On the Topic of Tor's Weaknesses

On the Topic of Tor's Weaknesses.

-- Tom

 

They mention being able to trace you if they have access to the first and last node, if I understand correctly. So I guess if you open the Tor Browser bundle after connecting to a VPN, the connection could only be traced back to the VPN.

 

That's correct Caspian.

 

So if you don't use a VPN Tor is useless?

 

In my opinion, that would work only if there is just one relay nod in between.
Bad-Good-Bad, if there are two or more, it would be very hard(er). Plus if you have https, then it is encrypted.

 

Thanks Jack & Hugsy, all interestng stuff.

 

Adding a VPN only protects from evil Tor exit nodes if the VPN is routed through Tor. Conversely, adding a VPN only protects from the deanonymization attack described by the OP if Tor is connecting through the VPN. But you can have both, if you like.

 

Thanks for that. . But then if the organization who was able to control the first and last node contacted the VPN provider to see who was connected to tor at such and such time, and the VPN provider agreed to give it to them, then that would be that. So still it is important to have a trustworthy VPN who is truly devoted to the principles of privacy and freedom.

 

I wish I knew how to have it both ways. That would be pretty cool. How do you get a VPN to go through tor?

I have a JanusPA that I bought a long time ago. But I never got around to hooking it up. Do you think it would still be safe to try? That is the only way I could think of getting a VPN to go through tor. Connect the JanusPA, fire up the VPN, and then fire up the Tor browser bundle....LOL

 

Tor handles TCP, so TCP-based VPNs (HTTPS port 443) work. VPNs deal pretty well with packet loss and latency. See -http://www.wilderssecurity.com/showthread.php?t=316044 for one approach.

I wouldn't use JanusPA unless you could update Tor.

 

OK, that works too: routing TCP VPN traffic through Tor. But your ISP etc does see that you're using Tor.