Back to Home

Anonymity methods on the net. Part 4. Tor & VPN. Whonix

anonymity on the Internet · tor · vpn · the great Russian firewall

Anonymity methods on the net. Part 4. Tor & VPN. Whonix


    Hello!

    So we came to more interesting things. In this article, we will look at options for combining Tor with VPN / SSH / Proxy.
    For brevity, I will write VPNs everywhere, because you are all well done and already know the pros and cons of VPN, SSH, Proxy, which we studied earlier here and here .
    We will consider two connection options:
    • VPN first, then Tor;
    • Tor first, then VPN.

    I will also talk about the Whonix OS distribution, which implements the most advanced achievements in the field of network anonymity, because, in addition to everything else, both analyzed schemes are configured and work in it.
    The previous parts are here:
    Part 1: Methods of anonymity on the net. Just about complicated .
    Part 2: Methods of anonymity on the web. Data leaks .
    Part 3: Methods of anonymity on the web. Firefox .

    To begin, let's decide on some of the principles:
    1. The Tor network provides a high level of customer anonymity, subject to all the mandatory rules for its use. This is a fact: there have not yet been real attacks in public on the network itself.
    2. The trusted VPN (SSH) server ensures the confidentiality of the transmitted data between itself and the client.
    Thus, for convenience, as part of this article, we mean that Tor ensures the anonymity of the client, and VPN ensures the confidentiality of the transmitted data.

    Tor over VPN. VPN first, then Tor

    The VPN server with this scheme is a permanent input node, after which encrypted traffic is sent to the Tor network already. In practice, the scheme is implemented simply: first, a connection is made to the VPN server, then a Tor browser is launched, which will automatically configure the necessary routing through the VPN tunnel.

    Using such a scheme allows you to hide the fact of using Tor from our Internet service provider. We will also be closed from the input node of the Thor, which will see the address of the VPN server. And in the case of theoretical compromise of Tor, the VPN boundary will protect us, which, of course, does not store any logs.
    Using a proxy server instead of a VPN is meaningless: without the encryption provided by the VPN, we will not get any significant advantages in such a scheme.

    It is worth noting that, in order to circumvent the Tor ban, Internet providers have come up with the so-called bridges.
    Bridges are nodes of the Tor network that are not listed in the central Tor directory, that is, they are not visible, for example, here or here , and therefore are more difficult to detect.
    How to configure bridges is described in detail here .
    Several bridges can give us the Tor site itself at .
    You can also get bridge addresses by mail by sending an email to [email protected] or [email protected] with the text: “get bridges”. Be sure to send this letter from the mail from gmail.com or yahoo.com
    In response, we will receive an email with their addresses:
    "Here are your bridge relays:
    bridge 60.16.182.53:9001
    bridge 87.237.118.139-00-0044
    bridge 60.63.97.221:443
    »
    These addresses will need to be specified in the settings of Vidalia - Tor proxy server.
    Sometimes it happens that the bridges are blocked. To circumvent this, Tor has introduced the so-called “obfuscated bridges”. Without going into details, they are more difficult to detect. To connect to them, for example, you need to download, Pluggable Transports Tor Browser Bundle .

    The advantages of the scheme:
    • we will hide the fact of using Tor from the ISP (or connect to Tor if the provider blocks it). However, there are special bridges for this;
    • hide your IP address from the Tor input node, replacing it with the VPN server address, however this is not the most effective increase in anonymity;
    • in case of theoretical compromise of Tor, we will remain behind the VPN server.

    Cons of the scheme:
    • we must trust the VPN server in the absence of any significant advantages of this approach.

    VPN through Tor. Tor first, then VPN

    In this case, the VPN server is a permanent output node to the Internet.

    A similar connection scheme can be used to bypass the blocking of Tor nodes by external resources, plus it should protect our traffic from listening on the output Tor node.
    There are many technical difficulties in establishing such a connection, for example, do you remember that the Tor chain is updated every 10 minutes or that Tor does not pass UDP? The most viable option for practical implementation is the use of two virtual machines (more on this below).
    It is also important to note that any output node can easily allocate the client in the general flow, since most users go to different resources, and when using this scheme, the client always goes to the same VPN server.
    Naturally, the use of conventional proxy servers after Tor does not make much sense, since traffic to the proxy is not encrypted.

