Silk Road forums

Discussion => Newbie discussion => Topic started by: afflicted on July 22, 2013, 11:22 am

Title: vpn and tor
Post by: afflicted on July 22, 2013, 11:22 am
I have read the forums and spoke to vpn providers and am still getting mixed opinions about the combined use of vpn and tor, I think air vpn supports tor and private internet access doesn't ( speaking to a tech guy at PIA he stated that it wouldn't conflict with tor anyway and although not designed to work with tor it will work) I just want an extra layer of security. 

However I am aware there are problems when using tails and tor, I am not to sure about tails full stop I am having problems getting it to work, cant load it from a usb or a cd , just problem after problem, can anyone suggest an alternative? GPG for USB ?
Title: Re: vpn and tor
Post by: je11yfish on July 22, 2013, 11:36 am
I'm using tor on a vpn for this reason. Not sure exactly how much of a difference it makes to privacy, but I can say that it is slower than just running tor on my usual connection.

From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...
Title: Re: vpn and tor
Post by: Aussie bob on July 22, 2013, 12:37 pm
I'm using tor on a vpn for this reason. Not sure exactly how much of a difference it makes to privacy, but I can say that it is slower than just running tor on my usual connection.

From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...

   My .00002 bit cents :) Connecting to a vpn and then to tor is potentially another level of security and potentially another weakness. If you're going to do it I recommend you choose a vpn that doesn't keep any user logs, and one that accepts bitcoins as payment. This is a popular one just as example.

Clearnet link!!! https://www.privateinternetaccess.com

The tails forum has a whole heap of great info on the subject of vpn 2 tor.

I have read the forums and spoke to vpn providers and am still getting mixed opinions about the combined use of vpn and tor, I think air vpn supports tor and private internet access doesn't ( speaking to a tech guy at PIA he stated that it wouldn't conflict with tor anyway and although not designed to work with tor it will work) I just want an extra layer of security. 

However I am aware there are problems when using tails and tor, I am not to sure about tails full stop I am having problems getting it to work, cant load it from a usb or a cd , just problem after problem, can anyone suggest an alternative? GPG for USB ?

  I've been using tails for a while now. It's really great once you get it, and quite easy to upgrade, but I agree, the first set-up can be a bitch. There are heaps of good tutorial threads if you do a search, but if you want to describe the issues your having I'm happy to help if I can, AB.
Title: Re: vpn and tor
Post by: mbius298074 on July 22, 2013, 12:52 pm
I have read the forums and spoke to vpn providers and am still getting mixed opinions about the combined use of vpn and tor, I think air vpn supports tor and private internet access doesn't ( speaking to a tech guy at PIA he stated that it wouldn't conflict with tor anyway and although not designed to work with tor it will work) I just want an extra layer of security. 

However I am aware there are problems when using tails and tor, I am not to sure about tails full stop I am having problems getting it to work, cant load it from a usb or a cd , just problem after problem, can anyone suggest an alternative? GPG for USB ?

What exact threat are you trying to minimise?
Title: Re: vpn and tor
Post by: AirshipAdmiral on July 22, 2013, 12:56 pm
I'm using tor on a vpn for this reason. Not sure exactly how much of a difference it makes to privacy, but I can say that it is slower than just running tor on my usual connection.

From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...

Honestly, I trust someone like PRQ or Bahnhof with the fact that I'm using Tor at all, than the likes of Comcast or Time Warner. I do not trust AT&T, Verizon, I don't trust any of them.

PRQ and Bahnhof are obviously not that much more trustworthy, but at least it makes it that much more expensive and nontrivial to gather evidence against me or my family, friends and community.

Sure, it's slower, but Tor will always be slow. So does it really matter?
Title: Re: vpn and tor
Post by: notfuckingaround on July 22, 2013, 01:44 pm
From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...


Millions use VPN, thousands use tor. Tor arouses suspicion.
Title: Re: vpn and tor
Post by: AirshipAdmiral on July 22, 2013, 03:02 pm
From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...


