I've seen information that certain Java, Flash and Javascript applications can bypass a proxy in order to get your true IP. But it's not clear to me how effective those things are in different situations.

How secure are VPN and encrypted SSH Tunnels against these kinds of applications?

This is going to sound like a cop-out and one that I rarely use, but really, do a search of the archives or just browse this sub-forum and you will see countless threads discussing this very topic with lots of good answers/explanations. Good luck!

Flash / Java / JS / ActiveX / Plugins can bypass the connection/proxy settings of native SSH tunnels and proxies. VPN is the way to go, it automatically reroutes all your traffic. One problem with PPTP VPN protocol is leakage, avoid PPTP at all costs, unless you just need encryption (which PPTP does not have, requires MSCHAP for encryption I think) and not much anonymity. L2TP + IPSec or OpenVPN is the way to go for solid encryption and anonymity.

Thanks for your suggestions. I did search a bit but not too much, so I'll try some more.

I just use VPN for anonymity and changing my IP geolocation, although the solution I use provides 128bit encryption with PPTP VPN. When I want encryption I use SSH, because I know what I'm getting. But I'm always looking for better solutions :-)

Beware of PPTP. If you are using PPTP, then it isn't very anonymous, no matter what your provider claims.

-{ Quote: "I've seen information that certain Java, Flash and Javascript applications can bypass a proxy in order to get your true IP. But it's not clear to me how effective those things are in different situations.

How secure are VPN and encrypted SSH Tunnels against these kinds of applications?" }-

Bad browser plugins can also cause this problem. I've seen it at least 30 times, and it's not even due to an exploit. The plugin simply doesn't want to go through your proxy and will try to connect out directly.

A good outbound firewall will probably block all of it. Only allow your browser/application to access the internet through the proxy. And otherwise, use a default deny policy with the firewall. This makes any protocol you use much safer.

I have a quick question about VPNs. My understanding is that they route all traffic from your computer. With the ones I've tried, you simply start them up and all traffic is automatically routed. When you close them, traffic then goes through normally without the VPN.

This doesn't seem very secure to me because if the program were to close for some reason without your knowledge, all traffic would automatically go normally through your ISP. I remember JAP used to have this problem. Once you turned off the proxy service, there would be no indication that it was off. They've since corrected that problem.

I have very little experience with VPNs. I've always used application-level proxies, such as Tor. So, what do the good VPNs do differently?

Applications do not change your routing, they simply have an escape hatch port that traffic can travel out of to be transported to another network (such as Tor). VPNs change your routing tables, and push all your traffic through the new routes, essentially making your machine part of another network entirely.

JAP still has this "problem". We spoke with the JonDoNym folks about this and will likely be making our VM browser available for their network, allowing them to perform full VPN to the JAP network, just as we have done with the Tor network.

-{ Quote: "VPNs change your routing tables, and push all your traffic through the new routes, essentially making your machine part of another network entirely." }-
I understand this. But how can you be certain that if something shuts off the program that your traffic is not compromised?

Let me give you an example. Let's say the VPN I'm using is VPN-X. I turn on the program and all my traffic is now protected. I turn off the program and all my traffic goes through my ISP unencrypted/unproxied. Now let's say this program turns off due to some error, and I have no idea it's off. That's a problem, but that's how all of these cheap VPNs I've tried work. I need to know that if the program is shut off due to some error (and without my knowledge) that all my traffic won't go through my ISP unencrypted.

Depends on how the routing is being managed. It sounds like you want "dead to the world" routing, which is all-or-nothing. The most solid way to implement this is through external hardware such as the XeroBank CryptoRouter XJR, which is a hardware minirouter. All traffic leaving your machine is routed though our network using this hardware, so it makes you leakproof. Another method is making it where the VPN is the only route your system knows, and can be done in mac linux or windows.

Windows directions for leak-proofing your VPN (https://xerobank.com/support/articles/how-to-prevent-vpn-dns-leaks/)

Linux direction for leak-proofing your VPN (https://xerobank.com/support/articles/how-to-harden-openvpn-in-12-easy-steps/)

-{ Quote: "

Windows directions for leak-proofing your VPN (https://xerobank.com/support/articles/how-to-prevent-vpn-dns-leaks/)
" }-


:thumb:

The VPN I use, vpnuk.info, has an application that automatically configures the vpn for you and installs a connection assistant utility that you click on to launch the VPN, you can also configure it to startup when you turn on the computer. When you connect to the VPN using this utility, if the connection drops you will have no more internet connection. Of course this is ideal because having a VPN that isn't connected when you think it is can be worse than having no vpn at all. That utility is used to launch and choose between PPTP or L2TP VPN connections via a simple popup menu. I haven't done the Open VPN setup yet, so I'm not sure how it works with Open VPN.

When I use SSH, I set up firefox to use that only (you also need to set up remote dns lookups) then if the SSH Tunnel gets dropped, or you launch firefox and forget to open the tunnel first, you can't go on the net.

I used to use JAP when it did this dropped connection without notifying thing, so I switched to TOR. But I quit using TOR a long time ago because it's usually slow and I've heard too much about hackers, governments, etc setting up servers to watch what's going through their servers. Also JAP is supposed to have a backdoor.

I still use TOR when I need an IP from country X, then I setup the config file to just use servers from that country. That's very useful.

-{ Quote: ":thumb:
14" CRT monitor (1024x768 )
" }-
Is this a security feature?

-{ Quote: "But I quit using TOR a long time ago because it's usually slow and I've heard too much about hackers, governments, etc setting up servers to watch what's going through their servers. " }-

Tor is a cesspool. That's why it's so great for anonymity. Even if someone had a malicious exit node, it does them no good unless:

1) You're sending personally identifying information.

OR

2) They also control the first node.

Assuming you don't do 1), who really cares about 2) ? Tor is more than good enough, even for the paranoid. It would be a huge undertaking to de-anonymize someone on it. And even then, it only gives them an IP, which isn't proof of who originated the traffic, just where.

Just don't check your e-mail on it, unless it's an anonymous account.

Yeah, Tor= Good for anonymity, bad for just about everything else.

