"Joe Btfsplk" wrote: This VPN & Tor (or Tor & VPN) subject - and its discussion here has become complex. Maybe too complex for all but a handful of folks?
What's complex? Intelligence agencies are reportedly targeting all VPN providers. Governments are targeting encryption of communications in the name of national security. Sounds to me like it's a matter of damned if you do, damned if do don't. Case 1, Using Tor to connect to a VPN -- Forces the use of TCP for the VPN and makes it (much) easier to perform statistical correlation. Suppose you then start to apply modifications via pluggable transports. Now you're network conditions are in flux measurably from bridge to exit and back. So your VPN connection is adjusting while Tor is itself still vulnerable to attacks at the ISP level. Tor learns your use over time so you'll tend to have at most one clean circuit available. Now what happens if the circuit is destroyed either OR internal or at either end. Your exit ip changes to another of a limited set of exits that support the port used by the VPN. The VPN could still throw you under a bus for connecting from a Tor exit. If they sell you out by your account/system fingerprint intelligence will already be monitoring said VPN and so we're back to statistics derived from watching both ends. Your adversary is already on the VPN, already watching the exits, knowing which ones support said VPN service ports. Now all that's left is to trace the traffic back to the guard--and you. Unless you've already connected to a malicious guard by chance, ISP level gaming of circuit build times, or guard rotation. i.e. predictable to a fault. Case 2, Using a VPN to connect to Tor -- Enables the use of resilient UDP signalling. Allows you to throw padding traffic at the VPN while using Tor. Tor is itself subject to the network conditions of the VPN. The VPN is more capable to adapt to changing network conditions due to the use of UDP and differences in the congestion control compared to Tor+TCP. On the other hand the VPN provider may try to make money from your non-torified usage. They might also (try to) throw you under a bus at the knock of intelligence agencies. If they do they can provide your Tor guard fingerprint. If you use many simultaneously you might have cause for concern. If you only use one it might not be so bad. Your torified traffic will presumably be spread across multiple exits and be changeable at a click. Your adversary is already on the VPN, already watching the exits, but (hopefully) don't know which ones you use because of the dynamic nature. Now all that's left is to trace your traffic from guards to exit. This might be harder if you use pluggable transports and if they cannot predict your use. I haven't even included the implications if, in addition, your middle hop is adversary-controlled. Now I'm not saying either is better but I prefer the one with more variables in my favor. --leeroy -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
