Persistent Tor Entry Guard Relays can make you trackable Across Different Physical Locations

https://www.whonix.org/wiki/Warning#Persistent_Tor_Entry_Guard_Relays_can_make_you_trackable_Across_Different_Physical_Locations

Patrick Schleizer on sabbloggerPatrick Schleizer on sabemailPatrick Schleizer on sabfacebookPatrick Schleizer on sabgithubPatrick Schleizer on sabtwitter
Patrick Schleizer
Developer and maintainer at Whonix
Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Patrick started developing Whonix, the Anonymous Operating System in 2012, when quickly others joined efforts. He collected experiences working pseudonymous on Whonix for two years, enjoys collaboratively working on privacy preserving software.

Posted in Whonix Important News, Whonix Wiki Updates

Notable Replies

  1. Ego says:

    Good day,

    nice read, though I've got a question regarding this:

    This attack is less severe that now upstream (The Tor Project) has moved from using three relays to a single one.

    When did that change happen? Because this totally passed by me... Also, do you know there logic behind that step? Was it simply saving resources otherwise wasted?

    Have a nice day,

    Ego

  2. 2xiangzi says:

    Hello everyone :slightly_smiling:

    That is a quiet interesting problem. And I would like to convert it into a 'bigger' problem which named 'the differences between different ways to connect to the Tor network'

    To make it clear I made a table shown below (please correct me if there's anything wrong) :

    As you can see above, using an encrypted proxy/VPN to connect to Tor network is not a bad idea from many aspects, so I REALLY would like to see a proxy will be added into the WhoinxGateway, which will definitly benifit users (especially users from coutries like China) a lot. If you ask my advise, I would recommand a free (Both in price and freedom) proxy named lantern which is very popular in China, here's the link (https://github.com/getlantern/lantern).

    I do appreciate your work and if there's any problem I can help with just tell me :slightly_smiling:

  3. Patrick says:

    FYI
    research non-persistent Tor directory guards
    https://phabricator.whonix.org/T469

  4. 2xiangzi says:

    To Patrick

    We are not aware of any http(s) or socks4(a)/5 proxies that offer an encrypted connection between itself and the user.

    That is exactly what I would like to discuss with you! I mean, as far as I see, a lot of proxies/VPNs are 'user-to-proxy encrypted'. And please let me introduce some of them:
    1. VPNGate: http://www.vpngate.net/en/
    2. Psiphon3: https://www.psiphon3.com/en/open-source.html
    3. ShadowSocks: https://github.com/Long-live-shadowsocks/shadowsocks
    4. Lantern: https://github.com/getlantern/lantern

Continue the discussion forums.whonix.org

18 more replies

Participants