Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

Tor & VPNs - comparing & contrasting network privacy tech

To stay ahead of new and evolving threats, cryptostorm has always looked out past standard network security tools. Here, we discuss and fine-tune our work in bringing newly-created capabilities and newly-discovered knowledge to bear as we keep cryptostorm in the forefront of tomorrow's network security landscape.
User avatar

Topic Author
cryptostorm_team
ForumHelper
Posts: 159
Joined: Sat Mar 02, 2013 12:12 am

Tor & VPNs - comparing & contrasting network privacy tech

Postby cryptostorm_team » Sat Jul 06, 2013 7:47 pm

Tor & VPNs - comparing & contrasting network privacy tech


One of the things we're asked sometimes is why anyone would choose a VPN service rather than use the Tor routing application. There's generally two motivations for the question: first, some folks are convinced that Tor has magical security/privacy/anonymity properties that are impossible for any other network security service to match. That's not true, and it's not even something the Tor folks themselves claim. Second, people like the fact that Tor is free: free is a very good price. Why pay for something, when you can get it for free?

We're writing up this note to help explain the pros and cons of these decisions. Sometimes, and for some people, Tor's terrific - ideal, even. It's got a rock-solid place in the spectrum of network security tools, and several hundred thousand folks make use of it in one form or another. Plus, in this post-PRISM era - the Age of #UnPRISM - having a diversity of tools and approaches and techniques to ensure protection against massive dragnet surveillance is a Good Thing. It's not a question of either Tor or VPNs being "better" than each other, as if this is a WWE event and one heavily-muscled, tights-wearing hunk is going to vanquish the other on live TeeVee. No, it's not like that.

What it's like is this: the Tor folks are enormously helpful in spreading the word about anti-surveillance technologies, globally. They make tons of presentations (mostly at hacker cons, but still), and they've managed to get some mainstream media coverage that's not terrible - which is saying something. Their network protects activists in a bunch of countries, and has helped to make the idea of using the internet without encryption seem crazy - "barebacking," as Jacob Applebaum memorably describes it. That's good work, and we're as far from "anti-Tor" as it's possible to get.

In fact, there's a number of criticisms of Tor that are bullshit, and are not part of any serious discussion of the issues. Yes, it's true that Tor was originally funded by the United States Department of Defense, and was supported by federal grants for years. That doesn't mean it's "backdoored" now - and in fact saying so is sort of silly, since the code is (and always has been) opensource. If there were backdoors, someone would see them. That sort of conspiracy-mongering is silly, and best forgotten. No, Tor isn't a massive Fed honeypot - if it is, and the Feds are able to run a scam like that for nearly a decade without the truth leaking out, then we're all fucked so just give up. Fortunately, it's not - it just isn't.

Still and all, Tor isn't the proverbial hammer that fits every nail just right. And, for alot of people Tor is absolutely the wrong tool for everyday network security - not because of some sort of fatal flaw in Tor, but because it's designed specifically to do some things well, and not others. That's true of all tech, and the trick is to be honest about it and work with others to stitch together various sub-tools into meta-constructs that cover everything.

A VPN service is a crucial - perhaps the crucial - element of any online security toolkit. Tor is a great extension, or addition, or temporary substitute... but it's not going to replace a VPN. There's just things a VPN can do that Tor can't, and there's some limits inherent to Tor that VPN services (good ones, anyway, like cryptostorm darknet) don't have.

We've boiled these factors down to three essentials:


1. Evil Exit Nodes are Evil - and Inescapable

One of the risks of using Tor is the problem of "evil exit nodes." The problem is pretty simple: when traffic runs through Tor, it has to come out somewhere. These departure ramps back to the plaintext internet are called "exit nodes" by the Tor folks. We have a really similar structure in the VPN world, and we also call them exit nodes. With Tor, the evil exit node problem (mostly) involves the fact that all Tor network resources - servers, basically - are donated by volunteers. It's a nonprofit project, which is why it's free to use, and thus everything has to be contributed. (there's some other, more technical, Tor exit node attacks that are beyond the scope of this little essay)

Problem is, you don't know who is running which exit node - or most folks who use Tor don't, since they just accept the default selections. There's about 4,000 exit nodes, and history shows that a chunk of them are "evil" - they are run by spy agencies, or people looking to sniff passwords from traffic, or others motivated to do bad things. By definition, traffic going through them is unencrypted on one side - it's exiting onto the plaintext internet, after all. So someone with evil intent can sniff that traffic - and also do things like inject nasty payloads into traffic streams: malware, spyware, rootkits, and so on.

