Silk Road forums
Discussion => Security => Topic started by: BenCousins on June 26, 2012, 04:05 am
-
could anyone explain this to me? how exactly they work and how anonymous are they
preferably in as n00b speak as possible thanks
Ben
-
There is not a single way in which VPNs work, there are a few different types. However, there are some general things we can say about VPNs. First of all, if they are low latency they are weak to the general anonymity attacks against all currently known low latency anonymity systems. This means that they provide anonymity from passive attackers by making it difficult for them to see where your traffic enters AND exits. If an attacker can see the entry AND exit of your traffic, they can deanonymize you regardless of the sort of VPN you are using or if the VPN nodes themselves are compromised. This deanonymization attack can also be carried out regardless of the number of intermediary nodes that you route your traffic through from entry to exit. If an attacker can not simultaneously monitor your entry and exit points, they will need to either work their way from your exit point to your entry point (if they are, for example, the website you are visiting, or someone who is monitoring it), or from your entry point the the exit point (if they are watching you and trying to determine which website you are visiting). This is speaking strictly in terms of what I would call signals intelligence, there are attacks that can identify pre-fingerprinted websites through the encryption that is provided by the *overwhelming majority* of VPN providers, and this could allow such an attacker to determine the website you are visiting even if they can not observe your actual exit traffic.
With many VPN providers they will offer a limited number of entry and exit points. An attacker going against these services is less concerned with middle nodes. For example if you use a provider with many nodes that only allows entery with a node in USA and exit with a node in Netherlands, the attacker doesn't necessarily need to get logs from the middle nodes if they can identify the provider who owns the exit you are using and determine which entry you must have used. So in these cases a true back or forward trace of logs may not be required as the attacker knows where the logs they are really interested in are stored already.
The anonymity of a VPN is largely provided by how the provider is structured. If the nodes you are using are in ten different countries but are owned by a provider in USA, a single warrant in USA is probably all that is required to compromise all ten of their hops. Some of the better VPN providers have structured themselves in such a way that a warrant is required to the operator of each hop, and this is certainly advantageous from a legal resistance perspective.
At the end of the day, a VPN can provide anonymity that is fed resistant. This can be seen by simple open source intelligence gathering, there have been numerous cases where the botnet operator could not be traced until they forgot to use VPN. Of course, one must also take into consideration the fact that misinformation could be being fed through open source channels, giving the impression that the botherder forgot to use VPN when in reality their VPN was compromised. However, at the end of the day there are no cases of people who used Tor being traced by law enfocement, and there are thousands of cases of people who used VPN providers being traced by law enforcement. It is largely a matter of time for either of these solutions, eventually you can be traced. Even with extremely anonymous solutions such as mix networks it is largely just a matter of time before a global passive attacker deanonymizes you, unless there is constant rate cover traffic. And low latency solutions provide absolutely no protection from global passive attackers.
It is really an enormously large topic and I am going to need you to ask something more specific than "how does vpn work and how is it anonymous" to give you a good answer, without typing out a very large amount of information, especially as you apparently would need a large amount of terminology explained to you before the merits of a VPN can be properly analyzed.
-
thanks kmf and yeah your right im not really up with all the terminology but i am trying to learn as fast as possible.
So using TOR hasnt been responsible for anyone being traced yet? am i right in assuming that when you say someone will be traced that it would take enormous amount of effort targeted at one particular person? or do you mean when this time comes they will be able to deanonymize everyone with ease?
What would your best suggestions for staying anonymous be?
thanks again
Ben
-
thanks kmf and yeah your right im not really up with all the terminology but i am trying to learn as fast as possible.
So using TOR hasnt been responsible for anyone being traced yet? am i right in assuming that when you say someone will be traced that it would take enormous amount of effort targeted at one particular person? or do you mean when this time comes they will be able to deanonymize everyone with ease?
What would your best suggestions for staying anonymous be?
thanks again
Ben
TOR isn't perfect, but its as close as we humans are going to get. If you're concerned about security then use relays or a VPN as well. Problem is, free VPNs are cheap and mostly worthless (though there are exceptions). You need to balance the risk of what you're doing online vs how much security you think I need. If you're a money launderer or a top seller thats one thing, but a guy who just buys an oz a month for his personal smoke doesn't have as much to worry about.
-
could you explan relays??
thanks
Ben
-
There is not a single way in which VPNs work, there are a few different types. However, there are some general things we can say about VPNs. First of all, if they are low latency they are weak to the general anonymity attacks against all currently known low latency anonymity systems. This means that they provide anonymity from passive attackers by making it difficult for them to see where your traffic enters AND exits. If an attacker can see the entry AND exit of your traffic, they can deanonymize you regardless of the sort of VPN you are using or if the VPN nodes themselves are compromised. This deanonymization attack can also be carried out regardless of the number of intermediary nodes that you route your traffic through from entry to exit. If an attacker can not simultaneously monitor your entry and exit points, they will need to either work their way from your exit point to your entry point (if they are, for example, the website you are visiting, or someone who is monitoring it), or from your entry point the the exit point (if they are watching you and trying to determine which website you are visiting). This is speaking strictly in terms of what I would call signals intelligence, there are attacks that can identify pre-fingerprinted websites through the encryption that is provided by the *overwhelming majority* of VPN providers, and this could allow such an attacker to determine the website you are visiting even if they can not observe your actual exit traffic.
