Now as I said, compromising all three Tor nodes you use is more difficult than compromising a single VPN server, but not necessarily impossible for someone like the US government. Some believe an attack on Tor by flooding the network with malicious nodes was already pulled off by the FBI in collaboration with a university to take down the Silk Road 2.0. Also if you are unlucky, you may end up connecting to three malicious nodes and then, these know everything just like a VPN server. It is theorized that many such attackers try to control exit nodes, so they can see the un-encrypted traffic and then try to figure out who it belongs to based on the content. Anyone can add a Node to the Tor network. And of course, the exit node is furthest away from you, so it has the least chance of figuring out, what IP address is yours. This prevents anyone but the exit node to see, what and to whom you are sending. Now there are encrypted tunnels from YOU to each of the nodes, sort if tunnels within tunnels. Responses take the same route in the opposite direction. The exit node then forwards them to the website. When you send data through Tor, they are sent to the first (entry) node, which forwards them to a second node, and that one forwards them to a third (exit) one. Tor works similarly to a VPN, except there are three computers between you and the website. While VPN can be effective against less powerful attackers, that can't force ISPs, websites and VPN providers to cooperate, they are not as effective against nation state actors, especially the USA, who can usually just force them to reveal the information they seek. The FBI has successfully compromised a VPN in the past.Īs you can see, VPN are only secure if you trust the VPN provider and even then, correlation attacks can be dangerous. If you don't use HTTPS or other encryption, than the VPN knows everything on its own. Now if there is another layer of encryption, such as HTTPS, then the VPN server still just sees the encrypted traffic, but it still knows a lot and the website knows the rest. It also knows what you are sending, as the encrypted VPN tunnel ends at the VPN server. It knows who you are sending data to, because it has to deliver it. It knows your IP, because you are sending data to it and it needs to send you the responses. This is called a correlation attack.įurthermore, the VPN obviously knows everything. Further, they can see when exactly you were sending data and how large the packets were and narrow it down further, possibly to you exactly. Therefore if they cooperate, they can immediately narrow down the number of "suspects" to the users of the VPN you are using. Now notice that the ISP knows you are sending data to the VPN server and the website knows it is receiving data from the VPN server. Because the data is encrypted in the tunnel, the ISP does not know what you are sending or whom to. Your ISP still can see you are sending data, but it can only see when you send it, how much you send and that it is sent to the VPN server. You could also try spoofing your IP address but then, the response would be sent to the spoofed IP and never get to you. It prevents the website from seeing your IP address from the connection, because the data is sent to it by the VPN server. Now this helps makeing you anonymous in several ways. It then sends it response to the VPN server, which then forwards it to you using the encrypted tunnel again. For the website, it seems as if the VPN server sent the data. When you want to send data to a server on the internet (let's call it website for simplicity but it can be anything and everything on the internet), you first send it to the VPN server through the encrypted tunnel and the VPN sends it on your behalf. What a VPN does is create an encrypted tunnel between you and a VPN server. This is a long explanation, for a TL:DR, read my first answer here.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |