2

I want to do some research on network anonymity.

Assume that I am careful enough not to disclose any personal information while connected to an anonymous network.

If I run a system that uses Tor over a VPN that I paid for with Bitcoins (free VPNs are very slow) and also use Tor browser to avoid scripts and use a masked MAC address and hostname, where am I exposed? What can anyone do to find my system's real data?

forest
  • 65,613
  • 20
  • 208
  • 262
  • You seem to include several vectors of info-leakage (network, host, browser, VPN account data, etc.). That's a lot for us to tackle all at once. Could you narrow down your focus to something we could answer? – schroeder Oct 22 '14 at 19:54
  • @schroeder you are right, i didn't frame the question in the best way. What i want to know is not the vulnerabilities of every approach but rather if i am missing something or some obvious manner by which i can be attacked by using this specific setup, as i know that combining these approaches together protects me from most vulnerabilities of the isolated approaches – user2554749 Oct 22 '14 at 20:24

4 Answers4

5

Network Anonymity is largely how much you perceive yourself to be anonymous. While using a VPN and a layered-browsing method might seem to make you incredibly anonymous, ultimately your connectivity is passing through uncontrolled territory and could be monitored.

Weaknesses of Tor can be found on the Wikipedia site: http://en.wikipedia.org/wiki/Tor_(anonymity_network)#Weaknesses

Tor's weaknesses are varied and subject to attack from different vectors. Some involve traffic pattern analysis which can reveal nodes, looking at captured packet data after it exits the TOR (or in your case, the VPN endpoint en route to it's final destination), and some protocols contain real IP information which could reveal you.

Your VPN, since it is routed through the Tor network, largely serves to conceal your traffic from anyone listening on the Tor network itself. Once it leaves the Tor to the VPN endpoint, some of the Tor attacks become viable. (They probably won't know what is IN the VPN traffic as it is encrypted.) When the traffic leaves the VPN endpoint to it's final destination, it may or may not be encrypted anymore (depending on the traffic), and that data could be used to find out more information. Also, the VPN provider, may keep logs about who and what accesses their network for whatever reason. They can say they don't (some paid ones say so), but you can't ever really be sure. That alone may be a compromise.

Either way, it is a lot of work to put all the pieces of the puzzle together, which is the primary objective in the first place.

EDIT: Oh, one more interesting thing I forgot to mention... Let's say you had accessed a website with a user ID and password before anonymizing yourself, and the connecting information gets logged (IP address, yadda yadda) then you connect to the same website AGAIN later with that same user name and password (but this time from the Tor/VPN combo) the owners/admins of the site could look up that information and identify you almost immediately if they had the inclination to do so.

forest
  • 65,613
  • 20
  • 208
  • 262
Desthro
  • 1,007
  • 5
  • 5
  • thanks, i get it know. So, in your opinion, what serves me the most, to have TOR over a VPN or a VPN over TOR? Basically, what i'm asking is: What is harder to do, forcing the VPN provider to give up my purchase information and logs (TOR -> VPN) or finding out my information through listening on an exit node (VPN -> TOR)? – user2554749 Oct 22 '14 at 20:39
  • To be honest, you still have to connect to your VPN provider either way, so it's pretty much the same (as far as getting the VPN records subpoenaed) The only difference, is if you can VPN -> TOR (not sure how that would happen exactly) you can place some significant distance between yourself and the TOR you are using, (by say, using a VPN end point in EU if you are in the USA, or something like that). – Desthro Oct 22 '14 at 21:31
  • To choose between "TOR over VPN" or "VPN over TOR", it really boils down to who do you trust the least between your ISP, the TOR network, and your VPN provider. – Dillinur Oct 23 '14 at 07:45
  • In most jurisdictions if they advertise they don't keep logs they must abide by that, else its labeled as false advertisement and may face legal implications. I agree with the rest of the answer though, well explained! – Purefan Jun 05 '15 at 07:16
3

As said before, anonymity is as very hard discipline to master. If you are fighting against someone determined enough to hunt you down, it only needs one slip to find you. This article shows who and what you are fighting. Result: you are hopeless.

