VPN vs. proxy: which is better to stay anonymous online?

Discussion in 'privacy technology' started by mood, Nov 10, 2018.

  1. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    13,059
    VPN vs. proxy: which is better to stay anonymous online?
    November 10, 2018
    https://securityaffairs.co/wordpress/77874/digital-id/vpn-vs-proxy.html
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    Sometimes combining them is useful. Say that you want to grab lots of data from some website. It's not uncommon for sites to refuse connections if you do that. So you just configure your download app/script with a proxy switcher. Everything goes through the VPN, for privacy. But periodically, you change proxies. Doing that is much faster than changing VPN servers. It's instant, basically.
     
  3. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    2,136
    OR you could establish a partition of trust where you use a quality VPN as step one, and then use TOR. With TOR in this configuration the circuit changes automatically every ~10 minutes, although your ISP only sees the VPN connection!
     
  4. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    It's rare that TOR works through a VPN, isn't it?
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    Tor always works through VPNs. It's VPNs through Tor that's iffy. For that, you gotta use TCP-mode VPN. And Tor latencies are so large that keeping VPNs from timing out can be touchy.

    And then there's the risk that your VPN is linked to you, through payment method or IP address. If it is, Tor provides no anonymity. That's why using VPNs through Tor is so risky.
     
  6. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    Linked by IP? Any VPN inevitably know the IP. You mean as long as they log it, right?

    EDIT: forgot that: I usually have issue with TOR through the VPN... hm, I have to try again.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    If you only ever hit the VPN server through Tor, they don't know your ISP-assigned IP address. Just Tor exit IP addresses.

    But if you screw up, and connect directly, just once, you're tagged. So even if you later connect through Tor, the VPN provider knows what ISP-assigned IP address is associated with your account.
     
  8. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    If you have a bad VPN provider who actually cares about that (logging), yes. Why would that be a problem with providers who don't log anything?
     
  9. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    636
    There is not that much difference between the two.

    Proxy: Controlled by some third party, you have no way of knowing if they log or not (probably do)
    VPN: Controlled by some third party, you have no way of knowing if they log or not despite the high promises (probably still do).
    The only big difference is that VPN adds encryption while if you use say, SOCKS5 proxy, you have to bring your own encryption with you.

    If you want to go home free for the first mile (the first link that your ISP will see) then just setup cheap raspberry pi (or any other minicomputer) gateway that routes all your traffic to your own VPS with OpenVPN running. Even SSH tunnel would be okay for that. And then start adding Tor, chaining multiple other VPNs, add proxychain-ng to mix ....

    It will be dog slow but at least nobody will definetely see your real IP ;)
     
  10. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    Well, because -- when it really matters, anyway -- you can't trust anyone ;)

    What you can trust, more or less, is systems that obviate the need for trust. I say "more-or-less" because you can't be certain that Tor isn't backdoored somehow, even though the design looks like it does. Or even if it's not backdoored, that traffic correlation attacks are routinely doable.
     
  11. boredsecenthusiast

    boredsecenthusiast Registered Member

    Joined:
    Oct 4, 2018
    Posts:
    10
    Location:
    United States
    vpn vs proxy together? yeah that work by great. but I am afraid that might slower the connection speed. But yeah the "too many request" can be solved

    Some provider are coming up with Double VPN thing. It is a marketing gimmick or a real thing.?

    Further more why you want to use a double vpn if the vpn provider is not trust worth or vice versa?

    Also, while search I found this comparison a chart for VPN vs Proxy vs Tor comparison very useful. check on this link https://www.purevpn.com/blog/vpn-vs-proxy-vs-tor/ cannot copy paste because of formatting
     
  12. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    I downloaded Tor browser and it seems to work perfectly through the VPN. That's not what I experienced in VMs, maybe there was an issue with my VMs network configuration...
     
  13. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    It's a real thing. For Insorg, IVPN and Perfect Privacy, at least. From personal experience. Insorg does as many as four hops, I think.

    But even so, I prefer to setup my own multiple-hop connections, using VPNs from multiple providers. If one provider hosts all of the servers in your multiple-hop connection, you must still trust them 100%. But if you chain VPNs from multiple providers, no one provider can pwn you.
    Multiple hops complicate traffic analysis somewhat.
     
  14. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    How do you chain different VPN provider?
     
  15. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    My old guide: https://www.ivpn.net/privacy-guides/advanced-privacy-and-anonymity-part-1

    You can also do it, much lighter, using iptables rules to direct traffic through multiple VPN tun interfaces. Although that's more prone to leaks.

    A compromise would use docker containers instead of full VMs. It'd arguably be just about as leak-free as using VMs. But there'd be far less OS duplication. Except for the pfSense containers, anyway. Maybe better to use Linux instead. Maybe I'll take a shot at it. But not soon, I think.
     