Millions use VPN, thousands use tor. Tor arouses suspicion.

VPN usage is very common, and arouses a lot less suspicion than obvious Tor use.

Using Tor regularly is pretty much screaming questionable if not illegal activity.

A common cheaper way of mitigating this risk is using free wifi from fastfood restaurants and internet cafes, because consistent Tor usage is more difficult to track.

If you choose to use free wifi hotspots, please remember to spoof your wireless card's MAC address. Never use the same MAC address twice, or LE can connect the dots and eventually connect the Tor use and your legal identity.

It would be a lot easier to use a bitcoin-accepting VPN AND MAC-spoofed free wifi hotspots, with Tor being used over that, if you have a reason to be particularly paranoid.

If you are a vendor, using Tor over bitcoin-friendly VPN over free wifi hotspots spread over a reasonably large geographic region is highly advisable.

Using clever ways of shipping outbound packages/parcels is also highly advisable, though I do not know practical ways of doing that.

Physical parcel remailing services are not very common, yet, though this may be a very lucrative business opportunity for anyone willing to startup such an entrepreneurship.
Title: Re: vpn and tor
Post by: afflicted on July 22, 2013, 04:13 pm
interesting stuff, great info guys appreciate the feed back, and aussie bob I will probably be in touch regarding tails I am going to spend yet another night trying to get it going sigh

silly question but....... I have lili usb creator , I have managed to set linux up while running windows the virtual machine is up and running , I have 2 usb sticks but I cant see tails in short im f' ing clueless............. ouch
Title: Re: vpn and tor
Post by: Aussie bob on July 22, 2013, 04:22 pm
I'm not sure if this is what you're saying, sorry if I've got it wrong, but are you trying to run tails in a virtual machine within your windows OS? If so, don't. It's very difficult, and not at all secure. Too much leakage into Windows and the virtualiser's logs.
   Best way for initial setup is download most recent tails iso, burn that iso to dvd, restart your computer and boot your computer from the iso, bypassing any other OS. Once in tails you use the tails usb installer to copy that iso on to your usb. Much easier :)
Title: Re: vpn and tor
Post by: afflicted on July 22, 2013, 04:37 pm
initially I tried running the vm within my existing os, doesnt seem to b quite working out, so I then tried to boot from cd, not happening just a lot of error codes, I have 2 laptops I am going to try (not for the first time) running tails on the windows 8 laptop their are issues not isolated to my newbishness with running another os from a windows 8 pc, ill get there lol
Title: Re: vpn and tor
Post by: mbius298074 on July 22, 2013, 04:40 pm
From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...


Millions use VPN, thousands use tor. Tor arouses suspicion.

VPN usage is very common, and arouses a lot less suspicion than obvious Tor use.

Using Tor regularly is pretty much screaming questionable if not illegal activity.

A common cheaper way of mitigating this risk is using free wifi from fastfood restaurants and internet cafes, because consistent Tor usage is more difficult to track.

If you choose to use free wifi hotspots, please remember to spoof your wireless card's MAC address. Never use the same MAC address twice, or LE can connect the dots and eventually connect the Tor use and your legal identity.

It would be a lot easier to use a bitcoin-accepting VPN AND MAC-spoofed free wifi hotspots, with Tor being used over that, if you have a reason to be particularly paranoid.

If you are a vendor, using Tor over bitcoin-friendly VPN over free wifi hotspots spread over a reasonably large geographic region is highly advisable.

Using clever ways of shipping outbound packages/parcels is also highly advisable, though I do not know practical ways of doing that.

Physical parcel remailing services are not very common, yet, though this may be a very lucrative business opportunity for anyone willing to startup such an entrepreneurship.

