-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My current setup is fairly simple. Let me introduce some consistent naming first.
- - server - my server (VPS) in the datacentre - - router - a router in my home, it has a private VPN connection to the server - - tor PC - a PC on which I browse tor Currently tor client is running on the server and tor PC accesses its socks port through the VPN. All other Internet access from the tor PC is blocked on the router, so no leaks are possible. Tor PC has only one, internal IP. Advantage is that in case of a raid, it would be done in the datacentre before raiding my home. Major drawback is that it is possible for the attacker to hack into the server (or just seize it invisibly, as it's only virtual) and sniff on the localhost between the VPN end and socks port. I've been recently thinking of different approaches. 1. Maybe I should run a private (unpublished) bridge on the server and a tor client on my tor PC, that would be able to connect only to the bridge (through a VPN)? This way, all unencrypted traffic would never exit a tor PC. This PC is secured enough to assume it's secure from being hacked into. It's also encrypted and never left unattended. Additional question: if a tor client connects through a bridge, does it need to access other servers (like directory authorities) directly, or it would work if I give it access only to the bridge? I'm a little scared of bridges, as they don't use guards (yet?) and they are less popular than traditional relays, so bugs in them are more likely to exist. 2. Maybe I should run a tor client on a separate machine in my home, between my tor PC and the router, and route all traffic from it through the VPN, so it would look like it originates from the server? This way all unencrypted traffic will still be inside my home and I would avoid using bridges. 3. Maybe I should modify point 1, but publish the bridge address? I'm tight on my bandwidth and I don't want to run a relay, but maybe this way, as the outgoing traffic originating from me will blend with outgoing traffic originating from other using my bridge, it would be more plausible to deny my activities if someone launches a correlation attack? They would have to correlate traffic entering and leaving my bridge with traffic on the exit node (or rendezvouz point, or any node in the path from an exit service to it), while in case of a client (or a private bridge), it would be sufficient to correlate the traffic on a guard (for client) or a middle node (for bridge) with the traffic on an exit node... I'm much more concerned with anonymity accessing hidden services than with anonymity accessing clearnet services through exists, by the way. - -- Oskar Wendel, o.wen...@wp.pl.remove.this Pubkey at https://pgp.mit.edu/pks/lookup?search=0x6690CC52318DB84C -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJWkoicAAoJEGaQzFIxjbhMkO8H/i8EQjQmvFyILCzvXc725NTV HGE6pSFEsZ5Fmk00nL6eaqxjc4DUqsjfpmno/Ad19aU+MA/85JRfp47Um/OkaDIM vwi2JAfcG2QF9NJvZkwQxWHUHbsUXdyBNmd1h29bLGjXGETHFTmaVnCXuYAu8Stm 0jSHTG/Xf1vpRPlt+SRkP2MM/eqxVw+JGfZpfkFUuKjHif/Dye0JXJVkvs1MQvvw 5V6KqhplEo19caSHyhwXxS6DnumIQzNHNgMOMs75PbApSUADPczR6DIeWBiQL4fj GgeTbnof/PK0Mx12o5/e3/zM7++pHdzIAPenDmrGOX1bftgWLnpvjFglE2Zikcg= =LDvG -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