Now, there's ways to protect against evil exit nodes on Tor: use SSL, run the browser in a sandbox, choose only exit nodes you (think you) know are "safe," and so on. But 99% of Tor users don't know anything about any of that - and they're vulnerable.

How are VPN exit nodes different? Pretty simple: you know who is running your VPN exit nodes - your VPN provider! Now, it's still possible for a VPN provider to be a evil 'honeypot' trap; however, it's far more straightforward how to choose a VPN company like cryptostorm that is pretty much 100% verified as not being a honeypot. Whereas, choosing your Tor exit nodes is a bit of a battle, and is a constant process too. Between the two, the decision is whether you want to roll the dice on Tor's model, or choose who you trust with a VPN provider.

Note: Tor operates in a "multi-hop" model, where each path through the Tor network is supposed to cover at least three "onion layers." This is one reason why it's slow (see #3 below). The theory is that this multi-hop model provides extra security. It's an interesting theory, but we're pretty sceptical of multi-hop handwaving in general... although Tor is not outright fraudulent in their claims, like some snake-oil VPN multi-hop nonsense we've seen over the years. In some extreme cases, Tor's "onion" model provides a marginal improvement in theoretical security.

However, even the Tor team is moving back from multi-hop as the be-all, end-all magical answer to network security - they're experimenting with single-hop models, because they're far more efficient and eat far fewer network resources. Once you start using Tor as a single-hop service, you're just using the equivalent of a VPN service... except you don't know who is running the exit node for your traffic! Which, obviously, isn't ideal.

Your VPN exit node might turn out to be evil - if your VPN company itself is evil - but a VPN company that has successfully protected customers for years, despite attacks and pressure from thugs of all stripes, is probably a better bet than some kid running a free Tor exit node for fun who, when faced with some guy holding a badge showing up at his Mum's house, is quite likely to piss his pants and let the cops have free rein of the server. Which is bad.


2. Tor only protects some of your internet data

The Tor folks built the service so that it hooks into specific applications, and asks those specific applications to use it to send and receive internet data. Jacob argues persuasively that this is a better way to architect a secure networking service.

We respectfully - but vehemently - disagree.

From its founding in 2007, the cryptostorm darknet had as a fundamental and absolutely uncompromising basic requirement that the service encrypy all data, all packets, all ports, all protocols, all traffic - when you're connected, everything comes and goes securely. Period. We're extending that with the Leakblock opensource anti-leak project we're sponsoring - that's how strongly we feel about all traffic being secured. It's almost a religious issue with us, and was the core of our founding CTO's vision for the service.

Make it absolutely clear that connected to cryptostorm = secure. That's been our core standard, and we feel it provides far better real-life securitty because 99% of internet users aren't going to successfully twiddle the proxy settings in a bunch of applications - and do it correctly - on every computer they use. They'll make mistakes, or do it right... but the application will make mistakes. Or they application does an auto-update, and wipes the proxy settings. And on and on. In real life, making network security an issue for application-layer configuration is a terrible plan. On this, we just disagree with the Tor folks.

Let us get more specific:

For alot of people, their use of Tor is as an 'extension' to their web browser: the Tor browser bundle. Their thinking is that they can just use it in that application alone - no IM, no filesharing, no email - and since the Tor team has custom-rolled a browser version to be deeply bonded to Tor as a network service, things are safe and sound. Right?