-{ Quote: "Is this a security feature?" }-

Just as much as my power supply and USB ports are. If you take a look around here, you'll see a lot of people listing their computer specs in their signature line.

If others can list their 128 core hyper-extreme platinum 10GHz processors, then I should be able to list my Pentium 3 (extreme edition) and CRT monitor.

This needs to be corrected. Tor is a cesspool, it is not safe. Exit nodes can bypass your tor circuit through injecting malicious code and cause your machine to leak your real IP address or drop your tor connection or reroute all your traffic into a new network where they are the entry/middle/exit, effectively bypassing your anonymity and encryption. This is an unpopular truth. These symptoms are indicative of two problems: 1) tor applications use tunnel technology instead of vpn technology (xB Browser VM solved this problem) and 2) problem with the design of complete p2p anonymity: if anyone can participate, then they can *always* game the network (this is the fatal flaw of tor).

-{ Quote: "Exit nodes can bypass your tor circuit through injecting malicious code and cause your machine to leak your real IP address
" }-

First of all, perhaps it could be done on some unsecured machines, but not if you take precautions. The same things you learn on this site about preventing browser exploits will also prevent this from happening.

Second, if an exit node can do this, couldn't the website being visited also do this? I used your de-anonymizer with Tor, and it wasn't even close to unmasking my real IP. I have layered security. Even when I stripped the layers one by one, de-anonymizer didn't do squat. By all means, inject as much code as you want. But if you can't do it on your site, you won't convince me that someone else can do it.


-{ Quote: "reroute all your traffic into a new network where they are the entry/middle/exit, effectively bypassing your anonymity and encryption. " }-

The exit node, by definition, does not know who is originating the traffic. The only way this could be done is by some fatal flaw in Tor or by the user running an unsecured machine, where malicious code could be used. Since the latter isn't going to affect me, you must be talking about the former.

If you mean a fatal flaw in Tor, then prove it.

If you're talking about malicious code, why don't you use some of that code on de-anonymizer? Or better yet, why don't you acquire an exit node and prove it in that way? Either way, if you can't prove it on my machine, I'm not taking your word for it.

It was proven at defcon, 2007. Tens of thousands of machines were compromised in a 24 hour period and put onto a private network with compromised directory nodes and all. This was done using a single malicious exit node via the control port exploit that was used to prove the concept. All it takes is one hole and an evil exit node and the network gets compromised.

-{ Quote: "It was proven at defcon, 2007. Tens of thousands of machines were compromised in a 24 hour period and put onto a private network with compromised directory nodes and all. This was done using a single malicious exit node via the control port exploit that was used to prove the concept. All it takes is one hole and an evil exit node and the network gets compromised." }-

Kudos to Kyle for that. But it was corrected, and we can't live in the past. We can't condemn Tor for a flaw from 2 years ago or for some people running it in a way that makes them vulnerable to malicious code. You won't help the latter no matter what you tell them. They need to learn the hard way. I do agree with you that Tor is a cesspool, but that's as far as I'll go.

If you can compromise Tor again, I'll definitely be on your side though.

I look forward to trying out your new browser.

That was just one flaw. It affected not just a few tor clients, it affect ALL of them ever produced up to that point. You want to see another magic trick and then you'll believe? 8)

-{ Quote: "You want to see another magic trick and then you'll believe? 8)" }-

Two large systemic flaws would mean there might be some systemic problems with the development of Tor. One major flaw can happen to anyone.

Unlike you, I don't believe that every non-VPN system is necessarily flawed. A VPN is clearly easier for the average user, but Tor can be configured properly if the user bothers to learn how. So, I don't think you can compromise my system absent any systemic flaws in Tor itself. Prove me wrong.

Interestingly, you're also releasing browsers that will make Tor safer as well. You're making the job harder for yourself. ;)

I think I know just the thing. :shifty:

-{ Quote: "The VPN I use, vpnuk.info" }-

I just took a look at this. It looked good for a while because they stated unlimited bandwidth. But if you look at the FAQ, you only get 3Mbps (with unlimited usage) and no P2P allowed. I have to wonder if the P2P policy is due to illegal file sharing or because of the huge bandwidth requirements.

What kind of speeds do you get? Have you tried P2P? How about usenet?

Thanks

-{ Quote: "I just took a look at this. It looked good for a while because they stated unlimited bandwidth. But if you look at the FAQ, you only get 3Mbps (with unlimited usage) and no P2P allowed. I have to wonder if the P2P policy is due to illegal file sharing or because of the huge bandwidth requirements.

What kind of speeds do you get? Have you tried P2P? How about usenet?

Thanks" }-

Heh.

I guess they have to write that so they can cut you off if your usage is excessive or if somebody subpoenas them to get private information. Then they can say you misused the service. I use P2P and I get up to 120kbs or more download speeds on utorrent on my 4Mbit DSL line. In other words, the download with or without the vPN is vitually identical. When I'm travelling and I use the VPN via my mobile connection the VPN actually INCREASES my bandwidth for web access. I went to a speed check website to verify it and it is almost double with the VPN vs without. Maybe because my mobile provider throttles back bandwidth on certain protocols? I don't know.

re: Usenet. I never use it

For $12 or so, you just try it, if it doesn't work you move on.

-{ Quote: "

For $12 or so, you just try it, if it doesn't work you move on." }-

$12, are you kidding? Who has that kind of money? ::)

But seriously, I like to pay anonymously, and I haven't found an easy way to do that yet.

What country is your server located in?

I've found that some internet services will offer creative payment arrangements if you call them and tell them you don't have a credit card.

But if you are looking for absolute anonymity, maybe you can't get it cheap. If i wanted that I would get a private server on a rack in an offshore country, maybe even russia, install open ssh server on it and go from there. OK plus you find a provider that takes e-Gold -- don't expect 100% uptime with it. I think a basic tenet of security is that the more people there are in the system, the weaker it is. So what makes this good, is that with your own server, there is you, you, and the guy who makes sure the power doesn't get shut off.

