-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Roger Dingledine <[email protected]>:
> It's a tradeoff -- if somebody somehow breaks the anonymity of your Tor > circuit, it's nice to have another layer behind that. But if somebody > guesses that you're using a particular VPN, or you pick a VPN that they're > already monitoring for other reasons, then you basically let them see the > beginning of your circuit when otherwise they might not have been able to. Yeah... and considered that there is no known method of breaking the anonymity of circuit, but correlation attacks are known and any realtime anonymity network without some kind of noise injected is susceptible to them, I guess one should fear correlation more than breaking the circuit anonymity and minimize places, where one's traffic could be correlated with HS (or exit node) traffic and traced back to him... So, with this assumption, running Tor directly from home connection should be safest, right? > In a sense you're selecting your VPN to be your guard. If there were > one super-popular guard in the Tor network, and people used it forever > rather than doing normal guard rotation, seems to me it would become an > appealing point for surveillance. I wonder how many entry guards are monitored, by the way, and if correcting bug 17772 didn't make it worse from the surveillance point of view, as now there are much fewer nodes to observe... > Also, this issue is pretty much the same whether you're visiting onion > sites or other domains. Right, I am concerned more about hidden services, but it definitely applies to both. - -- Oskar Wendel, [email protected] Pubkey: https://pgp.mit.edu/pks/lookup?search=0x6690CC52318DB84C Fingerprint: C8C4 B75C BB72 36FB 94B4 925C 6690 CC52 318D B84C -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJWpUdEAAoJEGaQzFIxjbhM+yAH/0tm0ecxBzptw9iSTPoOMb6Q 5zLry+ziUGrxKfsDgRrkOJD7LYncbwL18ze15hwVGysVOr2Lpt7YK5Gkvj/oD8U8 Wi7W+bDUXF/q8VeQynjv5GQ1uzHu8xi5Er2c3dDBkNWhhSrLOCTzlx/8ESkBbUBQ 10E1GLpdZsXFSdpiHsvHAISgajdgsg3nJgDHjPBe0YqjTXQNZFYB+lJD6bya+EmS qpRiUniZ5Wn+2m8rmK+Bpt4OCQvPnefTO/xzrSc+mxskuXbQSgrmCZFymAxGxH2g Vg0F4JpCY2+sS2FD2AjG2Cc4kgrqmq7eJtNXmxrAGx/xbiYgLeEp3nRAxiFfnuU= =HSmc -----END PGP SIGNATURE----- -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