Don't you think, if you are using Tor over a VPN, you are even more suspicious?
Title: Re: vpn and tor
Post by: Aussie bob on July 22, 2013, 04:54 pm
Yes, you need to follow these instructions to be able to boot from the bios menu with windows 8

1. Go to settings in windows 8
2. Go to General tab
3.Go to advanced startup and press restart now
4. Go to Troubleshoot -refresh or reset your pc
5. Go to UEFI firmware settings
6. Your computer will restart into the bios menu where you need to go to the boot menu and change the boot mode from UEFI to legacy bios. This will allow you to choose to boot from a dvd or a usb before it boots into windows. It may then restart and boot back into bios menu

  Tails iso needs to be burnt on to a dvd, not a cd. You also need a special program to properly burn iso's. Search google for iso burner.

7. Set bios boot 1st choice as your dvd drive and then choose save and exit 
8. With your tails dvd in the drive your pc will restart and start running tails instead of windows. Once in tails go to applications, tails usb installer, stick a usb in and select clone & install onto a usb stick.

   Once you've done that, I know it's a real process, you need to get back into the bios menu and select the usb drive as the boot preference so you can run tails from the usb. Also, whenever you want to use windows you'll need to change the boot menu back to UEFI firmware.

   Rinse and repeat  :)
Title: Re: vpn and tor
Post by: afflicted on July 22, 2013, 05:24 pm
I'm on it, hope your not sore over the cricket (or the rugby)  ;)
your time is appreciated.............
Title: Re: vpn and tor
Post by: afflicted on July 22, 2013, 05:52 pm
yay !!!!!! woop woop !!!!! it worked 8)
Title: Re: vpn and tor
Post by: BTC King on July 22, 2013, 06:27 pm
i've used tor for years long before there was sr and never had any problems. i don't know why people are so paranoid that they're prepared to slow down their connection significantly buy using vpn+tor. tor is already slow enough! tor+vpn (the other way round) on the other hand does make sense in some cases such as when withdrawing btc via mtgox. there's tons of places that ban tor so you tor+vpn is needed to access those anonymously but there used to be a page on torproject.org advising people not to use tor+vpn which was complete rubbish i don't know who was it written by but must have been somebody completely clueless
Title: Re: vpn and tor
Post by: AirshipAdmiral on July 22, 2013, 09:00 pm
From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...


Millions use VPN, thousands use tor. Tor arouses suspicion.

VPN usage is very common, and arouses a lot less suspicion than obvious Tor use.

Using Tor regularly is pretty much screaming questionable if not illegal activity.

A common cheaper way of mitigating this risk is using free wifi from fastfood restaurants and internet cafes, because consistent Tor usage is more difficult to track.

If you choose to use free wifi hotspots, please remember to spoof your wireless card's MAC address. Never use the same MAC address twice, or LE can connect the dots and eventually connect the Tor use and your legal identity.

It would be a lot easier to use a bitcoin-accepting VPN AND MAC-spoofed free wifi hotspots, with Tor being used over that, if you have a reason to be particularly paranoid.

If you are a vendor, using Tor over bitcoin-friendly VPN over free wifi hotspots spread over a reasonably large geographic region is highly advisable.

Using clever ways of shipping outbound packages/parcels is also highly advisable, though I do not know practical ways of doing that.

Physical parcel remailing services are not very common, yet, though this may be a very lucrative business opportunity for anyone willing to startup such an entrepreneurship.

Don't you think, if you are using Tor over a VPN, you are even more suspicious?

No.

Millions of people use VPNs, including overseas VPNs, for very mundane reasons, such as banevading and cloning for forums, game servers, etc.

Because so many people use VPNs for mundane boring reasons, a single VPN connection, even if consistent, is not a huge red flag.

However, even the cheapest Sandvine or Oracle DPI server can trivially determine which ISP broadband subscribers are making obvious connections to publically-known Tor relay servers, and many of those relays are operated by the same ISPs, making correlation and timing attacks a lot easier.

Do not be fooled, they DO do this.

A VPN connection, especially when obscured by connecting to random McDonalds, Starbucks, Panera Bread, Friday's and motel wifi networks to connect to the VPN overseas with different MAC addresses, is a lot less suspicious than really blatant and obvious consistent connections to publically-listed and well-know easily-enumerable Tor relay server IPs.