Unfortunately, no. There's a wide range of ways that web browsers can "leak" local/physical IP information - and any of those leaks will break Tor's security (to be clear, they also can break VPN security, as we've discussed in a thread here). However, because Tor is trying to stay only connected to their web browser, there's a whole bunch more possible ways Tor can fail than a comparable VPN service. All that an attacker has to do is get some IP traffic to drop outside of the web browser, and they can identify local/physical IP for someone using Tor. These aren't far-fetched attacks; instead, they're extensive, well-documented, and visible in the wild. For a toe in the water, watch this excellent presentation on Tor browser attacks. There's a bunch more than that, too. The same limitations are present in every application that you can wire into Tor.

It is possible to jigger Tor so that it tries to grab all network traffic - just like a real VPN service - but this is strongly discouraged. Because (as we discuss below) Tor is highly bandwidth-constrained, it's seriously Not Cool to hammer their network with bittorrent traffic, Mega downloads, Netflix streams, or any other such uses. Which means you have to stick some applications "onto" Tor, and not others. Which is, frankly, a huge pain in the ass - and a security disaster waiting to happen.

A serious VPN service interconnects directly with the network stack, and it sends and receives every damned packet from every application and every protocol across the secure, encrypted VPN network - period. That's how the cryptostorm darknet works, and always has - it's part of why we've begged our customers for years not to use PPTP as a VPN protocol. It's a big part of why we were the first VPN service to deploy OpenVPN exclusively, in 2007, at a time when everyone else was PPTP-only and couldn't imagine why someone would bother using a "real" protocol like OpenVPN.

We built cryptostorm to do what we'd want as customers of a VPN service: protect our internet traffic, period. No exceptions, no footnotes, no partial guarantees. That peace of mind - that when we are connected, we're protected - is backed up by the reality of full-spread coverage of all applications and protocols and ports. For many - perhaps most - people, trying to get Tor to work, application by application, is just a disaster waiting to happen... not to mention a pain in the ass.


3. Tor is sloooow

There will never be enough bandwidth for Tor to be quick. That's a simple fact - it's something the Tor folks acknowledge, and being super-fast really isn't a design goal of Tor so it's not like this is some failure on their part. Rather, it's a specialized tool that's not designed for all-day, every-day, all-application usage. In contrast, VPN service is designed for exactly that - and it's designed to be consistently fast. We see independent tests of our service that achieve 20+ megabits/second... that's something Tor simply can never, ever hope to accomplish.

Tor capacity is donated by volunteers, so it's always at a premium. You can't torrent on it (or you're not supposed to - it's really bad form), and even for simple web browsing it's slow. Some of that's the multi-hop stuff, which is overkill for almost every user of the network, but is currently default. Most of it's the donated/free model. That's a benefit - free! - and it helps people who can't pay get protection (no, it doesn't keep people safe by avoiding the payment process itself - those worried about that can pay for VPN service with Bitcoins, or cash). But it means that using it regularly is an exercise in frustration - that's not what it's form.

There's one real "solution" to Tor's slow speeds: have someone buy a whack of server capacity, and "donate" it to the project. A handful of gigabit-level dedicated servers would more than double available capacity from where it's at today, and a VPN service like cryptostorm deploys servers like that on a routine, almost daily, basis. However, if you move Tor towards having someone buy and manage big chunks of servers like that, you're basically moving it towards some weird mutated version of a "donated VPN service" - all the exit nodes controlled by one company. Which breaks the decentralized/distributed security aspect, and breaks the "volunteer" model philosophically. In other words, it becomes something like cryptostorm but paid for by donations from people. Which is sort of interesting, but clearly not what Tor currently is.

And if you centralize server capacity, within Tor, you run into the evil exit node problem even more so: who is that company donating the servers? How reliable and stand-up are they? Who else has access to the machines? Are they logging traffic? All the same questions we ask of VPN companies, basically. Which, in theory, is what Tor is supposed to avoid... so the solution just turns it into a donated clone of a VPN company. Not ideal.

Worse, the more server capacity you donate, the more demand there is - as Tor has finally admitted. There's no "magic number" where there's "enough" capacity for everyone to use. Since it's free, it attracts more participants the better/faster it works - no matter how much capacity you give it, it'll always attract more users until it's slow again... and you're right back at Square One.

