Delivery-Date: Fri, 30 Jan 2015 13:37:33 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLOCKED
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id ECEC51E042C
	for <archiver@seul.org>; Fri, 30 Jan 2015 13:37:31 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3E39330F53;
	Fri, 30 Jan 2015 18:37:28 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 9DA0C324EB
 for <tor-talk@lists.torproject.org>; Fri, 30 Jan 2015 18:37:24 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id OjCEPwbfXRe9 for <tor-talk@lists.torproject.org>;
 Fri, 30 Jan 2015 18:37:24 +0000 (UTC)
Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com
 [66.111.4.27])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 85A73324A7
 for <tor-talk@lists.torproject.org>; Fri, 30 Jan 2015 18:37:24 +0000 (UTC)
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
 by mailout.nyi.internal (Postfix) with ESMTP id BC13D20A60
 for <tor-talk@lists.torproject.org>; Fri, 30 Jan 2015 13:37:21 -0500 (EST)
Received: from web3 ([10.202.2.213])
 by compute1.internal (MEProxy); Fri, 30 Jan 2015 13:37:21 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=fastmail.net; h=
 message-id:x-sasl-enc:from:to:mime-version
 :content-transfer-encoding:content-type:in-reply-to:references
 :subject:date; s=mesmtp; bh=0jnUasMNv8+YmxC/MBoh6r4bhLM=; b=FfhE
 rBhthd8CSsq1ybCE4IZ/pS+jQRuv9qdsLc0IFVJV5VxK+IedB0LKljI0f/w+H4f6
 PzpLYOMz2YiNCmr74Z7MvC6cfvka8Mww+fHOjX8aKg+azsRXc7kVPVoWuaqGSbRU
 NdbEUwLumhuVQQ13ZHG4la74X+l5qeHk09DEGww=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
 messagingengine.com; h=message-id:x-sasl-enc:from:to
 :mime-version:content-transfer-encoding:content-type:in-reply-to
 :references:subject:date; s=smtpout; bh=0jnUasMNv8+YmxC/MBoh6r4b
 hLM=; b=CA7C7ezePWR9wUvu6BlMZsEtVd7lw4Y0sKzc9tNAJSTnTVGJprktvTQC
 mORDdDZ345DQoW44aszt0TDypy2FU5qcmnwj1f0KKgUvncssZMaUBV4McdDZPndZ
 GUY/BT8xK20zS2C0cqZh2xcnIMOhFp8DJqCFWgdkqIibusjHzcI=
Received: by web3.nyi.internal (Postfix, from userid 99)
 id 7924511553D; Fri, 30 Jan 2015 13:37:21 -0500 (EST)
Message-Id: <1422643041.1704861.221079941.2AEF6D44@webmail.messagingengine.com>
X-Sasl-Enc: Av7yjpvVjhOULFeV7dgVtzwuy2RQFxfN5QY7+wzsKfHf 1422643041
From: Geoff Down <geoffdown@fastmail.net>
To: tor-talk@lists.torproject.org
MIME-Version: 1.0
X-Mailer: MessagingEngine.com Webmail Interface - html
In-Reply-To: <54CB78AF.90100@riseup.net>
References: <54CB577A.9000100@riseup.net> <54CB59D5.5040300@riseup.net>
 <54CB5D63.5000108@techwang.com>
 <CABMkiz52u_5Txb1ROfZOGVAupP3=12X9_dFP0HXF-aTGP2MeMA@mail.gmail.com>
 <54CB78AF.90100@riseup.net>
Date: Fri, 30 Jan 2015 18:37:21 +0000
Subject: Re: [tor-talk] Tor -> VPN Clarification
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>



On Fri, Jan 30, 2015, at 12:27 PM, Squeak wrote:
> Hi Guys,
> 
> Thanks for the prompt replies, they are really helpful.  The image you
> posted Bill Berry was especially illuminating, thanks!
> 
> So VPN -> Tor is what I'm currently doing with Tunnelblick and TBB, but
> could somebody detail how and with which programs you would achieve Tor
> -> VPN please?    I'm having a little trouble visualising how that would
> work.
> 
> A follow-up question about the Tunnelblick set up, if someone does
> directly attack my connection and somehow manages to crack the VPN
> encryption they are only going to see that I'm using Tor.  Is that
> correct?
> 
> 

Yes, as long as the Tor *client* (Torbrowser) is running locally, the
connection *to* the Tor network is encrypted with Tor's encryption and
from that point of view it makes no difference if that connection is
direct or via a VPN ( VPN > Tor).
 If you run Tor > VPN, the connection *out of* the tor network is only
 encrypted with the VPN encryption and so vulnerable to sniffing by the
 VPN provider or a theoretical cracker of their encryption: if the
 traffic or the provider can identify you, you've lost anonymity with
 respect to the final destination.
 The worst case is if the Tor *client* is run remotely and you connected
 a normal browser to it via a VPN. Then you are entirely at the mercy of
 the VPN provider and their encryption from the point of view of
 deniability should you be investigated for some reason.

GD

-- 
http://www.fastmail.com - Choose from over 50 domains or use your own

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

