Linking together multiple VPNs and with randomness?
- Thread starter SwitchBlade
- Start date
Guess I'll add that I have no argument re: the technical implementation of Tor or as to whether it is 'intentionally' a honeypot or not. I simply wouldn't know and am not interested in or capable of exploring it at that level.
With that in mind, I concede that Levine may have been talking out of his ass re: the honeypot angle, but at the same time I think it's hard to blame someone for speculating about such things when so much money from a single government is involved.
With that in mind, I concede that Levine may have been talking out of his ass re: the honeypot angle, but at the same time I think it's hard to blame someone for speculating about such things when so much money from a single government is involved.
Last edited by a moderator:
drmike
100% Tier-1 Gogent
Government backing of ToR has always bothered me.
Nothing per se better to convince suspect minds about security than to say THE MILITARY USES IT / FUNDED IT. Lots of bad actors fall for such civic pride / confidence.
I use ToR little as much gets blocked. Creates a browsing hazard. Further, any leak that might happens therein hinges that suspect network to use / terminal / IP etc. I run clean limited use stations for some stuff just cause, but I fear leaking still.
Why does any of that matter? Because eventually in sharpening this pencil of a privacy / anonymous layer, one would hope to perfect a formula that works. Can't say I've achieved that goal sufficiently to point that I'd advise others follow the recipe. Similarly, saying ToR = safe is a bad recommendation.
Any single provider / single solution isn't going to cut it. Things are a whole lot more complex than face value.
Nothing per se better to convince suspect minds about security than to say THE MILITARY USES IT / FUNDED IT. Lots of bad actors fall for such civic pride / confidence.
I use ToR little as much gets blocked. Creates a browsing hazard. Further, any leak that might happens therein hinges that suspect network to use / terminal / IP etc. I run clean limited use stations for some stuff just cause, but I fear leaking still.
Why does any of that matter? Because eventually in sharpening this pencil of a privacy / anonymous layer, one would hope to perfect a formula that works. Can't say I've achieved that goal sufficiently to point that I'd advise others follow the recipe. Similarly, saying ToR = safe is a bad recommendation.
Any single provider / single solution isn't going to cut it. Things are a whole lot more complex than face value.
Maybe Russians just have a completely different sensibility and aren't as easily persuaded when it comes to the thought of revoking cynicism re: government encroachments. Somehow I doubt that the practice of samizdat had anything resembling today's line-up of friendly neighbourhood government funded anti-surveillance media personalities to help disseminate it.
Last edited by a moderator:
drmike
100% Tier-1 Gogent
Americons are prone to such delusions, perhaps unlike any other. Surely others fall for the sprung trap, but...
Um, returning to the topic... might be considered crude, but could always create and save multiple X2GO sessions across an eclectic array of vps, then write a simple mouse & keyboard macro to open a random one. Do that a few layers deep and you'll have what the OP is asking for.
Or, get SummerHost V>9000 to do it for you as they offer a Premium Ready-Made Solution (they accept MoonPay too):
Or, get SummerHost V>9000 to do it for you as they offer a Premium Ready-Made Solution (they accept MoonPay too):
Last edited by a moderator:
drmike
100% Tier-1 Gogent
That would be incredible on overhead and slow - just rule of any GUI. I use X2GO, and it's tolerable at best. Better than VNC, but still lacking.
Routing packets from local would be more approachable. Simply, something like a Raspberry Pi, config'd as a gateway. On that Pi, toss OpenVPN client which connects to a remote server in a datacenter.
Now at one level of depth.
On your local desktop, make the Pi your gateway IP and one rule on the Pi to allow packets to flow back and forth. Iinstall OpenVPN client on the desktop, connect to another VPN / another provider.
Now at two levels of depth.
That's doable without any exotic and prone to breaking iptables rules.
