Silk Road forums
Discussion => Newbie discussion => Topic started by: cryostat on September 23, 2013, 06:32 pm
-
Hi
I have read on one website guide for SR that you should install a VPN service (e.g. HideMyAss etc) as well as use Tor.
Is this reasonable advice or is it better to use just Tor (which presumably can hide your presence on line, and isn't stored permanently on the harddrive) ?
-
Yes it is best to get a VPN. Even that is sometimes not completely ananymous. I there is an unprotected wifi that is avaible to you, that ISN'T yours then its best to use that. but yes, a VPN + tor is the way better than just tow
-
Can someone post a quick guide to a VPN service? I only use TOR with PGP encryption
-
I'm not an expert, but I disagree... it can actually do the opposite. It depends on how trustworthy the VPN is.
First, read this:
http://invisibler.com/lulzsec-and-hidemyass/
What Everybody Ought to Know About Hidemyass
So clearly the advice that website guide gave you sucked.
Now read this:
https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN
VPN/SSH Fingerprinting
Using a VPN or SSH does not provide strong guarantees of hiding your the fact you are using Tor from your ISP. VPN's and SSH's are vulnerable to an attack called Website traffic fingerprinting 1. Very briefly, it's a passive eavesdropping attack, although the adversary only watches encrypted traffic from the VPN or SSH, the adversary can still guess what website is being visited, because all websites have specific traffic patterns. The content of the transmission is still hidden, but to which website one connects to isn't secret anymore. There are multiple research papers on that topic. 2 Once the premise is accepted, that VPN's and SSH's can leak which website one is visiting with a high accuracy, it's not difficult to imagine, that also encrypted Tor traffic hidden by a VPN's or SSH's could be classified. There are no research papers on that topic.
So from that last paragraph, doesn't sound like it's really going to help much anyhow.
-
If it's a free VPN it is still worth it. An extra layer of anonymity is better than not having it. While assuming your ISP can see through your VPN to see Tor traffic doesn't mean that they are actually bothering to do it.
-
Just make sure it's not a compromised VPN (NOTE shadowcrew....).
VPN + TOR ALWAYS - if you're a player and smart. TOR traffic is very distinguishable and a VPN will aid you in masking your activity from them (ISP) and any sniffers.
-
A VPN merely adds either a static entrance or exit node. It is shitty for anonymity and noone would recommend it.
https://tails.boum.org/blueprint/vpn_support/ *CLEARNET