Almost everyone in reddit tells dont use VPN before Tor, but they say it only for USA, Europe etc. where tor & tor ips arent blocked by ISPs…
But if you live in a country like China, Iran etc., you can see all tor bridges, obfs4, meek etc. are blocked and your only chance is using stealth VPN before Tor.
Is there are any other alternatives pls tell us.
obfs4 and Meek are blocked in all of “China, Iran, etc”? All bridges are blocked?
I was under the impression that blocking Meek amounted to blocking all of Azure. Are they actually blocking all of Azure, or am I behind the times about how they’re doing their blocking?
What about private bridges (standard and/or obfs4)?
The problem with a VPN for that particular use case is that using a VPN is presumably just as forbidden as using Tor. They™ could easily discover the VPN gateway address at any time, or find a way to fingerprint your traffic as being VPN traffic. At which point they might just block you, but they might also come after you in some other way. Obviously, a resident wil probably have a better idea how likely that is than I would have as an outsider.
Otherwise maybe you have to use a VPN to get to Tor… but then you have to think hard about the risk profile of using that VPN, and whether getting to Tor is worth that risk.
If there’s been some recent change in blocking capabilities, it’s possible that the Tor Project has a “next step” queued up. It would be smart for them to keep stealth methods in reserve for when existing ones stop working, since otherwise it gives their adversaries the chance to block every strategy they know at the same time. So they may be in a position to get people back up and running with less risk than VPNs relatively soon. Maybe not, though. Maybe they don’t have anything, or maybe it’ll take a long time to roll out.
Everyone is an idiot, the VPN moves you external IP, so if something in Tor leaks your IP they get the VPN IP. This is a known attack vector, and has been used multiple times to catch people using Tor.
But if you live in a country like China, Iran etc., you can see all tor bridges, obfs4, meek etc. are blocked and your only chance is using stealth VPN before Tor.
And so are VPNs.
But if you live in a country like China, Iran etc., you can see all tor bridges, obfs4, meek etc. are blocked
No they aren’t. That’s why they’re there, genius.
Tor Wiki link to the right directly to info on this.
So, the conclusion is that Tor advocates don’t want you to use a VPN before Tor because it’s better for the Tor network, but if you are paranoid and don’t want to reveal your Tor usage to your ISP you can use a VPN even in countries like USA and Europe.
They haven’t blocked Meek, because they’d have to block the Azure platform, which would take out half the clearnet.
What if you request a bridge while using a VPN, more latency, yeah…
But the + anonimity could be worth it or is there any way that they could caugh you using a bridge…
Also fuck the CCP and their rating system, I hope the president of China gets rap€d by Putin :v
If you bought the VPN anonymously then it’s fine, but if you associate your credit card number or your name with the VPN then you are sold.
um, no- that’s incorrect. Using a VPN with Tor is generally a bad idea- it does not help anonymity and may actually harm it. https://gitlab.torproject.org/legacy/trac/-/wikis/doc/TorPlusVPN
“The conclusion”?
Nobody’s suggesting not using VPNs because it’s “better for the Tor network”. Using a VPN before Tor has no meaningful effect at all on the Tor network itself, good or bad.
People usually suggest not using a VPN before Tor because–
Some people go too far and make that into an excessively ironclad rule, but I’ve never heard anybody say it was “bad for the Tor network” to use a VPN before Tor.
The point of a bridge is to make it hard to tell locally that you’re using Tor. It adds stealth, not anonymity. There’s no particular reason to think that using a bridge makes it any harder for the ultimate destination to tell where you’re coming from, nor that it makes it any harder for local stuff to tell what the ultimate destination is. A bridge might even make your anonymity worse by providing a longer path along which your traffic can be observed, and potentially time correlated with other stuff.
Also, a bridge is effectively your guard node. Not that anybody does anything to vet Tor relays that get the guard flag, but at least their locations are public and they have to have been on the network for a while. Anybody, including your enemies, can run a bridge and hope you use it.
Using a bridge is a lot like using a VPN, actually… something you might want to do, but only if you have a specific reason.
No. Any shared VPN IP protects you from incrimination. Because you can plausibly deny it, and they can’t prove it was you and not one of the other 10k users.
If you ISP IP comes up, then you’re fucked for sure. Unless you run an open node on your wireless and a Tor exit node.
People have actually been caught for not using one. Tor has/had bugs that would reveal you internet IP, if you used a VPN, it could only reveal the VPN IP.
Once again, You’re incorrect- Tor isn’t designed Nor intended to prevent side-loading a NIT- being the reason that you need WHONIX if a NIT is a possibility within your threat model.
It’s not the point. you could also pay Mullvand with cash: the problem is that Mullvand knows your IP and you have no guarantees that Mullvand is honest or worst being hacked from govs or other skilled people. So the real MVP here is:
. using a public wifi → TOR (very secure)
.using a public wifi → TOR → VPS payed with monero (avoid BTC) (very secure)
.using TOR → VPS payed with monero ( very good but no as the first two)
Tor has leaked the users internet IP, this is a fact. A VPN prevents that, that is a fact.
Tor, in it’s normal usage as a Web Browser has leaked internet IP using a send home code, via script, plugin and potentially internal methods.
As with any software it likely has many other bugs and there are zero days that will emerge, and probably a few in the wild right now. It’s a constant battle.
I’ve been using Tor for over 20 years. I’ve seen this shit spun a dozen times and I’ve seen it repeat on people, Tor + VPN is typically safer than without. A timing attack on a VPN is far less likely to succeed than one on your ISP.
Except for the fact that the Tor Project themselves makes it loud and clear that a VPN does not help anonymity and may even harm it. I wonder whom knows more about Tor- you, or the people that actually develop and maintain it? It seems clear to me and anyone that actually does their research that you do not know what you’re talking about.