--- trick is to connect to providers that perform well enough together with a really fast first layer, as the throughput will decline and latency will increase rapidly ---
From there, you could on that local desktop run something like sshuttle to provider a nested 3rd level. 3rd level and beyond gets complicated. sshuttle messes with iptables, so might be best to connected to a HTTPS remote proxy on that third layer.
Downside of this approach is each layer upstream presents breakage where bandwdith goes offline. Meaning you may find yourself manually restarting the nested layers from time to time. Quite a PITA, at least a first.
To keep it all sane, need to do something about DNS lookups which should get balanced to multiple public aggregation DNS servers and ideally over something like DNSCRYPT, although weary of the limited pool (there are some bigger providers like Cisco/OpenDNS in there, but downside with them is on center focus and data collection which we are all unsure of).
Yeah, this is essentially how I run multiple LANs 24x7. I have DNSMASQ with a large domain block list on LAN also.
Won't win any throughput comptetitions with this... But it works. Needs automated and some iptables rules to hard force everything into VPNs.. otherwise leakage will happen.
The whole point is that technical arguments are the only arguments that matter here, because of how Tor is designed. It is 100% technical security. If the background of those developing Tor matters in any way, then Tor as a project has failed - because it was designed specifically to not make that the case.
I'm not arguing that we should trust the Tor developers. I'm arguing that, from a security point of view, it literally doesn't matter whether the Tor developers are trustable or not. It does not affect the security of Tor.
It isn't "letting readers come to their own conclusion". It's a manipulative propaganda piece. If it truly were intended to be a neutral informational piece, it would have been written in a wildly different tone.
And that is exactly the problem with Levine's pieces. Note the phrasing. "funded and compromised by" - one of the two is true, and it's not the latter. Yet they are grouped together to create the illusion that there is somehow a correlation between the two points, where there isn't. These kind of propaganda tactics are all throughout his articles.
Last edited by a moderator:
@drmike yeah, that seems like a better idea than X2GO eclecticism, although I still probably wouldn't risk it without a breathable full body Faraday suit. This is basically my current setup except I have a grenade bandolier of raspberry pis and I wear a tinfoil kippah rather than a garbage bin helmet:
Last edited by a moderator:
drmike
100% Tier-1 Gogent
I use X2Go
It's just rather bulky to go nesting with it.Was thinking for additional 3rd layer one could run VirtualBox on workstation and reach out from that nested and those 2 VPNs. Throw a different technology on the Virtual instance to mix it up and make it less obvious / prone to fubar gotcha. Perhaps a SSH tunnel.
What a photo
Let me put it a different way. A quick look at the funding suggests that a sine qua non of Tor is the presence of American agents. It would seem that Tor's anonymous motley simultaneously guarantees their presence and is constituted by it. It has been that way since day one.
I see you've become taken aback at Levine's suggestion that Tor is 'compromised', but he wasn't using that word in a technical sense. What he meant is that Tor is compromised by the presence of government agents in a context of American soft power.
His critical point is that as a Tor user you are essentially saying: "My usage of Tor is a guarantee that the American government will have a greater chance of being anonymous on the internet. As Tor's userbase becomes more widespread and eclectic, the probability of government agents blending in increases, thereby invisibly augmenting American soft power."
Levine takes issue with contexts of internet anonymity whereby 'government presence in the software' is an unavoidable prerequisite of the software's functionality. He is simply asking, "is that what you want the meaning of your anonymity to be?"
As to whether the software itself is fool proof, that is beyond the scope of his writing.
Last edited by a moderator:
That is false. The presence of American agents is in no way required for the correct functioning of Tor.Quote said:
This is a prerequisite for technical anonymity as a concept, and is unrelated to Tor itself. You can either tolerate everything, or tolerate nothing. It is inherent to the model of 'anonymity', and is in no way related to the US in particular. There is no 'compromise' because there exist no other ways to accomplish the same goals - you cannot have anonymity without treating each actor equally, because in a well-functioning system, you cannot obtain the necessary information to remove 'undesirable' actors.Quote said:
His writing and attitude suggested otherwise.Quote said:
True, it obviously isn't 'required' and I never said it was. I'm not sure if you're intentionally misreading me but I'll try again. What I meant is that such copious public funding suggests the branding initiative known as Tor was constituted in large part by American soft power. A certain percentage of its 'real-time' throughput is probably representative of various American government agencies in a demographic context, although that is only speculation as I wouldn't know (blah blah 'following the money' is meaningless in post-post-neocapitalism or whatever).