I think a lot of stuff here is putting the cart before the horse. Steve gives these elaborate schemes to detect somebody's true location and while they may work, who has these resources? And across national borders what will it take to pull them all together, unless you are the NSA? And are they going to stop chasing terrorists and watching rogue nations even to catch a billionaire with hidden offshore accounts? I doubt it. If nobody can tell where you are located and you haven't been done any crime it would be quite difficult to get a court order that allows the data to be subpoenad.

Maybe I am missing something?

-{ Quote: "But if you are looking for absolute anonymity, maybe you can't get it cheap. If i wanted that I would get a private server on a rack in an offshore country, maybe even russia, install open ssh server on it and go from there. " }-

Warning: Severe Misunderstanding of Anonymity ^^^

1. Owning a server somewhere does not make you anonymous.
2. Being the only one using that server makes you the exact opposite of anonymous.
3. Putting any servers in russia without multiplexing is a very bad idea as russia does massive surveillance of all traffic.
4. There is no such thing as absolute anonymity.
5. There is no one-man anonymity system. (https://xerobank.com/support/articles/top-10-anonymity-myths/Myth-7-you-can-get-anonymity-by-running-your-own-proxy-server/)

-{ Quote: "who has these resources? And across national borders what will it take to pull them all together, unless you are the NSA? And are they going to stop chasing terrorists and watching rogue nations even to catch a billionaire with hidden offshore accounts? I doubt it. If nobody can tell where you are located and you haven't been done any crime it would be quite difficult to get a court order that allows the data to be subpoenad.

Maybe I am missing something?" }-

You are definitely missing a lot. :| You are suffering from the "They can't watch everyone all the time" fallacy. They can, they do, they are. It is this sort of mentality that makes hidden and ubiquitous surveillance so dangerous. Because you can't see it or the effects of it, you don't consider it. But surveillance systems are like radio waves, they are all around you, affecting everything around you in ways you can't see. Thousands of organizations, public and private have access to shared information about you.

They don't have to actively trace you. They are logging all the traffic on the internet. You are not anonymous. They simply decide that at some point in the future they want to track your past, then they go through their datamine and find all your traffic for the past decade and start analyzing it. Read this paper (https://xerobank.com/docs/blackhat17.pdf), it will enlighten you as to the reality of internet surveillance today.

-{ Quote: "I've found that some internet services will offer creative payment arrangements if you call them and tell them you don't have a credit card.
" }-

I'm not looking to be that creative. Just a prepaid card is fine. The problem is that they use Paypal, Moneybookers, and Google Checkout. They have lengthy registration and verification processes. I don't know if any/all accept prepaid cards and, if so, which ones.


-{ Quote: "
1. Owning a server somewhere does not make you anonymous.
2. Being the only one using that server makes you the exact opposite of anonymous.
3. Putting any servers in russia without multiplexing is a very bad idea as russia does massive surveillance of all traffic.
4. There is no such thing as absolute anonymity.
5. There is no one-man anonymity system.
" }-

:thumb:

I don't know how many times I've heard stuff like that. At first I thought these people must really know something I don't.

-{ Quote: "Warning: Severe Misunderstanding of Anonymity ^^^

1. Owning a server somewhere does not make you anonymous.
2. Being the only one using that server makes you the exact opposite of anonymous.
3. Putting any servers in russia without multiplexing is a very bad idea as russia does massive surveillance of all traffic.
4. There is no such thing as absolute anonymity.
5. There is no one-man anonymity system. (https://xerobank.com/support/articles/top-10-anonymity-myths/Myth-7-you-can-get-anonymity-by-running-your-own-proxy-server/)



You are definitely missing a lot. :| You are suffering from the "They can't watch everyone all the time" fallacy. They can, they do, they are. It is this sort of mentality that makes hidden and ubiquitous surveillance so dangerous. Because you can't see it or the effects of it, you don't consider it. But surveillance systems are like radio waves, they are all around you, affecting everything around you in ways you can't see. Thousands of organizations, public and private have access to shared information about you.

They don't have to actively trace you. They are logging all the traffic on the internet. You are not anonymous. They simply decide that at some point in the future they want to track your past, then they go through their datamine and find all your traffic for the past decade and start analyzing it. Read this paper (https://xerobank.com/docs/blackhat17.pdf), it will enlighten you as to the reality of internet surveillance today." }-

Re: Russia, the point there is that last time I looked certain things that are illegal in the West are not there. Additionally other nations would have a very difficult time getting any kind of legal agreement to actually access what ever data they have. I would be more concerned with the data being obtained via bribes. Otherwise points taken and reading added to the list. But you still don't answer how they will get legal access to these massive amounts of data. Or at least get it in such a way that it will be admissible in court. I guess that is not always what you're trying to protect against. But there is a large difference between theory and its applications and while you give lots of the theory, I'm never sure what applications would need such heavy duty security and given that "there is no such thing as absolute anonymity" how much do we gain and who might profit by going the extra mile that XeroBank might represent?

Stated in another way, what are for you, the objectives of a privacy and anonymity strategy and (secondly as a separate question) how does XeroBank fit into it?

-{ Quote: "They don't have to actively trace you. They are logging all the traffic on the internet. You are not anonymous. They simply decide that at some point in the future they want to track your past, then they go through their datamine and find all your traffic for the past decade and start analyzing it. Read this paper (https://xerobank.com/docs/blackhat17.pdf), it will enlighten you as to the reality of internet surveillance today." }-

I've thought about this with respect to data retention laws. If the data retention law would be written in such a way that you must hold data for X years and after that it must be deleted, then the data retention law would not be all bad because there would be a limit to how long they have access to such data.

If there is anything the government does well, it's surveillance. Steve is right about all traffic being monitored. Where does it all end up? Try this recent excerpt from a book review by James Bamford (he's an NSA expert in his own right but he's reviewing a new book by Matthew Aid). I urge you to take a couple of minutes and read the following first three paragraphs. Eye-opening. A link to the complete and very long review is at the end of the following excerpt.

-{ Quote: "On a remote edge of Utah's dry and arid high desert, where temperatures often zoom past 100 degrees, hard-hatted construction workers with top-secret clearances are preparing to build what may become America's equivalent of Jorge Luis Borges's "Library of Babel," a place where the collection of information is both infinite and at the same time monstrous, where the entire world's knowledge is stored, but not a single word is understood. At a million square feet, the mammoth $2 billion structure will be one-third larger than the US Capitol and will use the same amount of energy as every house in Salt Lake City combined.