With many VPN providers they will offer a limited number of entry and exit points. An attacker going against these services is less concerned with middle nodes. For example if you use a provider with many nodes that only allows entery with a node in USA and exit with a node in Netherlands, the attacker doesn't necessarily need to get logs from the middle nodes if they can identify the provider who owns the exit you are using and determine which entry you must have used. So in these cases a true back or forward trace of logs may not be required as the attacker knows where the logs they are really interested in are stored already.
The anonymity of a VPN is largely provided by how the provider is structured. If the nodes you are using are in ten different countries but are owned by a provider in USA, a single warrant in USA is probably all that is required to compromise all ten of their hops. Some of the better VPN providers have structured themselves in such a way that a warrant is required to the operator of each hop, and this is certainly advantageous from a legal resistance perspective.
At the end of the day, a VPN can provide anonymity that is fed resistant. This can be seen by simple open source intelligence gathering, there have been numerous cases where the botnet operator could not be traced until they forgot to use VPN. Of course, one must also take into consideration the fact that misinformation could be being fed through open source channels, giving the impression that the botherder forgot to use VPN when in reality their VPN was compromised. However, at the end of the day there are no cases of people who used Tor being traced by law enfocement, and there are thousands of cases of people who used VPN providers being traced by law enforcement. It is largely a matter of time for either of these solutions, eventually you can be traced. Even with extremely anonymous solutions such as mix networks it is largely just a matter of time before a global passive attacker deanonymizes you, unless there is constant rate cover traffic. And low latency solutions provide absolutely no protection from global passive attackers.
It is really an enormously large topic and I am going to need you to ask something more specific than "how does vpn work and how is it anonymous" to give you a good answer, without typing out a very large amount of information, especially as you apparently would need a large amount of terminology explained to you before the merits of a VPN can be properly analyzed.
How do vpns and tor work together? How to set them up? Thank you.
BB
-
could you explan relays??
thanks
Ben
I think he means tor bridges.
BB
-
i cant seem to get my bridges working can anyone help?
I said this a couple of days ago,but what is the weakness in connecting to SR from a clean laptop purchased with cash using a wireless prepaid USB for net purchased with cash (fake name) and booting that laptop with an OS on an external USB that is encrypted and hidden(physically hidden) when not using. This laptop/USB/wireless net would only be used for connecting to SR. surely this is overkill as a buyer but as a vendor i see this would be necessary. I fail to see how i could be traced if i did all that.
-
i cant seem to get my bridges working can anyone help?
I said this a couple of days ago,but what is the weakness in connecting to SR from a clean laptop purchased with cash using a wireless prepaid USB for net purchased with cash (fake name) and booting that laptop with an OS on an external USB that is encrypted and hidden(physically hidden) when not using. This laptop/USB/wireless net would only be used for connecting to SR. surely this is overkill as a buyer but as a vendor i see this would be necessary. I fail to see how i could be traced if i did all that.
The question isn't how you would be traced, it's why you would be traced and who would trace you. Remember, everything the government does costs money, the setup you described would be hard to trace, in other words, expensive.
-
i cant seem to get my bridges working can anyone help?
I said this a couple of days ago,but what is the weakness in connecting to SR from a clean laptop purchased with cash using a wireless prepaid USB for net purchased with cash (fake name) and booting that laptop with an OS on an external USB that is encrypted and hidden(physically hidden) when not using. This laptop/USB/wireless net would only be used for connecting to SR. surely this is overkill as a buyer but as a vendor i see this would be necessary. I fail to see how i could be traced if i did all that.
The question isn't how you would be traced, it's why you would be traced and who would trace you. Remember, everything the government does costs money, the setup you described would be hard to trace, in other words, expensive.
But the thing is the government doesn't need to target him. They target Tor in general, and he might get scooped up in that.
-
yes thats what i was asking the other day whether LE will try and just crack? one persons Tor or the system as a whole demasking everyone at the same time. Also gotta remmeber that TOR was devleoped by the US government to help Whistleblowers, Dissenters etcso is it really in there best interest to crack it? surely Human rights abuses such as slaughtering large numbers of people are a greater evil then some drug users and people looking at CP (inb4 the shitstorm)
KMF is it possible to GPS (or something similar) locate wireless 3G? and if so what if it was being used inside a large apartment block where 1000s of people live on top of one another? (or can it be traced laterally also?)
please respond
Ben