P
has a much larger group of 'private' BT users.

> (2) I am using the FoxyProxy addon in Thunderbird 6 to use Tor as a
> proxy. Is this an effective way to improve my email privacy? The only
> other possible issue I can think of is that my email headers are
> "real", but I am not sure if that matters so much?

All Tor does is make your machine appear to come from somewhere
else... that could be more 'private'. If your mail client inserts your local
host/net into the headers before sending to the remote MTA via SMTP,
that could be bad. Inspect your own headers to see. And use Wireshark
or whatever to make sure you're going over Tor.
tor-talk mailing list