Unlike Borges's "labyrinth of letters," this library expects few visitors. It's being built by the ultra-secret National Security Agency—which is primarily responsible for "signals intelligence," the collection and analysis of various forms of communication—to house trillions of phone calls, e-mail messages, and data trails: Web searches, parking receipts, bookstore visits, and other digital "pocket litter." Lacking adequate space and power at its city-sized Fort Meade, Maryland, headquarters, the NSA is also completing work on another data archive, this one in San Antonio, Texas, which will be nearly the size of the Alamodome.

Just how much information will be stored in these windowless cybertemples? A clue comes from a recent report prepared by the MITRE Corporation, a Pentagon think tank. "As the sensors associated with the various surveillance missions improve," says the report, referring to a variety of technical collection methods, "the data volumes are increasing with a projection that sensor data volume could potentially increase to the level of Yottabytes (1024 Bytes) by 2015."[1] Roughly equal to about a septillion (1,000,000,000,000,000,000,000,000) pages of text, numbers beyond Yottabytes haven't yet been named. Once vacuumed up and stored in these near-infinite "libraries," the data are then analyzed by powerful infoweapons, supercomputers running complex algorithmic programs, to determine who among us may be—or may one day become—a terrorist. In the NSA's world of automated surveillance on steroids, every bit has a history and every keystroke tells a story." }-
The very long review can be found at the NY Review of Books: http://www.nybooks.com/articles/23231

No server in Russia escapes the above.

-{ Quote: "I'm never sure what applications would need such heavy duty security and given that "there is no such thing as absolute anonymity" how much do we gain and who might profit by going the extra mile that XeroBank might represent?" }-

Great questions. Those are the right ones. First off, anonymity has no technical metric for measurement, but if we wanted to speak in practicality, anonymity is about information warfare and your liberty. We are fast approaching an age where people are arrested without committing a crime, or under the pretense that they may commit a crime in the future. The US president Obama even proposed legislation to indefinitely imprison people who are merely *suspected* that they might commit a crime at some future date. The world is changing, and not for the better. There is a large scale war against liberty and freedom, and it is being waged on all borders and the world tries to shut down the power of individuals to control their fate and governments. The war for information control today is about preserving your liberty tomorrow. What is it worth to your boss to know about your private medical conditions? How will it affect your ability to get a job if you are a homosexual? What happens when the incumbent party knows your political affiliation and plays games with that information? What about marketing firms who are buying and selling the SMS messages and email of your children? When all information about people is known, they can be predicted, and thus controlled, and control is also the same as money.

I'll give an example of why state surveillance is bad. In Greece, they had a secret system that could tap any phone call. Some hackers broke in and planted a bug that allows them to spy on the heads of state, their families, major industrialists, etc. The system was used to blackmail, bribe, bully, and extort companies and government officials. The hackers were never caught or discovered. So the next objection is "well what if we can make it where only the right people have access"... there is no right person, as power corrupts, just ask ex president Nixon. Nobody should have this power, because it threatens the freedom and liberty of all people and puts undue power and control into the hands of the corrupt, and infact weakens our security as individuals. We truly are not far off from 1984, only big brother is a lot better at hiding that fact.

So regarding what you get from XeroBank: XB can make you anonymous enough to defeat data retention, data logging, spying and snooping of all sorts by all parties. Just about the only thing we can't defeat is if the NSA is coming after you right now. We protect your information not only today, but also your freedom from control by others tomorrow.

-{ Quote: "
Stated in another way, what are for you, the objectives of a prrivacy and anonymity strategy and (secondly as a separate question) how does XeroBank fit into it?" }-

Our objective, as stated on our website (https://xerobank.com/company/) is "to protect and foster the development of liberty and free-trade markets by empowering our clients to control how their information is exposed and used." Therefore the level of anonymity we provide absolutely must be sufficiently powerful to defeat threats to liberty and free markets.

-{ Quote: "I've thought about this with respect to data retention laws. If the data retention law would be written in such a way that you must hold data for X years and after that it must be deleted, then the data retention law would not be all bad because there would be a limit to how long they have access to such data." }-

1. The data will not be destroyed, It is infinitely valuable. After it is offloaded from primary storage it will go to secondary storage.
2. Doing evil for a stated short amount of time does not make it good.
3. There is no security for individuals through doing data retention. If you remove people's privacy, you lose security. Terrorist networks already use sophisticated anonymity and compromised botnets with encryption. They will not be snared by such ham-fisted attempts, only the innocent will. It is a control mechanism like the idea of gun control. If guns are outlawed, then only outlaws will have guns. Let everyone exercise privacy and anonymity, otherwise you are disarming us, and we must be forced to ask who profits from this. Don't give up your rights.

-{ Quote: "Great questions. Those are the right ones. First off, anonymity has no technical metric for measurement, but if we wanted to speak in practicality, anonymity is about information warfare and your liberty. We are fast approaching an age where people are arrested without committing a crime, or under the pretense that they may commit a crime in the future. The US president Obama even proposed legislation to indefinitely imprison people who are merely *suspected* that they might commit a crime at some future date. The world is changing, and not for the better. There is a large scale war against liberty and freedom, and it is being waged on all borders and the world tries to shut down the power of individuals to control their fate and governments. The war for information control today is about preserving your liberty tomorrow. What is it worth to your boss to know about your private medical conditions? How will it affect your ability to get a job if you are a homosexual? What happens when the incumbent party knows your political affiliation and plays games with that information? What about marketing firms who are buying and selling the SMS messages and email of your children? When all information about people is known, they can be predicted, and thus controlled, and control is also the same as money.

