Can the Tor Browser leak my IP?

Discussion in 'privacy problems' started by Tong, Mar 4, 2014.

Thread Status:
Not open for further replies.
  1. Tong

    Tong Registered Member

    Joined:
    Aug 1, 2011
    Posts:
    23
    This is probably a dumb question, but here goes. I'm using Tor over a VPN, which occasionally drops. I assume that at that point also my connection to an exit node is lost, and TOR will try to reconnect to the network from my own IP. The question is, if I happen to reload a page in the Tor Browser at that same moment, is there a possibility of my own IP showing?
     
  2. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    You would still be behind Tor to wherever you are connecting, but the first node on the Tor circuit would be able to see your real IP.
     
  3. Tong

    Tong Registered Member

    Joined:
    Aug 1, 2011
    Posts:
    23
    Ok, thanks for your reply.
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    Not true!!!

    You said you are using TOR over VPN. If you setup your VPN tunnel correctly it would be functioning as full protector over a dropped connection. You should setup and be fully confident that only your VPN's specific dns can ever connect to/from your machine. TOR rides along inside the tunnel and no tunnel means no TOR either. You might also examine using a "separation" profile by using TOR in an isolated VM. e.g. you could create a linux VM using TOR. Your VPN tunnel would then be the obfuscated bridge for the TOR VM. Your ISP will not see your use of TOR either.

    Even in your model, if the VPN is connected securely TOR can't burn you by revealing your actual IP. Frankly, that is because TOR never sees your IP so it can't give it out!! I would strongly suggest that you think about running TOR inside a separate VM (you may be doing it already but I can't tell from your post). That combination keeps malware away from the host and seeing your actual machine ID.
     
  5. Taliscicero

    Taliscicero Registered Member

    Joined:
    Feb 7, 2008
    Posts:
    1,439
    He would be protected if he is using Tor Browser Bundle as it won't let you connect out through your normal IP without going through the Tor network. I am assuming hes using the browser bundle as using anything else leaks your IP due to being incorrectly set up anyway.
     
  6. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    My point was that in his TOR over VPN scenario the first node of TOR will not ever see his IP. (assuming its securely configured)
     
  7. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    If you are using Tor Browser properly, it shouldn't be leaking your IP.
     
  8. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    If you're going through the trouble of using Tor over a VPN, it makes sense to use an outbound firewall that can prevent the browser from making any other connections.
     
  9. Paranoid Eye

    Paranoid Eye Registered Member

    Joined:
    Dec 15, 2013
    Posts:
    174
    Location:
    io
    Or you can use whonix just to be on the extra safe side whole thing is isolated and much better at preventing leaks.
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,029
    And then you just connect to a VPN in the host machine, and use adrelanos' VPN-Firewall to prevent leaks if the VPN fails. Also, remember to configure the host machine with a third-party DNS server, so you're not advertising your ISP from the VPN exit.
     
  11. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    Basically the same idea regardless of whether you run Tor Browser on your physical system, through a VPN, on a virtual system, or a combination of these. Always start with the assumption that Tor Browser can be compromised and either be coerced to leak or to attempt to connect directly. Assume the same for your VPN setup. The surest way to prevent leaks or direct connections is to make sure that no other paths are available for any component to connect through. A firewall is the tool of choice for this task.
     
Loading...
Thread Status:
Not open for further replies.