Being "free" is great for things like software - it doesn't cost anything to replicate infinitely. Network resources aren't like that. They cost money still. The more you use them, the more they cost. There is no free lunch here, and Tor has no magical solution to this (nor do they claim to). In the VPN world, you see these "free" VPN services come and go like outbreaks of herpes - advertising supported, they are privacy nightmares. And slow - always. They either go kaput, or suck up tens of millions of dollars of investor money subsidizing their free model (since the adverts they carry are utterly ignored by their users, the advertisers won't pay much for the ads... the whole thing is a bad plan). It just doesn't work.

That's why real, serious VPN companies have always operated on a paid model. It sort of sucks that you have to pay - everyone loves free. But as we've seen with Google, if it's free then there's a cost: you lose your privacy when the NSA comes calling. That might be a reasonable trade for, say, a search engine... but trading privacy for a free privacy service is a special kind of dumb. Right?

[align=center]••.•´¯`•.•• ••.•´¯`•.••[/align]

Tor is a great tool. Like all tools, it's designed for specific uses - trying to loosen a screw with a hammer is going to be really frustrating, and trying to use Tor for everyday network security is similar. Back before Snowden blew the whistle on PRISM, only a relatively few folks were talking seriously about massive dragnet surveillance by the US and other big countries - mostly people figured that was a problem for "them," people who lived places like Tunisia (before Arab Spring) or Belarus. And, in that context, using Tor for "emergency" situations sort of seemed ok... because otherwise, what was the big panic?

Now, we know what the big panic is.

Any serious decision to #UnPRISM must involve decoupling physical IP from online activity - not just sometimes, but always. We quote our colleagues at Baneki, who have written in "Seeing Beyond the #PRISM" that...

5. Never connect to cloudy resources from your physical IP

This should be self-evidently true, but we'll repeat it nevertheless. If you log into your Yahoo! (do we really still need to use the !, or can we dispense with it now?) mail account from your Comcast-issued, DHCP-cycled physical IP address then you've mapped all that email traffic right to your name, address, phone number, and billing data. This isn't theoretical - it's real. It's how #PRISM collates disparate communications streams into user-based profiles: IP address.

We all know this, right? Running about with your physical IP on display, when out and about on the internet, is totally crazy. And entirely unnecessary. You can geek out and push traffic through a SSH-based proxy, or struggle through Tor's byzantine configuration decisions, or just spend a few bucks and get a no-compromise VPN account that solves the problem across the board. However you do it, decoupling your physical IP from your online activities is simply mandatory.


You can't do this with Tor. It's not designed to do this, and there's not even any credible way it could magically "scale" to do so. VPN service can do that - indeed, the cryptostorm was designed for exactly this use scenario, and to protect against exactly this kind of threat vector. Since those seminal decisions in 2007, the "VPN industry" has grown... and unfortunately along with that growth has come some really dodgy behaviour, the 'outing' of #snitchware like Hide My Ass, the rise of big-pimpin' VPN "review" sites, the spread of bizarrely self-contradictory Terms of Service, and the inexplicable development of bloatware-laden, closed-source, leaky VPN "client" applications that are security disasters on the hoof (more on that later!). Which is to say, most of the "big players" in the industry have either forgotten what the whole point was... or never knew in the first place.

Cryptocloud was one of the founders of the industry: first with OpenVPN, first with seriously privacy-centric Terms of Service, first to commit publicly to 'corporate seppuku' if some government goons try to force us to backdoor our service. Some of these have since become "standards" in the VPN industry... and some we still lead everyone else in our pioneering approach to the challenge of real network security. We built the service to protect against PRISM before anyone outside of the NSA knew what PRISM was. So in a roundabout way, the world is catching up to us... and our customers benefit from the years we've invested in doing things right.