I'll give an example of why state surveillance is bad. In Greece, they had a secret system that could tap any phone call. Some hackers broke in and planted a bug that allows them to spy on the heads of state, their families, major industrialists, etc. The system was used to blackmail, bribe, bully, and extort companies and government officials. The hackers were never caught or discovered. So the next objection is "well what if we can make it where only the right people have access"... there is no right person, as power corrupts, just ask ex president Nixon. Nobody should have this power, because it threatens the freedom and liberty of all people and puts undue power and control into the hands of the corrupt, and infact weakens our security as individuals. We truly are not far off from 1984, only big brother is a lot better at hiding that fact.

So regarding what you get from XeroBank: XB can make you anonymous enough to defeat data retention, data logging, spying and snooping of all sorts by all parties. Just about the only thing we can't defeat is if the NSA is coming after you right now. We protect your information not only today, but also your freedom from control by others tomorrow.



Our objective, as stated on our website (https://xerobank.com/company/) is "to protect and foster the development of liberty and free-trade markets by empowering our clients to control how their information is exposed and used." Therefore the level of anonymity we provide absolutely must be sufficiently powerful to defeat threats to liberty and free markets." }-

Well thanks, I agree with what you're saying about privacy, and I know that it is important to protect your privacy, but what you wrote above really doesn't answer my question. With respect to data surveillance, another country besides Russia who does massive data surveillance (perhaps the most) is the USA, but nobody is suggesting we don't use servers in the USA for that reason. The differences between the two are their laws and what applies to you. So I am interested in solutions for today within the legal context faced by individuals, corporations and nations. If you are trying to protect against threats that could be found in any possible world that might come about, and subversive actions by rogue nations who will use any means to obtain data then that is something entirely different.

Given that
- with a properly configured VPN or SSH tunnel I can prevent an isp from seeing what websites i visit.
- if I use 256bit data encryption I can probably prevent a government/hacker/rogue entity from sniffing my communications and reading the contents of my electronic communications (as it travels from my computer to my VPN or SSH server)
- when my VPN server is located in a different country (chosen with the objective of making it effectively impossible for my local ISP or government to get any information from them without already having evidence of a crime), this VPN server data will not be available to anybody in my country.

If an ISP or government decided to analyze all its data and come after somebody for P2P downloading or having secret offshore bank accounts that allow him to avoid paying taxes in his home country (two randomly selected, easily understandable examples) or if any possible party decided to data mine a source of retained data they somehow obtained, then assuming we are not talking about the NSA, questions that would lead to "my privacy objectives" are:

- how possible would it be for them to piece together my identity (name,address, etc) and evidence of my activities without assistance from a second government or ISP
- what is the threat posed by a network of international hackers trying to obtain the same information
- If I am already using a VPN and encryption what would further decrease the probability of them successfully doing this


When I ask these questions I look at the answers in the context of the current legal framework that effects online activities, including the facts that:
- If I do something (e.g. P2P downloads or have a "secret" bank account) in a country where it is not illegal (including normally "illegal activities" such as P2P or "secret" bank accounts in places like Russia, or Switz before 2009 -- let's call them "open-law" countries) then no third party government can obtain data related to those activities through legal channels without high level government negotiations and perhaps laws being rewritten - as we recently saw with Switzerland and "secret banking".
- If when I do one of these things I am subject to the laws of a country where it is illegal (via physical presence or the laws of the country being written is such a way that they apply to its citizens when they are abroad) then if that country can prove I did it (with information that it obtained without the assistance of the open-law country) then they could potentially gain the assistance of the open-law country to access data stored/gathered/intercepted there.

Does that help clarify my question?

-{ Quote: "1. The data will not be destroyed, It is infinitely valuable. After it is offloaded from primary storage it will go to secondary storage.
2. Doing evil for a stated short amount of time does not make it good.
3. There is no security for individuals through doing data retention. If you remove people's privacy, you lose security. Terrorist networks already use sophisticated anonymity and compromised botnets with encryption. They will not be snared by such ham-fisted attempts, only the innocent will. It is a control mechanism like the idea of gun control. If guns are outlawed, then only outlaws will have guns. Let everyone exercise privacy and anonymity, otherwise you are disarming us, and we must be forced to ask who profits from this. Don't give up your rights." }-

I like point number 2...

When I was doing research on the data retention laws in the EU it seems to me that I came across the fact that in some countries the law said that the data must be retained for X months/years and after that it must be destroyed. Which would mean that the data would not be admissable in court after the data retention period. I'd have to check that, but if it's true then in some cases that would make the data retention law countries prefereable to those without such laws who gather massive amounts of data.
Point 3 is also good, especially in the context of international internet IDs as was suggested by Kaspersky.

-{ Quote: "Flash / Java / JS / ActiveX / Plugins can bypass the connection/proxy settings of native SSH tunnels and proxies. VPN is the way to go, it automatically reroutes all your traffic. " }-


Flash / Java / JS / ActiveX / Plugins CANNOT bypass the connection/proxy settings of native SSH tunnels if you use a third party firewall to control outbound connections, there is also the option of using something like proxomitron which rewrites http headers to prevent java and JS etc from revealing your true IP address.

by the way I have a Question. what encryption does VPN use compared to SSH?

-{ Quote: "
- how possible would it be for them to piece together my identity (name,address, etc) and evidence of my activities without assistance from a second government or ISP
" }-
Since before the 1950s governments have had open cooperation on intelligence gathering. It is not something they have to start to do, it is already done and available. They are already cooperating with fully searchable and automatic systems of surveillance. In the late 70s and 80s there was (is) a secret program called Echelon. Echelon was the implementation of a secret intelligence sharing agreement among NATO countries. While the US could not legally spy on US citizens, the UK could, and vice versa. So the UK was allowed to spy on US citizens and then provide that information back to the US, circumventing privacy rights and empowering each other with domestic surveillance ability. Echelon only applied to copper cable and microwave and satellite transmissions. Fiber Optic uses a different series of programs, such as the NSA program, but is already implemented and cooperative among the NATO allies and some other groups. The point being, the governments are already working together, and it is no stretch of feat or difficulty. The stuff that happens in another country is just as accessible as the stuff that happens in a gov's own backyard.

-{ Quote: "
- what is the threat posed by a network of international hackers trying to obtain the same information" }-

They can steal your whole route, bypassing your encryption because they can see the traffic leaving the vpn connection unencrypted as well. We caught a hacker trying to do this to one of our guys during DefCon on one of our verizon fiber lines. He got busted because he was stealing the whole route instead of copying it, and doing a poor job.

