Actions

Hide Tor use from the Internet Service Provider

From Whonix



Cat-1040815640.jpg

Ambox warning pn.svg.png It is impossible to Hide Tor use from the Internet Service Provider (ISP). It has been concluded this goal is difficult beyond practicality.

See also Use of Tor Is Obvious.

The technical discussion which lead to this conclusion can be found here [archive]. The former version of this wiki page documenting some of the challenges in hiding Tor use from the ISP is still available here [archive].

As for hiding Whonix from network observers, this is a different subject which is covered on the Fingerprint page.

Technical Reasons[edit]

Using private and obfuscated bridges alone does not provide strong guarantees of hiding Tor use from the ISP. As Jacob Appelbaum has noted: [1] [2]

Some pluggable transports may seek to obfuscate traffic or to morph it. However, they do not claim to hide that you are using Tor in all cases but rather in very specific cases. An example threat model includes a DPI device with limited time to make a classification choice - so the hiding is very specific to functionality and generally does not take into account endless data retention with retroactive policing.

It is impossible to safely use a proxy to hide Tor. The connection between the user and the proxy is unencrypted and this applies to all proxies: http, https, socks4, socks4a and socks5. [3] This means the ISP can still clearly see that connections are made to the Tor network. This fact is only mentioned here because proxies are constantly (falsely) suggested as a solution whenever this topic comes up in public arenas.

Using a VPN or SSH does not provide a strong guarantee of hiding Tor use from the ISP either. [4] VPNs and SSHs are vulnerable to an attack called website traffic fingerprinting. [5]

Footnotes[edit]



Fosshost is sponsors Kicksecure ™ stage server Whonix old logo.png
Fosshost About Advertisements

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png link=mailto:?subject=Hide Tor from your Internet Service Provider&body=https://www.whonix.org/wiki/Hide_Tor_from_your_Internet_Service_Provider link=https://reddit.com/submit?url=https://www.whonix.org/wiki/Hide_Tor_from_your_Internet_Service_Provider&title=Hide Tor from your Internet Service Provider link=https://news.ycombinator.com/submitlink?u=https://www.whonix.org/wiki/Hide_Tor_from_your_Internet_Service_Provider&t=Hide Tor from your Internet Service Provider link=https://mastodon.technology/share?message=Hide Tor from your Internet Service Provider%20https://www.whonix.org/wiki/Hide_Tor_from_your_Internet_Service_Provider&t=Hide Tor from your Internet Service Provider

https link onion link Priority Support | Investors | Professional Support

Whonix | © ENCRYPTED SUPPORT LP | Heckert gnu.big.png Freedom Software / Osi standard logo 0.png Open Source (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.