Recent comments on posts in the blog:

RE: VPN + Tor

Note that you summed up the entirety of the surface area for the Global Passive Adversary opponent as:

" extracting information from the VPN provider via the legal system extracting information from ISPs/ASes on both sides of the VPN provider gaining permission to watch traffic on the VPN's network watching traffic on the VPN's network (via compromise) "

These are, in fact, the principal ways in which a GPA would attempt to negate the anonymity advantages of VPNs (as opposed to other safeguards; any safeguard can be bypassed with more nefarious means, such as a $5 wrench, viewing plaintext in compromised environments, etc.). However, if we take misplaced trust as a more general issue that only affects GPA because it affects EVERYTHING, there are several problems with this analysis:

  1. The third point is redundant. If an adversary gains access to the VPN's network, they have likely either gotten permission (legal means) or compromised the system. The alternative is if the VPN provider itself is an adversary, in which case trust was misplaced, which we are treating as a separate issue. This leaves us with only 3 points: legal means, external traffic analysis, and compromise.

  2. Compromise itself is a breach of trust in the security of the provider's systems. Treating misplaced trust as a separate issue leaves 2 remaining points: legal means, and external traffic analysis.

  3. A VPN provider's jurisdiction can be chosen to make the surface area of the legal method so small as to be irrelevant for most users, who are probably just wary of unwarranted surveillance by a GPA.

  4. This leaves external analysis via timing as the only feasible GPA method specific to VPNs. Mitigation of timing/data length side-channel vulnerabilities are part of ongoing research. Thus large actors, such as nation-states, are likely able to perform such analysis, and it may not yet be possible to mitigate it.

  5. However, the remaining 3 points are not necessarily feasible, even for nation-states, much less a lesser adversary that might qualify as a GPA, so connecting to Tor via VPN does provide additional, although non-complete, anonymity against GPAs.

  6. Additionally, it is a laughable notion that somebody who sets up a few Tor nodes (or a few hundred, whatever is sufficient to get a reliable analysis) must necessarily also be capable of nation-state level methods. A few hackers and their buddies could feasibly set up this many nodes, but obviously they would not have the same legal means nation-states would have, nor the sheer number of experts and computing power, to compromise a VPN with the same efficiency.

Comment by bup