-{ Quote: "
- If I am already using a VPN and encryption what would further decrease the probability of them successfully doing this
" }-

Negative. It actually increases the chance of them doing this because the passive surveillance systems consider encrypted traffic to be very interesting,r and will monitor vpn nodes more closely. These people are very smart, and as I said before, ham-fisted attempts to circumvent surveillance do not succeed in anything but putting you and your traffic under further surveillance interest.

-{ Quote: "
When I ask these questions I look at the answers in the context of the current legal framework that effects online activities, including the facts that:
- If I do something (e.g. P2P downloads or have a "secret" bank account) in a country where it is not illegal (including normally "illegal activities" such as P2P or "secret" bank accounts in places like Russia, or Switz before 2009 -- let's call them "open-law" countries) then no third party government can obtain data related to those activities through legal channels without high level government negotiations and perhaps laws being rewritten - as we recently saw with Switzerland and "secret banking"." }-

Surveillance systems are a necessary evil, and will not be regulated by public laws and rules. They are required for a country to stay up to the gaming level of its competitors, and rather foolish not to. No laws will prevent domestic spying, as it is said, the master's tools will not unmake the master's house. The only question is how much the public is allowed to be shown, and how much the private corporations will be allowed to discuss. Take the whole AT&T spying thing and financial spying on the SWIFT network. Those were illegal and were not announced to the public. Only when there were whistleblowers did those programs get admitted. Secret spy programs are secret. :)

-{ Quote: "
- If when I do one of these things I am subject to the laws of a country where it is illegal (via physical presence or the laws of the country being written is such a way that they apply to its citizens when they are abroad) then if that country can prove I did it (with information that it obtained without the assistance of the open-law country) then they could potentially gain the assistance of the open-law country to access data stored/gathered/intercepted there." }-

The domestic police agencies follow those rules, federal police such as the german BKA and others do not. They openly have spy programs and assist each other without warrants. You don't even have to have committed the alleged crime in germany, if any of the traffic crossed a network that germany has access to, the germans will provide it to their allies.

Thinking of source and destinations isn't applicable if you aren't multiplexing and encrypting across multiple nodes, because anyone sitting along the transit lines of the unencrypted traffic has it available for access and correlation. Think of it like "wire fraud" where the Interstate Commerce Commission steps in. Even though you are in texas and victim of the wire fraud crime was actually in california, the connection passed through nevada on the way to california, and therefore another crime was committed etc. Sovereign entities can and do ensnare transit traffic, and would be foolish not to. The idea that what goes on in one country is not available to another is a false presumption that disappeared with the digital age. The internet is a very small place, with 90% of all internet traffic going through the USA, even though it may be destined for another country.

-{ Quote: "by the way I have a Question. what encryption does VPN use compared to SSH?" }-

SSH uses SSL/TLS. OpenVPN uses TLS. PPTP does not natively have encryption and requires additional protocols. L2TP may or may not have IPSec, which uses TLS and a variety of others.

-{ Quote: "by the way I have a Question. what encryption does VPN use compared to SSH?" }-

Additionally, if you create an SSH tunnel with Open SSH server, you get whatever encryption the client requests. So with the Putty client you can choose between AES, Blowfish, 3DES, DES and Arcfour.

-{ Quote: "The point being, the governments are already working together, and it is no stretch of feat or difficulty. The stuff that happens in another country is just as accessible as the stuff that happens in a gov's own backyard. " }-
Yes in areas of national defense and covert activities. Maybe some other joint projects which in most cases won't concern the average law abiding individual. But even allied governments don't trust each other nearly as much as your above statement might lead one to think. In areas such as terrorism there is a great deal of cooperation, but consider this straw man. Looking back even to 2001 we now know for a fact that even US domestic agencies did not share a great deal of information.

-{ Quote: "The domestic police agencies follow those rules, federal police such as the german BKA and others do not. They openly have spy programs and assist each other without warrants. You don't even have to have committed the alleged crime in germany, if any of the traffic crossed a network that germany has access to, the germans will provide it to their allies." }-

Actually the domestic agencies federal or local often don't always follow the rules. In the area of internet we are most often talking about federal/government agencies. Provided they can't get uniquely identifying information via legal means they will sometimes use any means at their disposal to collect information, including botnets and many other hacker techniques. While this information can't be used in court, it can be used to direct their areas of inquiry and refine their searching techniques. They may recognize certain boundaries, such as hacking passwords and breaking into email account and servers, and they may not. Regarding warrantless information exchange. That may exist in areas of national security, but in order for German authorities to legally give information to another government, whatever that somebody did would have to be a crime in Germany. Even in that case, these things are not so easy at all and added to that is the fact that most governments follow the principal that they will prosecute their own citizens for crimes. This statement above is highly misleading.

Do I think governments, law enforcement, covert agencies always follow the law? No way! I can see what's going on. But neither do they openly broadcast this fact or want it in the news. That greatly limits their areas of interest and what they can actually do with any info they've obtained.

-{ Quote: "The idea that what goes on in one country is not available to another is a false presumption that disappeared with the digital age. The internet is a very small place, with 90% of all internet traffic going through the USA, even though it may be destined for another country." }-
Well that's not the idea at all, we are talking about different things, that's all. And if you know beyond any doubt that countries share information on things like P2P downloading, or private bank accounts you have a level of access to information that very few private individuals have. Once again this can be seen from recent news on private Swiss banking and the Lichtenstein banking episode of the previous year. With billions of dollars at stake, the US government had to go into massive, high profile multi month negotiations to get part of what they wanted. If what you say were true, none of this would have been necessary. Individuals could have been identified by their data stream, specific revenue sources or money withdrawals patterns could be identified. The government could "stumble" upon those data points ( see my comment above about this covert information, that is not admissable in court being used to direct areas of inquiry) and start make their case against the tax evaders. At which point the Swiss would have had to hand over information based on their existing law.

While you still haven't outlined your objectives for me, from what you haven't said I can more or less gather what your system is aiming at.

