Tor over VPN - protection against correlation attacks?

I’m fairly new around here, but I heard that it’s fairly simple for an entity to deanonymize a Tor user if said entity controls both the entry and exit nodes the user is connected to. Would using a VPN actually improve security in that aspect, since even if the correlation attack is successful, all the attacker would see is my VPN’s IP? By the way, I did Google this more than once but couldn’t find any useful answers.

Fairly NOT simple… those who think it is easy to unmask Tor users don’t understand the technology

A typical user is connected to 3 RANDOM nodes somewhere on planet earth… there are hundreds if not thousands of nodes

What you describe would be very nearly impossible unless some entity managed to control a large percentage of the Tor network

And by nature, no one could ever find out they control most of the network or the covers blown!

Not impossible, but extremely implausible in the real world

The problem with VPNs is determining which ones are trustworthy and mean what they say.

Some things you should look for is their commitment to open-source, no corporate shilling/tracking/advertising, anonymous forms of payment, minimal information needed on sign-up, and a detailed, transparent privacy policy of what information they do and don’t collect.

Support for Tor, imo, is also critical. So they should have a Tor/onion mirror and/or support Tor Project through donations.

The Grugq has a really good presentation about opsec and touches on this subject: https://www.youtube.com/watch?v=9XaYdCdwiWU

Effectively: Connecting to Tor over a VPN is not good. Connecting to a VPN over Tor is good.

Nearly impossible? It’s literally been done before. Tor does not protect against end-to-end traffic confirmation.

If an entity owns at least two nodes, can’t they just analyze all traffic that is going through them and catch someone who is unfortunate enough to get them as an entry and exit node?

Why do I need to trust it? All traffic will go through Tor anyway, so the only info they’re getting from me is equivalent to an entry node, no?

I read that. I know VPNs aren’t really anonymous and cant be 100% trusted, the point is to just have that extra layer of security just in case I’m terribly unlucky with Tor.

The argument is weak because he was using a dedicated VPN IP. Most are shared.

Obviously you didn’t read the Tor article, no users were known to have been compromised, the offending relays (nodes) were promptly removed

That doesn’t disprove any of what I said and in fact helps underscore it

Tor (network) - Wikipedia (Operations tab)

Tor encrypts the traffic all the way to the exit node, and then, entirely if it’s a .onion site, so I believe there’s no real way to even connect the same tor user between those two nodes without more correlation, especially with multiple users passing through those nodes randomly

Not if their browsing onions

The traffic isn’t exiting the network in that case and is e2e encrypted

Plus in this scenario, it would be necessary to control a large number of Guards and Exits, not just random nodes

And evading detection by Tor Project and researchers is absolutely essential

I think a better alternative to what you’re describing is an obfs4 bridge

Okay, I understand. I’m a layman, so I may not be of much help but I felt obligated to direct you there, in case you were unaware.

Think about a double layered condom. The extra layer doesn’t provide protection, and infact hurts the overall operation of having that first one.

This can be equivalent, being a common entry/exit point

Edit:

This is from the tor devs, expressing their views on the different vpn and tor combos

On the contrary, sounds like you didn’t read it.

users who operated or accessed hidden services from early February through July 4 should assume they were affected.

Relays should upgrade to a recent Tor release (0.2.4.23 or 0.2.5.6-alpha), to close the particular protocol vulnerability the attackers used — but remember that preventing traffic confirmation in general remains an open research problem.

Obviously you haven’t read about Operation Onymous either. Give it a read and you may learn something.

End to end correlation is the most basic and well known weakness of Tor and takes only one cell.

One cell is enough.

Tor (network)

Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic through a free, worldwide, volunteer overlay network, consisting of more than six thousand relays, for concealing a user’s location and usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace the Internet activity to the user. Tor’s intended use is to protect the personal privacy of its users, as well as their freedom and ability to conduct confidential communication by keeping their Internet activities unmonitored.

^([ )^(F.A.Q)^( | )^(Opt Out)^( | )^(Opt Out Of Subreddit)^( | )^(GitHub)^( ] Downvote to remove | v1.5)

Desktop version of /u/Rezient’s link: https://en.wikipedia.org/wiki/Tor_(network)


^([)^(opt out)^(]) ^(Beep Boop. Downvote to delete)

Interesting. Thanks.