Does that mean that Tor is somehow inferior? Not at all - not even a little bit! Tor is a special tool - a switchblade, for use in a crisis or in an extreme setting. The Tor folks are badassed coders, and genuine advocates for a free, censorship-proof future for the internet. They do good work, and have earned everyone's respect. But to expect Tor to solve the #UnPRISM challenge is totally unfair: not what it was designed to do. It can handle the security side of things, no question... but it can't handle the everyday internet usage of a whack of customers - even a few hundred heavy filesharers would bring the entire Tor network to its knees. Seriously. Whereas, for cryptostorm, we're built ground-up to support heavy filesharing and we've never throttled a connection in seven years' continuous operation. It's just a different model.

Our hats are forever off to the good folks at Tor. They have pioneered the path, and continue to solve a particular use-case need that nobody else can handle. For the rest of the #UnPRISM challenge, a robust no-compromise VPN service like cryptostorm is the tool for the job: designed for it, optimized for it, and managed to enable it.

    A note on process: if you see something in this essay that makes you crazy, call us out! Post a reply (no registration necessary, natch), make your case in our twitter feed, send us an old-fashioned email... whatever (please don't facebook us, lol: #dumpfacebook). If we're wrong - and it happens, just like anyone - we'll correct it & cite your contribution if you'd like. Or if we disagree, we'll say why we think we're on the right track. That's how real security technology works: open, direct, often passionate debate and discussion and critique. The idea is that everyone gets smarter when we all state clearly what we have to say, and when we (respectfully) challenge each other if we disagree: with facts or counter-examples or our own well-honed hunches, if it comes to that. Too often in the "VPN industry," any sort of criticism is seen as an "attack" and results in childish, counterproductive temper tantrums. Or petty, stupid personal attacks try to substitute for real security expertise. Enough of that. We're all adults - let's act like it.


The stakes are high. Now is the time to subvert the coalescing surveillance machine that threatens to engulf the entire planet in its iron grasp. We can #UnPRISM and continue to evolve a free, diverse, decentralized internet - but to do so we need good tools, and good selection of tools for specific jobs. We must all work together to spread knowledge of these tools to the huge swaths of citizens who at this moment in time have no idea - literally no idea - how to protect themselves from dragnet surveillance (they're often frantic for solutions, but easily fall prey to snake-oil nonsense or square-peg/round-hole mis-specified toolsets).

Now is the time to show leadership, and to make it count.



edited to add: In this otherwise-excellent presentation on OpSec, @thegrugq initially describes Tor as a service that "fails closed." That's not accurate, unfortunately (he clarifies later on, and provides plenty of useful suggestions on creating hardware-based systems to 'fail closed' consistently). Indeed, the way that Tor can drop connection if not manually massaged (or wrapped in fairly sophisticated automation of some sort, scripting that actually works) is at the root - by most accounts - of Sabu being busted by the Feds... which resulted in Jeremy Hammond being busted, Topiary being busted, and on and on (see the linked thread for details). That said, current VPNs do not "fail closed" either. So that's a wash between the two - although the Leakblock project (twitter: @leakblock) has as its goal the provable, reliable resolution of this problem for VPNs. There's talk of a Torified version of it, but no coding has been done yet. This goes to show that security tools that are sufficiently complex to make errors eventually inevitable, and whose errors "fail open" and have serious negative consequences, are actually really dangerous. VPNs can be almost as bad, so again it's a wash - but worth mentioning in any case.
cryptostorm_team - a shared, team-wide forum account (not a person)
PLEASE DON'T SEND PRIVATE MESSAGES to this account, as we can't guarantee quick replies!
--> feel free to use any of our other contact channels, or post in the support forum
cryptostorm: structurally anonymous, token-based, unlimited ☂ bandwidth, opensource, darknet data security for everyone!
keybase.io validatorsonename.io validatorsPGP key @ MITnetwork statuscryptostorm github
support team bitmessage address: BM-2cTMH8K5JnjbfSALjZtSkRWCLfc3Tr8GBV
support team email: support@cryptostorm.is
live chat support: #cryptostorm


alanwade
Posts: 1
Joined: Tue Jul 16, 2013 2:08 pm
Contact:

Re: Why not just use Tor, instead of real VPN service? #UnPR

Postby alanwade » Tue Jul 16, 2013 2:55 pm

Sorry bro but i still believe that vpn service is the best option for encryption and online protection for our data


sp00k
Posts: 2
Joined: Fri Oct 18, 2013 3:06 pm

Re: Tor & VPNs - comparing & contrasting network privacy tec

Postby sp00k » Sat Oct 19, 2013 2:59 pm

Thanks for this writeup and the offer to call you out on your analysis. I want to give you props for giving credit to Tor where its due and attempting to provide an objective analysis. However, I still see some biases toward VPNs (it is your bread after all). In general, I'd like to point out what appears to be a confusion or conflation of security, anonymity, and privacy. Also, just to be clear on my POV, Tor isn't a panacea and

Please read all of the following as constructive criticism.

cryptostorm_team wrote:Tor & VPNs - comparing & contrasting network privacy tech
1. Evil Exit Nodes are Evil - and Inescapable

How are VPN exit nodes different? Pretty simple: you know who is running your VPN exit nodes - your VPN provider! Now, it's still possible for a VPN provider to be a evil 'honeypot' trap; however, it's far more straightforward how to choose a VPN company like Cryptocloud that is pretty much 100% verified as not being a honeypot. Whereas, choosing your Tor exit nodes is a bit of a battle, and is a constant process too. Between the two, the decision is whether you want to roll the dice on Tor's model, or choose who you trust with a VPN provider.


To play devil's advocate, a necesary skill for OpSec, what verifiable evidence do we have that a VPN provider is trustworthy? How can *we* verfiy that Cryptocloud is not a honeypot? Reputation can say who we shouldn't trust, but not who we should. People thought they could trust Sabu because of his actions, they were jail-bait wrong. At this point, I should also remind everyone that trust isn't binary, and you need to have a threat model when determining trust. What's the probability that the Tor Exit node run by the CCC is a honeypot? How do we verify the "no logs" policies? Verifiable trust based on other computer system sounds like a much needed area of research (if it isn't already).

And a real question... *who* has verified and *how* was Cryptocloud verified to not be a honeypot?

Even if we could determine that a particular VPN was of the utmost trustworthiness (perhaps we run it ourselves). We don't control our upstream provider. So we have to assume that ingress and egress are monitored. This makes traffic correlation *much* easier for a VPN than for tor. That's a triple fail: security, anonymity, and privacy. I realize there's some assumptions underlying this analysis, so please point out that I'm wrong and more importantly *why*. Note, that this kind of attack requires basically a nation-state attacker, so its not your average script kiddie, see next.

I want to make clear though that malicious Exit nodes are one of the biggest problems with Tor. This affects for Tor and VPNs, however the main advantage that a VPN has over Tor is that there's a high barrier for entry (nation-state). And that *is* a big advantage, but let's not delude ourselves into thinking that we're protecting ourselves from three-letter agenies, and likely making that problem worse.

Also, you're right to point out that these issues can be mitigated with Tor, but the average user won't know anything about them. That's a failure of the tools, not the network.

cryptostorm_team wrote:Note: Tor operates in a "multi-hop" model, where each path through the Tor network is supposed to cover at least three "onion layers." This is one reason why it's slow (see #3 below). The theory is that this multi-hop model provides extra security. It's an interesting theory, but we're pretty sceptical of multi-hop handwaving in general... although Tor is not outright fraudulent in their claims, like some snake-oil VPN multi-hop nonsense we've seen over the years. In some extreme cases, Tor's "onion" model provides a marginal improvement in theoretical security.


I am curious to know if you have any suggested reading one why you think multi-hop might not provide much more of anything over single-hop. I would say that it provides more security (wrapped layers of crypto with different keys, not helpful if the crypto is seriously broken) and anonymity (only the first hop knows who you are, but it doesn't know what you're doing, the middle nodes know neither, and the last knows the opposite, what you're doing if not encrypted and who you're doing it with not who you are). As we've seen with the Sn0wd3n leaks, Tor is one of the things the NSA can't crack. Yes they can attack you through the network, but not attack the network itself.

cryptostorm_team wrote:However, even the Tor team is moving back from multi-hop as the be-all, end-all magical answer to network security - they're experimenting with single-hop models, because they're far more efficient and eat far fewer network resources.