There are different intelligence agencies with many varying and sometimes counter objectives, most you may never have heard of, such as the DIA, where some real power resides. They don't care about financial this or that, but the swiss issue is a dog and pony show at a low federal level anyway. The people busted were those foolish individuals who opened accounts in their own name. This is a diversionary tactic for the real reason the SWIFT system was co-opted. Those people who got "caught" didn't have billions, they had perhaps millions. The ones with billions used barristers and corporations behind corporations, and did not get caught or busted because the corporations name was on the book, not theirs. Nothing happens just for one reason, concerning international affairs.

-{ Quote: "Heh.

I guess they have to write that so they can cut you off if your usage is excessive or if somebody subpoenas them to get private information. Then they can say you misused the service. I use P2P and I get up to 120kbs or more download speeds on utorrent on my 4Mbit DSL line. In other words, the download with or without the vPN is vitually identical. When I'm travelling and I use the VPN via my mobile connection the VPN actually INCREASES my bandwidth for web access. I went to a speed check website to verify it and it is almost double with the VPN vs without. Maybe because my mobile provider throttles back bandwidth on certain protocols? I don't know.

re: Usenet. I never use it

For $12 or so, you just try it, if it doesn't work you move on." }-
Within a few days after this post, P2P data rates are virtually zero! Just goes to show that there is a lot more to privacy than setting up a vpn. It's also a state of mind. What we can find on internet, they can find too.

Did they read this? Can't be sure, but some coincidences are too improbable to always be coincidental.

-{ Quote: "Within a few days after this post, P2P data rates are virtually zero! Just goes to show that there is a lot more to privacy than setting up a vpn. It's also a state of mind. What we can find on internet, they can find too.

Did they read this? Can't be sure, but some coincidences are too improbable to always be coincidental." }-

Ouch! I'm sorry about that. This forum always gets high priority in Google searches. I guess that can be a good thing and a bad thing. Doing a search for the name of the VPN plus "P2P" gives this forum as the third hit on the first page. Just searching the name of the VPN (without any other terms) gives a hit on the third page.

But it does seem a little quick unless someone involved with the service was reading this forum. Or perhaps a customer who was concerned about reduced speeds read this thread and complained. Or more likely, someone read this thread, was interested in the service (especially the P2P aspect), e-mailed them and linked to this thread.

Sorry again.

Not your fault, it's mine. I did think twice before posting that, but I was thinking about lots of people signing up and the service getting slower. Not the company reading it. I should have PM'd you.

Webmasters normally look at site access logs and go look at websites that send them lots of visitors for a few days. Sometimes those are forum posts with clickable links, so it's easy for websites to see what people are saying about them. I didn't post a clickable link, but if you want to see what people are saying about your website you can type @mywebsite.com into google and you will see even the links that aren't clickable (but they normally donn't show up as referrers in website access logs so you have to actively look for them).

If you google:

@websitename.com wilder's

you'll find these forum posts are indexed in google.

-{ Quote: "Flash / Java / JS / ActiveX / Plugins CANNOT bypass the connection/proxy settings of native SSH tunnels if you use a third party firewall to control outbound connections, there is also the option of using something like proxomitron which rewrites http headers to prevent java and JS etc from revealing your true IP address." }-

If you give your internet browser the right to make outbound connections, doesn't that also allow any java/flash/ActiveX,JavaScript that is running on a webpage in the browser the right to make an outbound connection also?

I don't know anything about Proxomitron ...

-{ Quote: "If you give your internet browser the right to make outbound connections, doesn't that also allow any java/flash/ActiveX,JavaScript that is running on a webpage in the browser the right to make an outbound connection also?

I don't know anything about Proxomitron ..." }-

My understanding is that if your SSH client is listening on 127.0.0.1/localhost, then all you have to do is allow your application to only access the localhost. Deny the application internet access and DNS lookups. You can even narrow the application's access to only the port that the SSH client is listening on.

I don't really use SSH, but I figure it should be the same as Tor. So, someone correct me if I'm wrong. I do know that configuring your firewall like that with the application that uses Tor does prevent most if not all of the leaks. If the browser does try to connect out, the firewall stops it.

Regarding Proxomitron, you can configure your browser to only go through Proxomitron, then you can configure Proxomitron to go through whatever client you want. From my experience, Proxomitron doesn't leak like browsers do. You can use Proxomitron to change your network connection settings instead of directly changing the settings in the browser. This works well if you only allow your browser to connect out through Proxomitron. What I do is drag and drop different CFG files into Proxomitron any time I want to change my connection settings (e.g. switching from direct connection to using Tor).

-{ Quote: "If you give your internet browser the right to make outbound connections, doesn't that also allow any java/flash/ActiveX,JavaScript that is running on a webpage in the browser the right to make an outbound connection also?

I don't know anything about Proxomitron ..." }-

No, they run as independent applications and do not have to respect the browser's connection configuration.

-{ Quote: "SSH uses SSL/TLS. OpenVPN uses TLS. PPTP does not natively have encryption and requires additional protocols. L2TP may or may not have IPSec, which uses TLS and a variety of others." }-
can Steve or some one answer this question.

VPN uses TLS correct?

Apparently SSL/TLS can be decrypted and cracked with bluecoat etc
http://directorblue.blogspot.com/2006/07/think-your-ssl-traffic-is-secure-if.html
http://support.citrix.com/article/CTX116557

I have seen many links saying this. Therefore wouldn't it be much safer to use SSH encryption with blowfish or twofish128 etc??

-{ Quote: "can Steve or some one answer this question.

VPN uses TLS correct?

Apparently SSL/TLS can be decrypted and cracked with bluecoat etc
http://directorblue.blogspot.com/2006/07/think-your-ssl-traffic-is-secure-if.html
http://support.citrix.com/article/CTX116557

I have seen many links saying this. Therefore wouldn't it be much safer to use SSH encryption with blowfish or twofish128 etc??" }-
These attacks-with-perfectly-legitimate-implementations will affect both SSL/TLS and SSH equally since they don't actually exploit the algorithm being used.