Sure, the NSA analyists cannot easily determine WHERE you are connected to, and WHOM with which you are communicating (though it certainly is still possible if they are willing to spend enough taxpayer money to find you), but it is ridiculously easy to see not only that you are connecting to Tor, but how much you are communicating over Tor, and how long per day and per month you are communicating over Tor.

If it turns out that not only SR is a DEA+FBI+NSA honeypot, but that 51+% of all Tor relay servers are operated and controlled by NSA employees, it means that Tor itself is a giant honeypot.

In which case, we're all pretty much screwed.

Luckily, I doubt there is enough taxpayer money in the world to fund such an LE project.
Title: Re: vpn and tor
Post by: mrmoonman on July 22, 2013, 09:10 pm
So what is this talk about connecting with tor first and then to your VPN ? and Vice versa, meaning connecting through your VPN and then tor? whats the difference here?
Title: Re: vpn and tor
Post by: ko10011 on July 22, 2013, 09:11 pm
Well, i just posted a thread regarding this matter, didnt see one before or else would've posted here instead

http://dkn255hz262ypmii.onion/index.php?topic=188807.0

Title: Re: vpn and tor
Post by: mrmoonman on July 22, 2013, 09:16 pm
I'm very interested in if there is a true difference in security/privacy/anonymity by using Tor than connecting to VPN, compared to the other way, VPN than to tor.


VPN than to tor sounds more legit. But I'm not sure.
Title: Re: vpn and tor
Post by: afflicted on July 22, 2013, 09:30 pm
As far as Im aware tails deals with wiping any traces so you dont need to wipe your pc, I think its related to not having a persistent volume, which is why every time u boot tails you have to put in a new password.
Title: Re: vpn and tor
Post by: BTC King on July 22, 2013, 10:07 pm
I'm very interested in if there is a true difference in security/privacy/anonymity by using Tor than connecting to VPN, compared to the other way, VPN than to tor.


VPN than to tor sounds more legit. But I'm not sure.
when you connect to a site like mtgox or paypal using just tor or vpn+tor they will know you're using tor so they will suspend your account. on the other hand if you use tor+vpn, they won't be able to tell. however it's completely pointless if you're using a vpn like hidemyass. you need a vpn with a dedicated ip that nobody before you has used for dodgy purposes so it's not blacklisted anywhere
Title: Re: vpn and tor
Post by: d0z3r on July 22, 2013, 10:40 pm
i am a little confused. How do you connect to the vpn first using tails? Do you have to use the unsafe browser to connect to vpn and then tor? Also wouldnt that expose your real ip to the vpn which would make paying for the vpn anonomously pointless? I am lost obv
Title: Re: vpn and tor
Post by: BTC King on July 22, 2013, 11:35 pm
of course you would expose your ip to the vpn. of course it's pointless. i'm not sure what you mean by 'the unsafe browser'. you can connect using openvpn via the command line. if your vpn provider doesn't support openvpn well that's a really rubbish vpn in my opinion and i wouldn't use it
Title: Re: vpn and tor
Post by: AirshipAdmiral on July 23, 2013, 12:52 am
Tails iso needs to be burnt on to a dvd, not a cd. You also need a special program to properly burn iso's. Search google for iso burner.

InfraRecorder. You're welcome. <3
Title: Re: vpn and tor
Post by: mbius298074 on July 23, 2013, 07:40 am
From what I understand, if I use tor, my ISP can see that I am using tor. Same goes for VPN, as in they can see I am using a VPN, but not the data or metadata. I feel a bit more secure having the ISP know I am using a VPN rather than tor...


Millions use VPN, thousands use tor. Tor arouses suspicion.

VPN usage is very common, and arouses a lot less suspicion than obvious Tor use.

Using Tor regularly is pretty much screaming questionable if not illegal activity.

A common cheaper way of mitigating this risk is using free wifi from fastfood restaurants and internet cafes, because consistent Tor usage is more difficult to track.