    The advantages of the scheme:
    • protection against listening to traffic on the Tor output node, however Tor developers themselves recommend using encryption at the application level, for example, https;
    • Protection against blocking Tor addresses by external resources.

    Cons of the scheme:
    • complex implementation of the scheme;
    • we must trust the exit VPN server.

    Whonix concept

    There are many OS distributions whose main purpose is to ensure anonymity and protection of the client on the Internet, for example, Tails and Liberte and others. However, the Whonix distribution kit is the most technologically advanced, constantly evolving and effective solution that implements the most advanced security and anonymity techniques .
    The distribution consists of two Debian virtual machines on VirtualBox, one of which is a gateway that sends all traffic to the Tor network, and the other is an isolated workstation that connects only to the gateway. Whonix implements the mechanism of the so-called isolating proxy server. There is also an option for the physical separation of the gateway and workstation.

    Since the workstation does not know its external IP address on the Internet, this allows you to neutralize many vulnerabilities, for example, if malware gets root access to the workstation, it will not be able to find out the real IP address. Here is a diagram of the work of Whonix, taken from its official website.

    The Whonix OS, according to the developers, successfully passed all possible leak tests . Even applications such as Skype, BitTorrent, Flash, Java, known for their peculiarities of accessing the open Internet bypassing Tor, have also been successfully tested for the absence of leaks of deanonymizing data.
    The Whonix OS implements many useful anonymity mechanisms, I will indicate the most important:
    • all traffic of any applications goes through the Tor network;
    • To protect against traffic profiling, Whonix implements the concept of thread isolation. The pre-installed applications in Whonix are configured to use a separate Socks port, and since each Socks port uses a separate chain of nodes in the Tor network, profiling is not possible;
    • secure hosting of Tor Hidden services services is provided. Even if an attacker breaks into a web server, he will not be able to steal the private key of the “Hidden” service, since the key is stored on the Whonix gateway;
    • Whonix is ​​protected against DNS leaks because it uses the principle of an isolated proxy in its architecture. All DNS queries are redirected to DnsPort Tor;
    • Whonix supports the “obfuscated bridges” discussed earlier;
    • The technology “Protocol-Leak-Protection and Fingerprinting-Protection” is applied. This reduces the risk of identifying the client through the creation of a digital fingerprint of the browser or system by using the most commonly used values, for example, the username is “user”, the time zone is UTC, etc .;
    • it is possible to tunnel other anonymous networks: Freenet, I2P, JAP, Retroshare via Tor, or work with each such network directly. More detailed information about the features of such connections can be found here ;
    • It is important to note that Whonix has tested, documented and, most importantly, work (!) all schemes for combining VPN / SSH / Proxy with Tor. More information about this can be found here ;
    • The Whonix OS is a completely open source project using free software.

    However, it is worth noting that the Whonix OS has its drawbacks:
    • more complicated setup than Tails or Liberte;
    • two virtual machines or separate physical equipment are required;
    • requires increased attention to service. It is necessary to monitor three OSs instead of one, store passwords, and update the OS;
    • on Whonix, the “New Identity” button in Tor does not work. The fact is that the Tor browser and Tor itself are isolated on different machines, therefore, the “New Identity” button does not have access to Tor control. To use the new chain of nodes, you need to close the browser, change the chain using Arm, the Tor control panel, the Vidalia analog in Tor Browser, and start the browser again.

    The Whonix project is developed separately from the Tor project and other applications included in its structure; therefore, Whonix will not protect against vulnerabilities in the Tor network itself or, for example, 0-day vulnerabilities in the firewall, Iptables.

    The security of Whonix can be described in a quote from its wiki : “ And no, Whonix does not claim to protect from very powerful adversaries, to be a perfectly secure system, to provide strong anonymity, or to provide protection from three-letter agencies or government surveillance and such . "
    If you are looking for departments of “their three letters”, they will find you :) The

    question of Tor and VPN friendship is controversial. Disputes on the forums on this topic do not subside. I will give some of the most interesting of them:
    1. section on Tor and VPN from the official Tor project page;
    2. The Tails distribution forum section on the VPN / Tor issue with the views of Tails developers. The forum itself is now closed, but Google has kept the discussion cache ;
    3. Liberte distribution forum section on VPN / Tor with Liberte developer opinions.

    4. Thanks for attention!

    Read Next