Use of a VPS so its provider cannot see site being browsed

X2go seems like just what I was looking for, thanks.

Everything done in the guest can be seen in theory, but in some setups it can be extremely difficult. Try going from assembly code registers and ram to the content of a paypal session. It's just way too hard. It would require special tools that nobody here seems to know. Especially hard if there is no frame buffer and no keys are being pressed, which is what I am counting on.

 

Could you rely on that, if the machine is owned? How do you update the image? What about the configuration data (which could open your machine to all and sundry effectively)? Doesn't work for AV on a normal client, does it really. And there, you've got a chance of detecting rootkits, have a TPM and encrypt the image.... And you have a real network driver as opposed to a fake one.

Not saying that's likely, only that it's a good idea to get into the idea of what your threats and exposures are.

 

TRUST can only be resolved where the user = YOU takes responsibility for their own a@@. We preach until there is nothing left that a "partition of trust" is the most sure fire manner to accomplish what this thread discusses. While I trust all my vpn providers or I wouldn't use them, I simply configure as if I don't trust them, and especially the datacenters hosting them. Sounding counter intuitive, the best vpn providers actually state NOT to trust them in your configuration. They are not saying something is amiss on their end. They are counseling you to get smart and cover yourself using your brain!

I am fortunate like my buddy Mirimir. I pull just over 50 meg POST vpn's heading into the TOR circuit. So, I can confirm that a decent "partition of trust" is very doable without falling asleep waiting for page loads.

 

Certainly not. Is it trivial for rogue VPS providers/hosters to get root credentials and install a rootkit?

Maybe SElinux can block even root from seeing certain things and therefore providers/hosters too?

 

For sure. It's just traffic. I've done it, using test setups.

 

The NetFlow approach is being overhyped, I think.

But still, it's a wakeup that one can't depend on Tor for anonymity. The tor client does warn users about that, by the way, whenever it starts

 

Maybe that's why there are so many free VPN services That's certainly why the US military released Tor to the world.

I chain multiple VPN services in order to distribute trust. Compromise would require cooperation with, or compromise by, adversaries. That's also why Tor circuits and JonDonym mix cascades have three nodes.

We need defense in depth