If you choose to use free wifi hotspots, please remember to spoof your wireless card's MAC address. Never use the same MAC address twice, or LE can connect the dots and eventually connect the Tor use and your legal identity.

It would be a lot easier to use a bitcoin-accepting VPN AND MAC-spoofed free wifi hotspots, with Tor being used over that, if you have a reason to be particularly paranoid.

If you are a vendor, using Tor over bitcoin-friendly VPN over free wifi hotspots spread over a reasonably large geographic region is highly advisable.

Using clever ways of shipping outbound packages/parcels is also highly advisable, though I do not know practical ways of doing that.

Physical parcel remailing services are not very common, yet, though this may be a very lucrative business opportunity for anyone willing to startup such an entrepreneurship.

Don't you think, if you are using Tor over a VPN, you are even more suspicious?

No.

Millions of people use VPNs, including overseas VPNs, for very mundane reasons, such as banevading and cloning for forums, game servers, etc.

Because so many people use VPNs for mundane boring reasons, a single VPN connection, even if consistent, is not a huge red flag.

However, even the cheapest Sandvine or Oracle DPI server can trivially determine which ISP broadband subscribers are making obvious connections to publically-known Tor relay servers, and many of those relays are operated by the same ISPs, making correlation and timing attacks a lot easier.

Do not be fooled, they DO do this.

A VPN connection, especially when obscured by connecting to random McDonalds, Starbucks, Panera Bread, Friday's and motel wifi networks to connect to the VPN overseas with different MAC addresses, is a lot less suspicious than really blatant and obvious consistent connections to publically-listed and well-know easily-enumerable Tor relay server IPs.

Sure, the NSA analyists cannot easily determine WHERE you are connected to, and WHOM with which you are communicating (though it certainly is still possible if they are willing to spend enough taxpayer money to find you), but it is ridiculously easy to see not only that you are connecting to Tor, but how much you are communicating over Tor, and how long per day and per month you are communicating over Tor.

If it turns out that not only SR is a DEA+FBI+NSA honeypot, but that 51+% of all Tor relay servers are operated and controlled by NSA employees, it means that Tor itself is a giant honeypot.

In which case, we're all pretty much screwed.

Luckily, I doubt there is enough taxpayer money in the world to fund such an LE project.

It all comes down to whether you trust your VPN over your ISP. Any argument you make for an ISP detecting Tor can also be made for a VPN so you have to assume that the probability of your traffic being monitored by either is the same. For example, PIA is an American company, which means if they are served with an order from a secret US court they must abide by it.

If you are concerned about malicious entry nodes then why don't you run your own bridge and connect to that instead?
Title: Re: vpn and tor
Post by: AirshipAdmiral on July 23, 2013, 07:51 am
So what is this talk about connecting with tor first and then to your VPN ? and Vice versa, meaning connecting through your VPN and then tor? whats the difference here?

To protect yourself against your ISP and potentially your Tor entry guard relays, you use Tor over VPN.

To connect unmodified applications and services over Tor, you'd have a secret VPN between friends and family, a VPN over Tor.

Those are two entirely different things.
Title: Re: vpn and tor
Post by: mrmoonman on July 23, 2013, 09:43 pm
So I am connected to a VPN, and then connect to Tor. So am I decent in that aspect?
Title: Re: vpn and tor
Post by: kahn on July 23, 2013, 10:37 pm
Free VPN search clearnet "Softether project". If you use and want help w/s/u, PM and I'll do what I can.
Title: Re: vpn and tor
Post by: mbius298074 on July 24, 2013, 12:35 pm
So I am connected to a VPN, and then connect to Tor. So am I decent in that aspect?

no
Title: Re: vpn and tor
Post by: esoteric69 on July 24, 2013, 01:23 pm
Don't bridges help mask that you are using Tor?
Title: Re: vpn and tor
Post by: mrmoonman on July 24, 2013, 09:13 pm
So I am connected to a VPN, and then connect to Tor. So am I decent in that aspect?

no

why am I not? My VPN records no logs, no nothing.