[OpenWireless Tech] Does using VPN services or Tor increase risk of scrutiny​

[Andy Green]

Hi -

There's no 'requirement' clients connect back to their home router.  They can use a paid-for vpn server if they have credentials with one.  However having vpn server capability in commodity home routers means people can use this scheme at no additional cost, and availability of vpn servers scales with number of clients without extra provisioning.

Trustable anonymity is a very tough goal.  You don't get anywhere close to it by letting the AP operator and anyone nearby control your dns service, see your cookies (better not use facebook... many sites will make your browser visit it in an iframe with your fb cookie...), watch what and where you post because you dispensed with crypto before the AP.  Did you take care to randomize your device mac address?  Because if the AP or someone sniffing nearby logged it that's more evidence linking the traffic to your identity.

Even with the vpn scheme you need to take care about dns, rejecting the ap-supplied dns coordinates controlled by the ap owner and using one on the far side of the vpn, eg 8.8.8.8.  Otherwise the ap operator can not only see the sites you visit, but also by controlling your dns to bounce you through a proxy, put malicious scripts on any non-ssl site aimed at piercing your anonymity.

Even tor is in the business of identity obfuscation, not anonymity... there's a longstanding if unlikely rumour the nsa control enough endpoints to deduce the client.  If you don't subscribe to the rumour they can see all traffic thru the us anyway and match you up that way.  Or your isp flag you because your traffic was seen entering tor.

So... genuine anonymity safe against any kind of attack is something very different that's too much to expect I think.

With vpn scheme your mac address and vpn server ip are known to the ap operator and sniffers, but your content is opaque and you can solve use of ap dns as well.  You can randomize your mac for the session and use a commercial vpn server that should at least give you cover as far as a court order to the vpn server company if that's what you need.

-Andy

Java Nut <javanut20 at hotmail.com> wrote:

>
>A lot of interesting comments about VPN, to which I reply below. But no
>one commented directly to the question of my post on whether using VPN
>or Tor out of the AP router (or anywhere else) would increase risk of
>scrutiny of the person using VPN or tor. (e.g. government seeing here's
>this user encrypting and blocking view of his traffic-is he up to
>something?)
>
>Here are my comments on the responses….
>
>>How do they know it's you?
>
>>If the router uses WPA2 or equavilent, they can't even see which
>client it is that is using that VPN
>>(unless they use timing attacks!) if they sniff the radio traffic.
>
>I am considering a different situation - the VPN being used from the
>router sharing wifi to the Internet, so that all traffic of all users
>is anonymized, except to the extent that said users perform activities
>where they enter personal info or logins to their favorite sites. The
>point here, making it so that authorities could not trace any of the
>guest activity to the host router's internet account, and to protect
>the subscriber to that internet service from any wrong doing a bad
>guest could do on the network.
>
>>In terms of know who is doing what, that data is contained/logged at
>the VPN
>>concentrator/server if the spooks wish to know.
>
>This is why this effort requires a commercial VPN that does not keep
>logs, the same kind of VPN that a pirate would want to use to hide
>their P2P activity. Or it requires the host router be configured to
>pass all activity through tor (but that would make for a slow wifi).
>
>>The good thing about open discussions is that they clarify hypotheses
>as much as
>>technical issues. John Gilmore's "nervous Nellie" comments clarified
>that
>>Open Wireless is as much a political statement as a technical problem.
>>And the statement is not, "lets make tracking easier for the secret
>police."
>
>Agreed. That is why I am exploring the anonymity issue, so that police
>would not track anything down to the person or organization offering
>the free wifi. We do not want the hosts computers to be confiscated or
>looked through if some bozo does child porn, piracy, credit card
>theft/fraud, hacking or anything else bad on the wifi. 
>
>>We should assume that open wireless is just that. People connect
>freely,
>>and send whatever they want. People set the open network because they
>>believe in freedom.
>
>Agreed.
>
>>The technical issues are clear: ease of deployment, isolation of guest
>from
>>local resource, and bandwidth management. Let's stay there.
>
>And one more concern should be included in the technical issues. How to
>achieve sufficient anonymity for the host router owner vis-a-vis the
>activity of the users. That's what all my VPN talk is about. Again, to
>keep the police away from router owner if a user misbehaves.
>
>>The "other half" of the VPN idea is to promote a vpn server being
>already built into
>>consumer APs. This is already done in openWRT-type alternate firmware:
>there's
>>no technical hurdle.
>
>>Then most people would use the roaming "VPN-only" access to simply
>connect
>>back to their own home AP and go out on the internet from there using
>their own
>>IP for free. The "first hop" details about the roaming AP will either
>not be logged
>>or logged by the user's equipment only.
>
>I would not want to require users VPN back through their home
>connection. Under my idea, seers should have to do nothing special,
>just log into a completely open AP, and that AP route everything
>through a commercial VPN that keeps no logs. (If no VPN can be trusted
>when they say they keep no logs, maybe the EFF needs to start one of
>their own.)
>
>>"Anonymity" is a different and much tougher issue. Most people, most
>of the
>>time, don't need anonymity, they will be content with the same
>traceability
>>level as if they were at home on their own connection.
>
>I am not assuming the users want or care about anonymity, but am
>interested in providing it in the infrastructure. Any user who avoids
>entering personally identifiable info during their session would
>achieve anonymity. But my motive for anonymity here is to protect the
>AP owner from and bad things a user might do.
>
> 		 	   		  
>_______________________________________________
>Tech mailing list
>Tech at srv1.openwireless.org
>https://srv1.openwireless.org/mailman/listinfo/tech
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.eff.org/pipermail/tech/attachments/20121120/2dc4ebdb/attachment.html>