  16. boredsecenthusiast

    boredsecenthusiast Registered Member

    Joined:
    Oct 4, 2018
    Posts:
    10
    Location:
    United States
    Okay I am new to the privacy this. I downloaded and installed Tor browser but major services like google, facebook, gmail didn't work. Is Tor only used to access Dark Web and if the information about tor is available on another thread please share the link
     
  17. boredsecenthusiast

    boredsecenthusiast Registered Member

    Joined:
    Oct 4, 2018
    Posts:
    10
    Location:
    United States
    Wow! I will try Insorg for sure.
    what about IVPN and PP how many hop they perform on double VPN o_O?

    Yes, creating hop from multiple VPNs is intriguing.

    I have like $100 of free credit on DO can it be used to create a Double VPN o_O?
     
  18. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    I don't know much about Tor either, but you can try to give yourself a new identity - meaning exit node: In the browser there is a button with Tor-icon left from the address bar. There you can click on "New identity" and you'll have a new IP.
    Please note that
    - you should not change any settings except in the mentioned button,
    - don't add any addons
    - and you shouldn't even maximize the window when using this browser. Otherwise your anonymity is flawed.
     
  19. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    Well, they're in Russia. If you're not in Russia, and not interesting to Russian authorities, that's arguably a good thing :) Otherwise, maybe not ;)
    As I recall, IVPN just does two, and PP can do three or more. Both IVPN and PP have a "roll your own" interface, where you can use any of their servers in a multi-hop setup. However, IVPN claims that it does "real multi-hop", routing traffic through multiple servers, rather than simple tunnel-within-tunnel. My VirtualBox setup just does tunnel-within-tunnel. And it's fast enough for my needs.
    Yes, you could create two or more VPN servers on DO, and configure tunnel-within-tunnel or multi-hop routing. But I'm not sure that it'd be worth the hassle, because they'd all be associated with you, and just handling your traffic. So they wouldn't add anonymity.
     
  20. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    What do you mean by "didn't work"? It is true that many sites require solving CAPTCHAs, and that CAPTCHAs sometimes aren't solvable unless you enable Javasript. And sometimes, if you have an exit IP that's been very bad, you'll get blocked completely. So just get a new identity (new circuit with new exit relay) and things will be OK. But no, Tor isn't just for the "Dark Web" ;)

    However, you do need Tor browser to access Tor .onion sites, which are one flavor of "Dark Web". Just like you need I2P to access eepsites (.i2p). Or Freenet to access freesites. Which are other flavors of "Dark Web". Or technically, "overlay networks", because most everything ultimately connects through the Internet aka clearnet.
     
  21. Lyx

    Lyx Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    110
    Here are 2 tutos:

    https://board.perfect-privacy.com/threads/openvpn-double-vpn-cascading.256/
    https://www.perfect-privacy.com/howto/cascading-your-vpn-connection-over-multiple-hops-with-linux/

    They consider Perfect Privacy servers, but the methods can be used with different providers as well. But You has to use OpenVPN in TCP Mode with each provider.

    I would very like an app able to automatize the process.


    What does IVPN mean with "real multi-hop" exactly? Until now for me a multi hop VPN is a nested chain of VPNs.
     
    Last edited: Nov 14, 2018
  22. __Nikopol

    __Nikopol Registered Member

    Joined:
    Aug 13, 2008
    Posts:
    589
    Location:
    Germany
    Oh, this is so much better than having one or two VMs running! :)
    Thank you!

    I am thinking how I can use my current program from the VPN provider for this. Could I connect it through a proxy on 127.0.0.1 or would that cause issues with programs that use the loopback for stuff? Any idea how I configure OpenVPN to act like a proxy?
    There's also a proxy-gateway option. could that be used too? https://windscribe.com/features/proxy-gateway

    I guess I can't do that with the routing table. But I don't know much network. Please help :D
     
  23. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    8,651
    I don't know exactly. I presume that they're routing your traffic from entry server to exit server to the Internet. Using an encrypted connection, certainly. But not just by tunneling the exit server VPN tunnel inside the entry server VPN tunnel. So there's less overhead, and so it's faster.
     
  24. boredsecenthusiast

    boredsecenthusiast Registered Member

    Joined:
    Oct 4, 2018
    Posts:
    10
    Location:
    United States
    It was blocked. I was trying to open gmail. I don't remember the exact message. But it was something like "You look suspicious" or "you are using relay which we don't support". I uninstalled it then thinks Tor is not my thing.

    I thinks that might be the case with me when I was using TOR

    I'll reinstall it and then try the above thanks for the help. (Y)

    Yes! I was thinking the same. Since they have my CC they can track me with any hassle. Gotta try one of those anonymous card service

     
  25. boredsecenthusiast

    boredsecenthusiast Registered Member

    Joined:
    Oct 4, 2018
    Posts:
    10
    Location:
    United States
    That is cool I'll try that.

    Thanks for the help! Cheers
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.