Jump to content
Not connected, Your IP: 18.208.132.33

Recommended Posts

So I saw a post about this incident a while ago, except it was based on a message board discussion that was in Dutch making hard for non-Dutch-speakers to follow. However, now a post in English has been written about it here:

 

http://www.wipeyourdata.com/other-data-erasing/no-logs-earthvpn-user-arrested-after-police-finds-logs/

 

Basically a user of EarthVPN - which claims to be non-logging - was presented with logged evidence that he had made bomb threats against his school. EarthVPN claimed that this was because the datacenter had decided to start logging without them knowing.

 

The author of this article suggests that a multi-hop VPN setup would make this IP transfer logging much less of a privacy concern.

 

I posted a thread with related questions here but got no response:

 

https://airvpn.org/topic/10638-entryexit-ip-addresses/

 

Is it possible that AirVPN servers could be vulnerable to this kind of datacenter logging, and if so does a multihop setup mitigate that risk? Is such a multihop setup already in place and to what extent?

Share this post


Link to post

They have twelve servers in the Nederlands. It could be interesting to know to which AS those servers belong (= which datacenter they're using).


» I am not an AirVPN team member. All opinions are my own and are not to be considered official. Only the AirVPN Staff account should be viewed as such.

» The forums is a place where you can ask questions to the community. You are not entitled to guaranteed answer times. Answer quality may vary, too. If you need professional support, please create tickets.

» If you're new, take some time to read LZ1's New User Guide to AirVPN. On questions, use the search function first. On errors, search for the error message instead.

» If you choose to create a new thread, keep in mind that we don't know your setup. Give info about it. Never forget the OpenVPN logs or, for Eddie, the support file (Logs > lifebelt icon).

» The community kindly asks you to not set up Tor exit relays when connected to AirVPN. Their IP addresses are subject to restrictions and these are relayed to all users of the affected servers.

 

» Furthermore, I propose that your paranoia is to be destroyed. If you overdo privacy, chances are you will be unique amond the mass again.

Share this post


Link to post

Is such a multihop setup already in place and to what extent?

 

It's already in practice. You can always double your tunnel. Either with TOR or another VPN tunnel... AirVPN does not have to make any additions to its service concerning your need. For TOR here you find the basics.

If you think you need another VPN tunnel just do that. Using a virtual machine will make this purpose easy. This kind of concept makes sense when using two different vpn provider. Here on AirVPN I doubt you will ever see multi-hopping because it makes no sense. This will stress the servers and raise the traffic dramatically. And probably most users won't ever need that paranoia level of security. And honestly, making bomb threats against a school is a really bad joke...

Share this post


Link to post

 

Is such a multihop setup already in place and to what extent?

...

Here on AirVPN I doubt you will ever see multi-hopping because it makes no sense.

...

 

This is not something that the OpenVPN server software that AirVPN and most other providers use does. Air would have to write their own distributed VPN server software. Not likely.

 

You can set up multi-hop yourself. I played with chaining VPN servers. This worked better than using Tor. And also moving a lot of data over Tor is abusive of the folks running Tor relays on their PC-s. But even chaining VPN servers the performance of your connection will degrade very quickly. When I played with this, it would not have been usable for much.

 

By the way, when you use Tor to connect to a VPN server, a single Tor circuit of TCP connections will be used through out the entire VPN connection session. See:

 

https://airvpn.org/topic/10191-should-use-outboundbindaddress-for-openvpn-over-tor/?p=13230

 

So it may not be so hard for the NSA or its ilk to trace you as you think. Most other circuits through the Tor relays you use will be short lived. Your circuit will stand out clearly. Keep in mind that the NSA and such save meta-data for later analysis.

 

There is a point of diminishing returns.

Share this post


Link to post

I get very adequate speeds using TOR with Air.  Everyone knows TOR is not going to be fast enough for downloading huge files in a hurry.  My raw connection is 50 meg and that is never happening on TOR.  However; for surfing around, reading, and posting on forums its more than fast enough.  TOR has improved quite a bit from a year ago.  If you reverse the direction and use TOR over AIR instead of Air over TOR you still get revolving circuits on about a 10 minute interval.  Of course you can manually set new circuits anytime you want with a click on the TOR browser.  A virtual machine with TOR protects a user from being surveilled by any VPN provider.  They only see the entry node and nothing beyond that since TOR encrypts to your machine.

 

I am not writing this because I don't trust AIR, but then again I don't want to be in a place where I need to trust them.  I am writing this because this same TOR process also ELIMINATES the datacenter from being able to log my destinations.  Once I enter the TOR node and bounce through the relays my destination is not ever going to be logged.  As a side note; if you are wise about what happens AFTER the TOR exit node you will retain a strong position.  I am active on HTTPS forums and I verify the full fingerprint on the cert before assuming I am where I think I am.  Not rocket science and not difficult either.

Share this post


Link to post

 

 

Is such a multihop setup already in place and to what extent?

...

Here on AirVPN I doubt you will ever see multi-hopping because it makes no sense.

...

 

This is not something that the OpenVPN server software that AirVPN and most other providers use. Air would have to write their own distributed VPN server software. Not likely.

 

This is already in practice... but not for direct use. AirVPN has already implemented a double-hop... see the status site. But it's only for preventing from censorship. So you as a user don't have any influence on the second hop. But the functionality for a double-hop is already there. It is only activated if it is needed... so not for permanent usage...

Share this post


Link to post

 

 

 

Is such a multihop setup already in place and to what extent?

...

Here on AirVPN I doubt you will ever see multi-hopping because it makes no sense.

...

 

This is not something that the OpenVPN server software that AirVPN and most other providers use. Air would have to write their own distributed VPN server software. Not likely.