Link? I've yet to see anything about them exploring single-hop models.

cryptostorm_team wrote:Your VPN exit node might turn out to be evil - if your VPN company itself is evil - but a VPN company that has successfully protected customers for years, despite attacks and pressure from thugs of all stripes, is probably a better bet than some kid running a free Tor exit node for fun who, when faced with some guy holding a badge showing up at his Mum's house, is quite likely to piss his pants and let the cops have free rein of the server. Which is bad.


Getting control of an Exit doesn't generally provide much for LEO. By default, Tor switches exits every 10 minutes. That's not even enough time to get a donut. If you're forcing the use of one or two exits in the same country, then you might have problems. Even then, if your traffic has no identifying data, a passive attack won't matter (unless they're already monitoring your packets into the Tor network, ie Traffic Correlation Attack).

cryptostorm_team wrote:2. Tor only protects some of your internet data

The Tor folks built the service so that it hooks into specific applications, and asks those specific applications to use it to send and receive internet data. Jacob argues persuasively that this is a better way to architect a secure networking service.

We respectfully - but vehemently - disagree.

From its founding in 2007, the cryptostorm darknet had as a fundamental and absolutely uncompromising basic requirement that the service encrypy all data, all packets, all ports, all protocols, all traffic - when you're connected, everything comes and goes securely. Period. We're extending that with the Leakblock opensource anti-leak project we're sponsoring - that's how strongly we feel about all traffic being secured. It's almost a religious issue with us, and was the core of our founding CTO's vision for the service.

Make it absolutely clear that connected to cryptostorm = secure. That's been our core standard, and we feel it provides far better real-life securitty because 99% of internet users aren't going to successfully twiddle the proxy settings in a bunch of applications - and do it correctly - on every computer they use. They'll make mistakes, or do it right... but the application will make mistakes. Or they application does an auto-update, and wipes the proxy settings. And on and on. In real life, making network security an issue for application-layer configuration is a terrible plan. On this, we just disagree with the Tor folks.


Here is a mixing of "security" and "anonymity", two different concepts. Leaks aren't really a security so much as an anonymity problem. And these can be mitigated with iptables rules or torsocks (yeah linux bias). After skimming through the referenced paper, I see no argument by Applebaum for why an application layer proxy is better or worse than a network layer one. In terms of anonymity, its almost certainly better. It mitigates TCP stack (and lower) finger printing (which can be surprisingly identifying) and associated stack attack vectors. As shown in the linked video on OpSec (good viewing btw), correlating a system to a user at a specific time was used a evidence by the feds.

Also, and a big one, by proxying at the application level, its much easier to separate streams so they can go through different exits, making controling the end points to do correlation much harder (which tor currently does). Single-hop VPNs can't do this, some multi-hops can (more on that below).

While I'm definitely a proponent of and advocate for crypto everywhere, all the time, VPN is also not a "magic bullet", just as Tor isn't. They both have their problems (which need to be discussed and be very public about). And I think saying its "100% secure" is good marketing, instills confidence, and keeps the masses calm, but what does it mean, really? Tor's crypto isn't any worse than Cryptostorms's. I'd argue that there is no 100%, including Cryptostorm, and that kind of hyperbole is the what turns off security conscious people. Tor never claims 100% about anything and they are very up front about what they can and can't do and potential attack vectors.

Wouldn't Cryptostorm show that they really were above the fold by having an independent audit of their network? Or how about a white paper looking at the feasilbility of a Traffic Correlation Attack? I suppose that's one of the hard things for a business to do, air their dirty laundry because it might mean scared customers. Whereas Tor has no customers. I'm not saying it would be easy. Cryptostorm doesn't get $2mil a year in grants. But I think that level of openness, will attract more customers than you scare aware because customers will see that's its not just a war of words.

Packing up all your comms into one box to then be opened and parceled out to their destinations at a secure trusted post office doesn't give you much security or anonymity when you've got super secret files mixed in with letters to your girl friend. What the world needs more of is the separation of concerns and isolation of distinct communications. These design principles are used by state actors and recognized as good security practices. VPN's don't really do that, generally by design as far as I know, but I'd be happy to see evidence to the contrary.

