Kaius 0 Posted ... Good evening, my question is this.We know that it's possible to connect to AirVPN through TOR; for example, by using the address and the port given by Vidalia TOR. This produce a situation like that:TOR (Vidalia) > AirVPN (some server) > InternetAirVPN don't know the original IP and encrypt the contents, so, neither government or service provider can trace or retrieve data, also outside of an SSL (https) connection. Anyway, AirVPN know the IP where you want to connect and this last know your ip from a server of AirVPN. My question is this: what if I open a Tor Bundle Browser after connecting to AirVPN through TOR management by VIDALIA? It's a scheme like this:Tor (Vidalia) > AirVPN (some server) > Tor Browser Bundle > Internet I just see that it's possible, at least, on Linux Debian. Apparently, the data go through AirVPN in the Tor Bundle and so, also through VIDALIA. Maybe this is a more secured way of working? At least because Internet don't know the IP of AirVPN proxy, you can access to .onion website and the data are still encrypted by the VPN. Or I fall wrong in some points? Nobody try something like this? Thank you Quote Share this post Link to post
me.moo@posteo.me 80 Posted ... Loads of us use this sort of config lots! Personally I just use AirVPN --> Tor Browser if I use Tor at all. Quote Share this post Link to post
Khariz 109 Posted ... Yep, I agree. This setup works just fine as long as you trust AirVPN. And I do trust AirVPN. Quote Share this post Link to post
Kaius 0 Posted ... I don't know if you understand me.The configuration it's notTOR > AirVPN > InternetorAirVPN > TOR > Internet but TOR > AirVPN > TOR > Internet This make another layer of security; or not? Quote Share this post Link to post
Khariz 109 Posted ... I can't imagine how got awful slow that would be. Unless you are Edward Snowden, it's just not necessary to be that dectuple anonymous. Quote Share this post Link to post
me.moo@posteo.me 80 Posted ... I don't know if you understand me.The configuration it's notTOR > AirVPN > InternetorAirVPN > TOR > Internet but TOR > AirVPN > TOR > Internet This make another layer of security; or not? Of course we understand it! Quote Share this post Link to post
Kaius 0 Posted ... It's not so slow as you can image. It works. But what about encryption? It's always enhanced by airvpn? Quote Share this post Link to post
me.moo@posteo.me 80 Posted ... Linking ten VPN's together with a Tor link in between each of them would work! It would serve no purpose and be unusable. VPN -> Tor or Tor -> VPN provides plenty of encryption, plus you could use an SSL or SSH tunnel plus only ever use https to give you end to end encrytion too. That would be four layers, how many is enough? Why not add a second VPN to the chain, a few people do that to enhance their anonymity level - it isn't all about encryption. Quote Share this post Link to post
Kaius 0 Posted ... Yeah, but as I was using only TOR before, I just improve my security with VPN, first of all for encrypting the content. I'm not sure TOR encrypt very well the data contents. Most of the times I'm using SSL, but sometimes there are website with no SSL encryption available, so, I have to find a way to encrypt the data. As I work in not easy countries, this can be more safe... And also putting a TOR chain between and after the VPN, can be more safe.So, the VPN' encryption continue to work also with a configuration TOR1+VPN+TOR2, and the only problem can be the internet speed? As it work fast enough for me, that's not a real problem. I can be more worried if a TOR2 nodes can be, for example, a spoof one that can detect and store not-encrypted data contents. Quote Share this post Link to post
me.moo@posteo.me 80 Posted ... Sure adding a VPN increases your security (any addition does, and you don't have the issue of a rogue Tor exit relay if your exit IP is a VPN one); if you switch Tor circuits very regularly then how much useful data implicating yourself that can be collected is questionable. If the speed is ok for you then fine, add as many Tor, VPN's, proxy's or whatever. If EVERYTHING you do on the internet has to be encrypted then as you said, using https everywhere will be impossible so the question about VPN's and Tor dowsn't come into the discussion. Quote Share this post Link to post
iwih2gk 94 Posted ... I don't know if you understand me.The configuration it's notTOR > AirVPN > InternetorAirVPN > TOR > Internet but TOR > AirVPN > TOR > Internet This make another layer of security; or not? Something else to consider depending upon where you live. In your model your ISP and the local authorities (adversaries) SEE that you are using TOR. Plus the websites you visit see that you are joining them via TOR exit IP's. So that is TOR drawing attention on both ends of your tunnel regardless of how long it is. In my place of residence TOR is a red flag pure and simple. A VPN for my jurisdiction might get a casual notice, but TOR turns on a spotlight. Its true and how it is, so visit that for yourself just to be safe. Trying to help not discourage your interest in security. The VPN set up properly as the first hop, totally obfuscates the use of TOR leaving you without anywhere near the "spotlight", at least where I live. Quote Share this post Link to post