[tor-talk] Tor transparent proxying over OpenVPN

ef2k at tormail.org ef2k at tormail.org
Sun Jun 16 23:57:57 UTC 2013


> The simplest solution would be to use a VM. Run the VPN client on the
> host machine, and the Tor setup in the VM. You could also run the VPN
> client in a pfSense VM, and the Tor setup in another VM that uses the
> pfSense VM as its LAN router.

This wouldn't work for me, I only have access to an outdated netbook, it
can't run a single VM without bringing the computer almost to a halt,
definitely not two.


> How fast must new obfuscated bridges be created to replace old ones that
> have been discovered? What's the mean lifetime of an obfuscated bridge?
>
> If obfuscated bridges don't last very long, it's very likely that ef2k's
> ISP will quickly determine that he's using Tor, even if it can't
> consistently block Tor use.
>
> If ef2k were using a VPN service, on the other hand, his ISP would need
> to gain cooperation of his VPN provider, or snoop its exit traffic. And
> he could choose VPN providers prudently to make either harder for his
> ISP to accomplish. Or he could nest multiple VPNs.
>
> He could also use both VPNs and obfuscated bridges, if hiding Tor use
> really matters.

I am worried about this. It's why I don't want to rely on obfuscated
bridges to hide my Tor usage, as they're not private and one day I could
get flagged as using Tor if the ISP/military/police is monitoring
connections to the bridge that I'm using at the time.
VPN seems to be the best solution. Services like Airvpn offer additional
services - VPN over SSH and VPN over SSL. VPN over SSL would hide that I'm
using a VPN, unless they are monitoring connections to Airvpn servers, but
even then they could only see that I'm using a VPN - *not* a big deal
compared to Tor.



More information about the tor-talk mailing list