Changes between Version 18 and Version 19 of doc/TorPlusVPN


Ignore:
Timestamp:
May 21, 2013, 8:18:11 PM (7 years ago)
Author:
proper
Comment:

added VPN/SSH Fingerprinting; expanded you -> VPN/SSH -> Tor

Legend:

Unmodified
Added
Removed
Modified
  • doc/TorPlusVPN

    v18 v19  
    55Mirrors of this page:
    66 * [https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN torproject.org wiki] <- original / "master". Please add changes to the original so they can spread to the mirrors.
    7  * [http://ah5dm66duazqkz6h.onion Onion Wiki]
    8  * [https://cryptoanarchy.org/ cryptoanarchy.org Wiki]
     7 * [http://ah5dm66duazqkz6h.onion Onion Wiki] (down)
     8 * [https://cryptoanarchy.org/ cryptoanarchy.org Wiki] (down)
    99
    10 August 2012
     10May 2013
    1111
    1212There are many discussions on the Tor Mailing list and spread over many forums about combining Tor with a VPN, SSH and/or a proxy in different variations. X in this article stands for, "either a VPN, SSH or proxy". All different ways to combine Tor with X have different pros and cons.
     
    4545
    4646== you -> VPN/SSH -> Tor ==
    47 You can route Tor through VPN/SSH services. That prevents your ISP etc from seeing that you're using Tor. Generally, VPNs are more popular than Tor, so you won't stand out as much. SSH tunnels are not so popular.
     47You can route Tor through VPN/SSH services. That ''might'' prevent your ISP etc from seeing that you're using Tor ([https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN#VPNSSHFingerprinting VPN/SSH Fingerprinting below]). On one hand, VPNs are more popular than Tor, so you won't stand out as much, on the other hand, in some countries replacing an encrypted Tor connection with an encrypted VPN or SSH connection, will be suspicious as well. SSH tunnels are not so popular.
    4848
    49 Once the VPN client has connected, the VPN tunnel will be the machine's default Internet connection, and the Tor Browser Bundle will route through it.
     49Once the VPN client has connected, the VPN tunnel will be the machine's default Internet connection, and TBB (Tor Browser Bundle) (or Tor client) will route through it.
    5050
    5151This can be a fine idea, assuming your VPN/SSH provider's network is in fact sufficiently safer than your own network.
     
    8989This is done to enforce, that all your traffic routes through Tor without any leaks. Further read: [https://trac.torproject.org/projects/tor/wiki/doc/TorVPN TorVPN]. If you want this, it may unnecessary to use VPN, a simple Tor-Gateway may be easier, for example [http://whonix.sf.net Whonix].
    9090
     91= VPN/SSH Fingerprinting =
     92Using a VPN or SSH neither doesn't provide strong guarantees of hiding your the fact you are using Tor from your ISP. VPN's and SSH's are vulnerable to an attack called Website traffic fingerprinting ^1^. Very briefly, it's a passive eavesdropping attack, although the adversary only watches encrypted traffic from the VPN or SSH, the adversary can still guess what website is being visited, because all websites have specific traffic patterns. The content of the transmission is still hidden, but to which website one connects to isn't secret anymore. There are multiple research papers on that topic. ^6^ Once the premise is accepted, that VPN's and SSH's can leak which website one is visiting with a high accuracy, it's not difficult to imagine, that also encrypted Tor traffic hidden by a VPN's or SSH's could be classified. There are no research papers on that topic.
     93
     94What about Proxy Fingerprinting? It has been [https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN#VPNversusSSHorProxy said above already], that connections to proxies are not encrypted, therefore this attack isn't even required against proxies, since proxies can not hide the fact, you're using Tor anyway.
     95
     96,,
     97^1^ See [https://www.torproject.org/projects/torbrowser/design/ Tor Browser Design] for a general definition and introduction into Website traffic fingerprinting.
     98^2^ See slides for [http://www.cs.sunysb.edu/~xcai/fp.pdf Touching from a Distance: Website Fingerprinting Attacks and Defenses]. There is also a [https://dl.acm.org/citation.cfm?id=2382260 research paper] from those authors. Unfortunately, it's not free. However, you can find free ones using search engines. Good search terms include "Website Fingerprinting VPN". You'll find multiple research papers on that topic.
     99
    91100= Also See =
    92101 * [https://tails.boum.org/forum/Why_do_you_post_contradictory_statements__63___VPN/ Tails's about VPNs #1]