Delivery-Date: Sun, 24 Jan 2016 11:38:56 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D966F1E0192;
	Sun, 24 Jan 2016 11:38:54 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id A306828386;
	Sun, 24 Jan 2016 16:38:47 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id ED5A123522
 for <tor-talk@lists.torproject.org>; Sun, 24 Jan 2016 16:38:44 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id L2Ch4TjZwObg for <tor-talk@lists.torproject.org>;
 Sun, 24 Jan 2016 16:38:44 +0000 (UTC)
Received: from khazad-dum.seul.org (khazad-dum.csail.mit.edu [128.31.0.47])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "moria.seul.org", Issuer "moria.seul.org" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id D3FE622061
 for <tor-talk@lists.torproject.org>; Sun, 24 Jan 2016 16:38:44 +0000 (UTC)
Received: by khazad-dum.seul.org (Postfix, from userid 501)
 id 037B91E0193; Sun, 24 Jan 2016 11:38:41 -0500 (EST)
Date: Sun, 24 Jan 2016 11:38:41 -0500
From: Roger Dingledine <arma@mit.edu>
To: tor-talk@lists.torproject.org
Message-ID: <20160124163841.GI7734@moria.seul.org>
References: <n82b3t$g4v$1@ger.gmane.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <n82b3t$g4v$1@ger.gmane.org>
User-Agent: Mutt/1.5.20 (2009-12-10)
Subject: Re: [tor-talk] Using VPN less safe?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sun, Jan 24, 2016 at 11:04:30AM +0000, Oskar Wendel wrote:
> Attacker could easily tap into major VPN providers traffic and try to 
> correlate their traffic with hidden service traffic. And there are fewer 
> VPN providers than Tor entry guards (and much less than home connections 
> around the globe).
> 
> Does it mean that routing Tor through a commercial VPN could actually 
> lower the security, compared to routing Tor directly through a home 
> connection?

Yes, I think this is correct.

It's a tradeoff -- if somebody somehow breaks the anonymity of your Tor
circuit, it's nice to have another layer behind that. But if somebody
guesses that you're using a particular VPN, or you pick a VPN that they're
already monitoring for other reasons, then you basically let them see the
beginning of your circuit when otherwise they might not have been able to.

In a sense you're selecting your VPN to be your guard. If there were
one super-popular guard in the Tor network, and people used it forever
rather than doing normal guard rotation, seems to me it would become an
appealing point for surveillance.

Also, this issue is pretty much the same whether you're visiting onion
sites or other domains.

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