 

This is already in practice... but not for direct use. AirVPN has already implemented a double-hop... see the status site. But it's only for preventing from censorship. So you as a user don't have any influence on the second hop. But the functionality for a double-hop is already there. It is only activated if it is needed... so not for permanent usage...

 

This is only for very specific ultimate destinations. Statically defined. Nothing close to what was being asked about.

Share this post


Link to post

...

You can set up multi-hop yourself. I played with chaining VPN servers. This worked better than using Tor. And also moving a lot of data over Tor is abusive of the folks running Tor relays on their PC-s. But even chaining VPN servers the performance of your connection will degrade very quickly. When I played with this, it would not have been usable for much.

...

 

I should probably have been more clear by what I meant by "much". "Much" would include torrenting or streaming video.

 

I get very adequate speeds using TOR with Air. Everyone knows TOR is not going to be fast enough for downloading huge files in a hurry. My raw connection is 50 meg and that is never happening on TOR. However; for surfing around, reading, and posting on forums its more than fast enough.

...

 

But would a newbie reading this know that? In the past, Tor suffered a lot of abuse due to people torrenting over it.

 

For just browsing, yes, Tor is good. So long as you use the (somewhat crippled) browser that they provide. Or (as you say) go even further and enclose the browser in a virtual machine so that it cannot possibly report information it finds on your real machine. But I wonder then how much having the VPN as a first hop really adds.

 

My basic concern is that when people (i.e. a newbie) think VPN, I suspect they think full functionality. With Tor involved (and a restricted browser), this is not really the case.

Share this post


Link to post

 

 

Is such a multihop setup already in place and to what extent?

...

Here on AirVPN I doubt you will ever see multi-hopping because it makes no sense.

...

 

 

You can set up multi-hop yourself. I played with chaining VPN servers. This worked better than using Tor. And also moving a lot of data over Tor is abusive of the folks running Tor relays on their PC-s. But even chaining VPN servers the performance of your connection will degrade very quickly. When I played with this, it would not have been usable for much.

 

Nadre:

 

Can you please confirm what happen when your connection degraded over VPN tunneling ? Did you notice the speeds just drop to few megs after an hour or 2 ?

 

Would be interested to know, thanks.

Share this post


Link to post

 

 

 

Is such a multihop setup already in place and to what extent?

...

Here on AirVPN I doubt you will ever see multi-hopping because it makes no sense.

...

 

 

You can set up multi-hop yourself. I played with chaining VPN servers. This worked better than using Tor. And also moving a lot of data over Tor is abusive of the folks running Tor relays on their PC-s. But even chaining VPN servers the performance of your connection will degrade very quickly. When I played with this, it would not have been usable for much.

 

Nadre:

 

Can you please confirm what happen when your connection degraded over VPN tunneling ? Did you notice the speeds just drop to few megs after an hour or 2 ?

 

Would be interested to know, thanks.

 

My post referred to what happened when I connected to AirVPN through another VPN, provided with my seedbox.

 

With just AirVPN it works great. Well perhaps a noticeable latency while browsing. But I normally only use AirVPN for torrenting. I use a second account when I want to stream video from a site geo-blocked from me. Which is not that often. So I may not be the best judge.

 

When I tried streaming with my chained VPN-s (connecting to AirVPN via my seedbox VPN), the delays getting video to start were enormous. And I just gave up on it after a couple of tries. I was only dong it to see how to go about it anyway. I did not do any sort of in depth analysis of the performance, or where the issues were. I suppose the problems could have just been with my seedbox VPN. I don't think I have ever tried streaming video through it by itself.

Share this post


Link to post

thanks just good to know I think with AirVPN it is more then enough and stable for now.

Share this post


Link to post

 

...

You can set up multi-hop yourself. I played with chaining VPN servers. This worked better than using Tor. And also moving a lot of data over Tor is abusive of the folks running Tor relays on their PC-s. But even chaining VPN servers the performance of your connection will degrade very quickly. When I played with this, it would not have been usable for much.

...

 

I should probably have been more clear by what I meant by "much". "Much" would include torrenting or streaming video.

 

>I get very adequate speeds using TOR with Air. Everyone knows TOR is not going to be fast enough for downloading huge files in a hurry. My raw connection is 50 meg and that is never happening on TOR. However; for surfing around, reading, and posting on forums its more than fast enough.

...

 

But would a newbie reading this know that? In the past, Tor suffered a lot of abuse due to people torrenting over it.

 

For just browsing, yes, Tor is good. So long as you use the (somewhat crippled) browser that they provide. Or (as you say) go even further and enclose the browser in a virtual machine so that it cannot possibly report information it finds on your real machine. But I wonder then how much having the VPN as a first hop really adds.

 

My basic concern is that when people (i.e. a newbie) think VPN, I suspect they think full functionality. With Tor involved (and a restricted browser), this is not really the case.

 

I add the VPN for two reasons mainly:

 

1.  I don't want my ISP to be aware that I have ever used TOR.  VPN's are everyday in my area and many use them.  TOR "appears" or is perceived to be used by those up to no good.  That is not true but that is what folks think.

 

2.  If I somehow make a mistake while using my TOR VM and a "breakout" happens, it will cause my VPN IP to be leaked and not my real IP.

 

 

The VPN speeds far exceed TOR's so I notice no performance hit by adding the VPN first.  I run linux VM's for additional isolation and the laptops I use have > 8 Gig of Ram so I assign at least 5 Gig to the VM's.  They are lightning with that much designated RAM.  I don't always use TOR and sometimes merely use the VPN depending on where I am and what I am looking at.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...