Jump to content
Not connected, Your IP: 3.90.33.254
Sign in to follow this  
Waterwater10

Thoughts on Tails not allowing a VPN.

Recommended Posts

Tials, the TOR OS actively disallows the use of a VPN. I was reading their reason why, but I'm not sure about it. 

 


Some users have requested support for VPNs in Tails to "improve" Tor's anonymity. You know, more hops must be better, right?. That's just incorrect -- if anything VPNs make the situation worse since they basically introduce either a permanent entry guard (if the VPN is set up before Tor) or a permanent exit node (if the VPN is accessed through Tor).

Similarly, we don't want to support VPNs as a replacement for Tor since that provides terrible anonymity and hence isn't compatible with Tails' goal

https://tails.boum.org/blueprint/vpn_support/

So, they say it's less secure, but on the off chance you get connected to all servers owned by the same person, they can then trace it back to your physical address. Even if the VPN provider obtains logs, they would still then need to go through a process to get the info off the company.

 

I don't understand how having a VPN connected (especially if the VPN doesn't keep logs) can be less secure. Your physical location is a "permanent entry guard", surely it's better to have a VPN as the permanent entry guard.

Share this post


Link to post

The statement is correct because not all VPN providers are the same, and most of them do keep logs.

In order to avoid biased reviews and recommendations, they suggest the use of Tor instead of a VPN,

in which case the anonymity is better than with some VPN providers who keep logs.

 

You can still manually install OpenVPN, but in this case Tails might not be for you, something like Whonix

will be more flexible with such setups.


Occasional moderator, sometimes BOFH. Opinions are my own, except when my wife disagrees.

Share this post


Link to post

The statement is correct because not all VPN providers are the same, and most of them do keep logs.

In order to avoid biased reviews and recommendations, they suggest the use of Tor instead of a VPN,

in which case the anonymity is better than with some VPN providers who keep logs.

 

You can still manually install OpenVPN, but in this case Tails might not be for you, something like Whonix

will be more flexible with such setups.

 Do you suggest that VPNs that don't keep logs do make it more secure?

Share this post


Link to post

It makes sense to use tor inside a VPN because more people use VPNs than tor, so it is a bigger target. The VPN might not make the connection more secure, but it makes it less conspicuous.

 

This is especially relevant in countries such as Turkey where the authorities regard tor use with real suspicion.

Share this post


Link to post

On top of all of the above, you can always use Tor after you have connected to some VPN server. So Tor usage can not be detected by your ISP, your government or anybody wiretapping your lines.

 

Also, Tor can't support UDP, of course, so a VPN can be used to tunnel UDP traffic with a strong protection against anybody sniffing your traffic.

 

Kind regards

Share this post


Link to post

I think Tails should make an option to allow VPN exit / entry nodes at startup, just the same as administrator privelages or persistent drives.  The problem with running exlusively from Tails and Tor is that you can't access the entire internet.  For example, my banks disallow a login through Tor.  So to login with my bank, I'm forced to use my regular operating system and risk being compromised.  I'd love to access my banks through Tails and Tor for security, but alas, I cannot unless exit node VPNs (like Air) are allowed.

 

Granted, I can use the unsecure browser.  I'm not compromised since I'm using Tails on a fresh restart.  But this has the drawback of exposing my IP and allowing my ISP, hotel, coffee shops, etc., to know where I bank.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image
Sign in to follow this  

×
×
  • Create New...