Re: [Tails-dev] Please review and merge doc/why_tor

Delete this message

Reply to this message
Author: intrigeri
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Please review and merge doc/why_tor
hi,

sajolida@??? wrote (16 Apr 2014 10:40:14 GMT) :
> intrigeri:
>> "because the administrators of the VPN can know both where you are
>> connecting from and where you are connecting to"
>>
>> --> How about mentioning that basically anyone who can monitor the VPN
>> server's connection can also do that?


> I'm not sure I understand what you mean here? Are you referring to an
> attacker sitting on the ISP of a VPN server, and observing incoming and
> outgoing connections?


Yes.

> I'm not very knowledgeable about VPNs in the real-world, but I thought
> that a VPN could be a big network infrastructure of its own, spreading
> across the world. And so, potentially, without a single point where you
> can observe both the incoming and outgoing connections. In that case,
> breaking the anonymity of the VPN would require a global adversary or
> being the admin of the VPN.


I guess it's correct that large VPN providers have multiple point of
presence on the Internet. Still, an attacker only needs to monitor
these N points, and then I think my point still holds if N>1 but is
relatively small, which I expect to be the case. Monitoring the IX's
where these POP live works too.

Regarding the other changes and answers: great!

Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc