VPN and TAILS via DD-WRT

It's hard to get the security software I feel I need to run TAILS from home and feel secure. I subscribed to a VPN on Thursday because I do like to protect my main PC from clearnet sites like DnM on Reddit and some clearnet review boards.

I've been a long time user of DD-WRT on Linksys boxes, both for wardriving and fun, extra wattage, overclocking. So My VPN, IPVanish, offers a script to get my router to connect to the VPN. WRT54G routers are only B/G wireless, not having the capability of N. But I use dedicated Linux machines for my tails anyway, I NEVER use TAILS in my day to day PC.

I feel like I patched a big security hole, I think my ISP can no longer see that I'm using TOR and was hoping (someone chime in) that this gives me a little protection against corrupted exit nodes.

I think it will also help with one site I help out on and also my clearnet email providers that I NEVER use outside of tails, but again I fear the exit nodes.


Comments


[3 Points] cryptocreepo:

Don't trust exit nodes and don't trust VPN.

LE have the ability to passively monitor a huge amount of traffic and they are going to focus on the perimeter of such devices if they don't own them already.

Even if data is SSL tunneled, they can interpolate a lot about what is going on when they can't decode the data.

The good thing is that they haven't been interested in drug trafficking at this time, but I wouldn't say that they don't keep records for future reference.


[2 Points] InconvenientIdeals:

Do you normally use TAILS for clearnet stuff? Any reason why? How many felonies per day does SWIY commit on average?

Yes using VPN configured at the router level will route all traffic through it so it's important that it be reliable and stuff. Never heard of or used IPVanish but assuming they are good, didn't collect identifying info on you, then yes if somehow you got traced back through your Tor hops then that would appear to be your IP. Where that breaks down is that it will be immediately obvious that it isn't your home IP to anyone capable of getting that far. If IPVanish offers dedicated unique IPs it would help a bit or also might harm if you supplied any info during signup.

An exit node normally will not see your IP however , only what went through the second hop so to speak. But you clearly seem to enjoy doing this so no harm in it really and it'll come in handy perhaps one day.


[2 Points] ker83v9e:

I have this exact same set up for privacy and anonymity in general. I compared my network traffic with VPN only, TOR only, and VPN+TOR using Wireshark and router logs and it seems like the VPN+Tor set up is much less obvious. I'm far from an expert when it comes to networking though. By the way, while the VPN+Tor option may hide Tor from your ISP, the traffic still looks highly unusual, especially if you're using tails. If your ISP was specifically monitoring your connection it would still be suspicious. PM me if you want any more detail.


[1 Points] pallmallman12:

I use a vpn at router level because I don't think it's my isp's right do snoop on my activity regardless of what I do. Especially, my Tor usage which I use almost constantly. Using TTB for casual viewing and posting like now, and Tails for more secure activities.

The only problem is using multiple routers to access the clearnet for mundane thing like banking, paying bills and legit online shopping.

I know a lot of people state using a VPN can be a liability and that the VPN will hand over your info if given a court order. Even if they do, the only thing that will be exposed is a bunch of Tor encrypted gibberish. On. the other hand. you ISP will most certainly hand over everything they have on you.

That being said, I'll stick using Tor through my Eastern European VPN, that "supposedly" keeps no logs.