I disagree. I'm not very experienced or well versed in/on the subject but would wager that 'government presence in the software' is not necessarily a prerequisite for anonymity as a concept (although such 'technical prerequisites' might strategically vie to appear within dystopian niche-markets...). There may be instances of Tor within infinite universes that are not expressive of American soft power. Other Tor-like software may exist that was not produced by a government and will never announce itself to the public. The more or less guaranteed presence of a particular association of government agencies would not be a prerequisite for the emergence or reification of such software.
'All or nothing' binary options regarding 'toleration' are probably not inherent to 'models of anonymity'. Tor is related to the US in particular, they view themselves as innovators and have proudly given it their imprimatur. On the other hand, I would imagine there are innumerable non-aligned instances of non-identity embedded in software that does not necessarily exist to make itself known to, or provide cover for, US agents. Such software could even exist without being hysterically perceived/sensationalized as anti-American!
Such a concept would preclude anonymity that is invisible to certain 'actors' as a prerequisite of its becoming (whether intentionally or inadvertently). Its means of non-identity may even be relatively passive and oblivious, or may have had no knowledge of whether 'that which it could not help but appear as invisible in relation to' was 'undesirable' or not.
Boring, anti-climatic disclaimer: I connect 'directly' to the internet through a residential gateway most of the time.
Last edited by a moderator:
Not intentionally misread. It's very well possible that the US government uses Tor a lot. This is inevitable.
Government presence is not required. Tolerance of government presence however, is. The whole point of a truly anonymous system is that you cannot identify actors, and if you cannot identify actors then you also cannot exclude them. It is, thus, inherently required for a correctly functioning anonymity system.
They absolutely are. See above. It really is this binary - that is just how it works from a technical perspective. Wishing it to be otherwise doesn't change that.
Absolutely no idea what you're trying to say here.
It was in response to your theory of 'correctly functioning' internet anonymity as a utopia of tolerance and equality.
In short, anonymity that is invisible to certain 'actors' as a prerequisite of its becoming would have very little to do with 'equality'. Seems likely that it would not emerge as anything other than a reaction to an absence of equality, whether consciously or not.
In short, anonymity that is invisible to certain 'actors' as a prerequisite of its becoming would have very little to do with 'equality'. Seems likely that it would not emerge as anything other than a reaction to an absence of equality, whether consciously or not.
Last edited by a moderator:
It's not a "utopia". It's a technical requirement.
Again, really not sure what you're talking about. Correctly functioning anonymity protects your identity from all parties, not just some.
@KuJoe true, I recant.
I suggest reading Recantorium and substituting the author's biographical details with randomness, then replacing instances of "National Poetry Month" with "Tor" and "Poetry Commonwealth" with "Internet". Don't forgot to replace "Books of Accessible Poets" with "Anonymous Tor Connections" (or any phrase of your choosing) and so on.
I suggest reading Recantorium and substituting the author's biographical details with randomness, then replacing instances of "National Poetry Month" with "Tor" and "Poetry Commonwealth" with "Internet". Don't forgot to replace "Books of Accessible Poets" with "Anonymous Tor Connections" (or any phrase of your choosing) and so on.
Last edited by a moderator:
Wanted to return to this as I hesitantly tried sshuttle for the first time a few hours ago. Without getting technical, I don't like how its nesting functions as a single point of failure (thereby perma-infantilizing subsequent connections and putting them at risk). If the goal is connecting via randomized multiplicity, why would anyone want one nest along the continuum to...