Jump to content
Not connected, Your IP: 18.218.245.179
Nq8g_iOs

Is a TLS encrypted AirVPN v3 .onion address connection possible?

Recommended Posts

AirVPN was ahead of the curve getting the site on Tor quickly using its new v3 addresses. Today I logged into The Hidden Wiki using Tails and spotted the new Protonmail v3 .onion address and tested it out. I was able to log into Protonmail using the new v3 .onion domain address and TLS with my Protonmail user name and password.

So then I tried logging into AirVPN's regular domain address https://airvpn.org/ thru Tails/Tor and was *unable* to log in with my account credentials. The error message said my user name and password did not exist. I checked the site information for AirVPN in the web browser and it said the connection was TLS secured, and the certificate was thru Let's Encrypt. I don't want to log in to AirVPN using its v3 .onion address, as the site information says its an HTTP only connection, doesn't use TLS, has no site certificate, and through Tor, its not a good idea sending user account data unencrypted. But then I was able to log into AirVPN https://airvpn.org/ on another PC with a normal direct Internet connection, and was able to easily log into AirVPN with my account credentials.

But I was noticing many popular websites in The Hidden Wiki now have v3 .onion addresses and they all seem to be connecting using HTTPS, TLS and are site secured by DigiCert Inc certificates: Facebook, BBC, The Intercept, DuckDuckGo, Deutsche Welle, NYT Secure Drop, etc, they're all using DigiCert Inc certificates in TLS secured connections connecting thru Tails & Tor.

At the time my login to https://airvpn.org/ failed Tails said my connection was coming out of Switzerland. I'm not sure, is Let's Encrypt having problems? I've been able to log into AirVPN directly using Tails before, this was the first time I've seen that happen. Got me wondering, is my login to Protonmail thru Tails using its v3 .onion address possibly compromised if the AirVPN login attempt failed? It seemed to be the Protonmail.com website, all my emails were there, drafts I'd written, emails I'd sent out, etc. It's just unusual to see the AirVPN login be denied like that using Tails & going thru Tor with the regular domain address for AirVPN.

Makes me think, would the AirVPN login be less vulnerable to this kind of denial of service (possible interception attempt of login credentials?) when going thru Tor/Tails if the site were using a DigiCert Inc certificate for the TLS connections? Maybe check out the Let's Encrypt certificates thru Tor to make sure they're not vulnerable to a MITM redirect?

Not sure if this was a bug or a hack, but does seem like logging into v3 .onion sites TLS encrypted using DigiCert Inc certificates are maybe less vulnerable, if it was an attack using forged Let's Encrypt certificates. I hate to think that's even possible. Anyway, Idk if this is a heads up, possible problem with the Let's Encrypt certificates, or a bug. I don't want to raise a false alarm, but maybe somebody should take a look at logins into AirVPN using Tor with Tails.

-Ew;g_n

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...