Basically, some sort of device or application [let's call it snooper] sits in between you and the secure server you're connecting to [let's call it secureBox]. When you try and establish a secure connection to secureBox, snooper intercepts the request and then establishes its own secure connection between it and secureBox. Your local application [eg. puTTY, web browser, etc] thinks it's made a secure connection to secureBox but it's actually only made a secure connection to snooper. Overall, the connection behaves the same but snooper can see all of the traffic going through it.

To do this, though, snooper needs to feed you its own encryption key so it can decrypt the data you're sending to it. So, essentially, one key is used for the session between you and snooper, and another key is used between snooper and secureBox.

How it should look normally:

=== - encrypted connection
.key - key used to encrypt connection


:(
|
[snooper]
[you]=== secureBox.key ===[secureBox]

This is how it looks when snooper gets in between:


>:)
|
[you]=== snooper.key ===[snooper]=== secureBox.key ===[secureBox]


This is why applications like PuTTY, and your standard web browser, will alert you in some way if it suspects someone is doing this. PuTTY will alert you if the key changes from what it's expecting but you must have connected to the server successfully previously for this to occur. PuTTY will show you the server's key when you first connect, though, so you should be confirming its validity with the server administrator.

Your web browser, on the other hand, will display an alert advising that the certificate presented does not appear to match the web site you're trying to access. In an enterprise environment [which is where devices like these are deployed], the device's certificate will already be trusted in your web browser so you won't get this notification. You can still check the certificate details, though, to see who issued it and who it is valid for.

The Wireshark procedure listed involves obtaining private keys. This is a Very Bad Thing and means you cannot trust the server at all, even if you can verify that is who you're connected to, since an attacker can now eavesdrop passively without fiddling with your session.

Changing the type of encryption used won't help in either situation you since the issue is not a flaw in the algorithm being used but an exploitation of the trust relationship between you and the server.

Hope this helps :)

Maybe VPN is better regarding third party applications issues with web browsing. But VPN has a problem you don't see with SSH/proxy.

Sometimes you don't want to use your VPN for some websites or some applications and use it in the same times for others. There is no reasons we totally trust our VPN providers.
For example I can want to download something anonymously on P2P and in the same times talk on IM or make purchases, connect to my personal blog or facebook etc. And some of these connections aren't encrypted.

Even with web browsing, I can want to stay anonymous only for some websites. It's not only a question of trust. Some website are easy to use with a direct connection (some refuses IP ranges of known vpn providers, some others are faster to browse etc.)

After using many VPNs I now choose SSH for needs + Foxyproxy + Noscript which seems to be more adapted to my needs.

-{ Quote: "Depends on how the routing is being managed. It sounds like you want "dead to the world" routing, which is all-or-nothing. The most solid way to implement this is through external hardware such as the XeroBank CryptoRouter XJR, which is a hardware minirouter. All traffic leaving your machine is routed though our network using this hardware, so it makes you leakproof. Another method is making it where the VPN is the only route your system knows, and can be done in mac linux or windows.

Windows directions for leak-proofing your VPN (https://xerobank.com/support/articles/how-to-prevent-vpn-dns-leaks/)

Linux direction for leak-proofing your VPN (https://xerobank.com/support/articles/how-to-harden-openvpn-in-12-easy-steps/)" }-
Steve, I've looked again at your directions for leak-proofing a Windows machine. I think calling it "dead to the world" is not entirely correct. It's certainly leak-proof while the VPN is running, but when/if the VPN cuts out, I would call it "half dead" or leak-resistant at best. Any application that doesn't do local DNS requests will bypass this technique if the VPN cuts out.

This includes torrent apps, which a lot of people here are most concerned about. Once you're connected to certain IP addresses through your VPN, once the VPN cuts out, your computer will connect to those same IP addresses without the VPN. Another example of an app bypassing this technique is Tor. Tor will connect straight out through this because it doesn't do local DNS requests. On a positive note, this technique will probably work for a browser virtually every time.

I've come to the conclusion that a good outbound software firewall is the only viable way to totally leak-proof a VPN (because of the lost connection issue). It's the same as with application-level programs like Tor. A firewall is the best solution there too. However, with Tor, firewall configuration is easier than with a VPN, from my experience.

I'll probably start a new topic on this at some point because it's too big to cover here. I think your technique is a useful adjunct to a firewall, but I don't believe it to be either necessary or sufficient. I do believe that a properly configured firewall is both necessary and sufficient. I personally would use your technique plus a firewall for purposes of redundancy. Also, while the technique you describe probably works for Xerobank and some other VPNs, it doesn't work for every VPN. But there's a simple modification described on the perfect-privacy forums that should make it universal. Any thoughts? I think this is an important issue.

Question to all what about your MAC address? Does your Mac address get leaked out when using VPN or SSH? do you have to spoof your Mac address?

-{ Quote: "Question to all what about your MAC address? Does your Mac address get leaked out when using VPN or SSH? do you have to spoof your Mac address?" }-

No, it doesn't. To the best of my knowledge, the MAC address of the modem and of the device connected to the modem (e.g. router) can be obtained by your real internet service provider (ISP). And all your ISP knows is that you're connected to a VPN provider, hence it's not a security issue. You can always spoof the MAC address of the device connected to the router for added security, although it's probably not necessary. Neither the VPN provider nor the target website can get your real MAC address. However, the TAP adapter that is created by OpenVPN also is assigned a MAC address. I believe this MAC address is known by the VPN provider, but not the target website. This isn't a security issue either, because the VPN provider already knows your real IP address, which always trumps a virtual MAC address. If you trust them not to keep logs, then it's obviously not a security issue.

-{ Quote: "Steve, I've looked again at your directions for leak-proofing a Windows machine. I think calling it "dead to the world" is not entirely correct. It's certainly leak-proof while the VPN is running, but when/if the VPN cuts out, I would call it "half dead" or leak-resistant at best. Any application that doesn't do local DNS requests will bypass this technique if the VPN cuts out." }-

Just to be clear, I was only referring to the directions for configuring a Windows machine. I wasn't referring to the Cryptorouter at all. To my knowledge, an external router should be leak-proof out of the box.