You mentioned masked MAC Address: forget MAC forging, please. A MAC address have nothing to do with anything that goes outside your local network. If your attacker is inside your LAN, masking the MAC would make a little sense, but in this case you would have bigger problems. If the attacker is outside your local area network, they will never see your MAC. Exceptions include a malicious script running locally and sending the information to them, a possibility you ruled out by running TorBrowser. People worry way too much about MAC address. You don't have to.

For you be more anonymous, you must have two identities: a public one and an anonymous one. You must never access anything from one identity using another one. If you use TorBrowser to login at one site as the public identitym and later access the same site using the common browser, it's possible to you to be tracked. Almost every site out there have one or more methods of user tracking, and that data will be used to track you down.

There are lots of programs that leak data, including browsers and plugins. There are exploits to browsers that force it to run attacker-supplied code. I would recommend you to use a Linux distribution made to isolate the physical hardware and real network from the virtual world, like Whonix.

ThoriumBR
  • 51,983
  • 13
  • 131
  • 149
  • All this is so true too. So sad =( – Desthro Oct 22 '14 at 21:34
  • Masking your MAC address makes sense if and only if you are using somebody else's network (say, a public WiFi hotspot) to access the Internet. – Mark Oct 22 '14 at 23:07
  • How about the MAC address of your router - if doing this from home is an option at all?! You could take a look at QubesOS, which makes different identities an option. See my answer here with more suggestions: http://security.stackexchange.com/questions/71314/im-wondering-how-i-hide-my-identity-online-well/71327#71327 – SPRBRN Oct 23 '14 at 07:46
  • @SPRBRN, masking the MAC address of the router makes little sense also. The reason the MAC address doesn't leave your local network is that it is rewritten by every device on the path between you and the destination address. This means that each device can only ever see the MAC address of the previous device. So while your router's MAC address does go outside of your own network, it wouldn't get past the first hop (which is probably your ISP). But besides all that, it's extremely easy to change your MAC address; making it a supremely bad tracking device, even *if* the attacker knew it. – Chris Murray Oct 23 '14 at 07:56
  • That is very depressing... – user2554749 Oct 23 '14 at 08:01
0

If someone was able to monitor the connection between you and your VPN and also know the times that you were active on whatever you are doing over Tor, they could correlate the timing of when you are sending traffic. Especially if you only used this VPN for Tor.

So for example, lets say you wanted to post a question on this site using your method. If someone could see when you were sending VPN traffic, and when the time on the post was, they could correlate with some probability that it is you.

forest
  • 65,613
  • 20
  • 208
  • 262
awl
  • 101
0

Just considering the VPN, remember that a VPN is a bit like a one-hop Tor node. You could accomplish the same task as a VPN by simply configuring Tor to add one additional hop in the route. The only difference would be that without a VPN, someone watching your Internet connection would know you are using Tor.

Of course if you use the VPN those same people would see you are concealing your traffic inside a VPN instead. If they are suspicious of Tor, they are going to be suspicious of VPNs. They may be able to break in to the VPN provider and watch your traffic come out as it is being decrypted. In this case they would only see Tor traffic and be unable to decrypt that, but the point is that either way they could work out you are using Tor, so the addition of a VPN doesn't really add much, if any, additional security.

On top of this, how would payment be transferred to the VPN provider, even using Bitcoin? You can't pay over an unencrypted channel otherwise anyone watching will be able to tie you and your IP address back to your Bitcoin account. If you sign up for the VPN while connected via Tor, well, then it's obvious you're using Tor so you don't really need the VPN in the first place to hide that fact. If you somehow manage to pay for the VPN completely anonymously, the provider could later be compromised. Then your super secret Bitcoin account will be linked to the IP you are using to connect directly to the VPN provider, so you may as well have paid via credit card.

I think the addition of a VPN into the mix at best does nothing, and at worst reduces your anonymity.

Malvineous
  • 101
  • 3