Delivery-Date: Fri, 30 Jan 2015 06:18:46 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id C502B1E0844
	for <archiver@seul.org>; Fri, 30 Jan 2015 06:18:44 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 8EABA329E0;
	Fri, 30 Jan 2015 11:18:41 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 182BA329D5
 for <tor-talk@lists.torproject.org>; Fri, 30 Jan 2015 11:18:38 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id YiR-3Hvx5z9I for <tor-talk@lists.torproject.org>;
 Fri, 30 Jan 2015 11:18:38 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id E65FB329A2
 for <tor-talk@lists.torproject.org>; Fri, 30 Jan 2015 11:18:37 +0000 (UTC)
Received: from plantcutter.riseup.net (plantcutter-pn.riseup.net [10.0.1.121])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 5983541AED
 for <tor-talk@lists.torproject.org>; Fri, 30 Jan 2015 11:18:35 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1422616715; bh=1Ra47l43eChu/AWUQnPuHGxjJmiHws9vUWcLm8V6o/k=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=R8/vmg+yx//z0fxx7fmTP4f3LfAbmkqQzTsw5MXPnGI8AICRAoC+RCs0nrMdcsbly
 W3BV1Vd2sqUNKSEq1vX++Vx64WKyMU3qVt7ODzFzMlZXopmCiMMwQUQkVcVxDXcNfj
 n8wpbq+aMUsmCLl3QfMbvP4x3JZJHoaBt4UoLbZ4=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: mirimir) with ESMTPSA id 8BD3520091
Message-ID: <54CB689A.3010402@riseup.net>
Date: Fri, 30 Jan 2015 04:18:50 -0700
From: Mirimir <mirimir@riseup.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54CB577A.9000100@riseup.net> <54CB59D5.5040300@riseup.net>
 <54CB5D63.5000108@techwang.com>
In-Reply-To: <54CB5D63.5000108@techwang.com>
X-Virus-Scanned: clamav-milter 0.98.5 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Tor -> VPN  Clarification
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 01/30/2015 03:30 AM, Bill Berry wrote:
> This image explains VPN + tor quite well;
> 
> https://vigilantcanuck.files.wordpress.com/2015/01/vpn-tor.png
> 
> IMO this setup is a pretty sensible idea given the recent
> de-anonymisation attacks (e.g. CMU). If your Tor connection gets
> comprimised, all the Feds have (hopefully) is your VPN IP.

Yes, that's a good point.

Better yet is VPN1 -> VPN2 -> VPN3 -> Tor or VPN1 -> JonDonym -> VPN2 ->
Tor. Belt _and_ suspenders :)

> The best way to set this up is VPN at a router level (e.g.
> http://wiki.hidemyass.com/OpenWRT_OpenVPN_Setup), then run Tails or Tor
> browser on your laptop.
> 
> 
> On 30/01/15 10:15, Cyrus wrote:
>> Squeak:
>>> Hello,
>>>
>>> Relative newbie here, and I was wondering if someone could help me with
>>> something please. I keep seeing people describing connections to the Tor
>>> and is VPN connections in the following two ways:
>>>
>>> Tor -> VPN
>>> VPN -> Tor
>>>
>>> So if I fire up Tunnelblick, connect to my VPN provider and then open
>>> TBB which of the above does this describe?  And also, is there a
>>> recommended way of connecting these two technologies?
>> You connect to Tor through the VPN in this case.
>>
>> PC <=> Internet <=> VPN server <=> Internet <=> Tor Network <=> Internet
>>
>>> Another thing I've noticed is in the Tunnelblick client that there is an
>>> option to connect to a Socks5 proxy, this suggests to me that I can send
>>> the VPN connection through the Tor network.  But I am confused as to why
>>> one would want to do this, and what the benefits/disadvantages might be?
>> If you don't want a log of your actual IP, doing this would be a
>> benefit. Though if they already have logged where you are once as a
>> customer, the point of this is moot. If you had a different account, you
>> could then use the VPN anonymously.
>>> Really appreciate any help you guys could give me!
>>>
>>> Squeak
>>>
>>>
>>>
> 
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

