>> On 04/25/2012 04:06 PM, Low-Key² wrote: >> > Recently, I'd come across some chatter that suggested that connecting to >> a VPN via TOR was not a good idea and, rather, the better idea was to >> connect to a VPN that then used Tor. I've not found any articles on the >> net that really discuss this issue. My concern stems from more of a >> curiosity due to an encrypted private web proxy I used to run for foreign >> activists. While the proxy would have appeared entirely benign to anyone >> in their regime, a number used Tor to connect to it. My larger question is, >> if there is a security concern for using Tor to connect to a VPN which then >> connects to the internet, would the same concerns apply to people who use >> Tor to connect to an encrypted web proxy? Thanks in advance for any >> replies. >> >> I think the main issue is that user needs to authenthicate to the VPN, so >> no >> matter where they came from via Tor, they are identifiable. That is true >> even if >> the credentials are shared, in that case it's known that the individual >> connecting via the VPN must be from a small group. >> >> On the other hand, if your goal is to hide location instead of identity >> from the >> VPN, connecting via Tor _might_ do the trick. I'm saying _might_, since >> some >> data inside the protocols transmitted over the VPN could contain your real >> IP or >> other identifying information (depends on the protocol(s) used inside VPN). >> >> In the case of the encrypted proxy the attacker might know that it's some >> group >> of people you gave access credentials to. So it depends on what the >> attacker can >> learn - e.g. the attacker will retrieve your name from whois and might >> attempt >> to find out from your communication which individuals belong to that group >> or >> attempt to compromise the proxy and view logs. >> >> Ondrej
A VPN allows traffic correlation if you do You -> Tor -> VPN -> Internet Leonardo _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