Also, I think there's a bit of a straw man argument here as Tor wasn't intended to handle all traffic (notably no UDP). For what Tor does do, anonymity of the application layer, it does it very well. How many VPNs out there can have separate exits depending on the port of the TCP stream? or the IP/host? How many VPNs change that exit every 10 minutes? How many are even thinking about trying to mitigate a Traffic Correlation Attack? I can think of perhaps two: Cryptohippies.net and JonDo (maybe) (and you'll pay dearly for them).

cryptostorm_team wrote:[...] Which means you have to stick some applications "onto" Tor, and not others. Which is, frankly, a huge pain in the ass - and a security disaster waiting to happen.

We built Cryptocloud to do what we'd want as customers of a VPN service: protect our internet traffic, period. No exceptions, no footnotes, no partial guarantees. That peace of mind - that when we are connected, we're protected - is backed up by the reality of full-spread coverage of all applications and protocols and ports. For many - perhaps most - people, trying to get Tor to work, application by application, is just a disaster waiting to happen... not to mention a pain in the ass.


Again this sounds a little bit over the top. "Ok children, go back to sleep, we'll protect you from all the baddies." I think its a disservice to the users to gloss over the real limitations that can be provided, by any service. Why not put it all out there? Saying something like "we've got your back till it leaves our network, so make sure your important communication is encrypted", is a lot more honest and truthful. The internet needs (even more of) a reality check. A false sense of security does nothing but put real people more at risk because they didn't accurately evaluate the risk in the first place. My impression is that this forum and Cryptostorm stands for telling it like it is, no BS, no sugar coating. This forum is doing that in analysis of other organizations and technologies, but what about itself?

cryptostorm_team wrote:That's why real, serious VPN companies have always operated on a paid model. It sort of sucks that you have to pay - everyone loves free. But as we've seen with Google, if it's free then there's a cost: you lose your privacy when the NSA comes calling. That might be a reasonable trade for, say, a search engine... but trading privacy for a free privacy service is a special kind of dumb. Right?


False analogy. You don't trade privacy for a "free privacy service" with Tor. Maybe with some other VPN services, but not Tor. True Tor does have many of the issues you raised, but none of those are theoretical issues with the network. The breaches of anonymity (not privacy, same with VPN), are due to misconfigurations or side-channel attacks (which can admittedly be many depending on how you use Tor). The real trade-off is Bandwidth vs. Anonymity. That's not to say VPNs can't give some anonymity, but its generally less anonymity with a VPN for more bandwidth.

cryptostorm_team wrote:Any serious decision to #UnPRISM must involve decoupling physical IP from online activity - not just sometimes, but always. We quote our colleagues at Baneki, who have written in "Seeing Beyond the #PRISM" that...


Decoupling the IP from the user is a good start, but its just that. Don't for a minute think that's enough. As the AOL release of "anonymized" search logs showed in 2006 (http://en.wikipedia.org/wiki/AOL_search_data_scandal), a lot can identifying info can be gleaned without the IP. By going through different exit nodes in the differring countries, Tor makes it difficult to correlate, even access, the traffic. But even that's not good enough, with the long reach that the NSA has today.

cryptostorm_team wrote:This should be self-evidently true, but we'll repeat it nevertheless. If you log into your Yahoo! (do we really still need to use the !, or can we dispense with it now?) mail account from your Comcast-issued, DHCP-cycled physical IP address then you've mapped all that email traffic right to your name, address, phone number, and billing data. This isn't theoretical - it's real. It's how #PRISM collates disparate communications streams into user-based profiles: IP address.


The way most people use mail accounts, they have enough info to identify you 100 times over. Doesn't matter where you login from. They know who you are, perhaps not where you are. This only matters if the account you log into is for an separate "online only" identity.


cryptostorm_team wrote:You can't do this with Tor. It's not designed to do this, and there's not even any credible way it could magically "scale" to do so. VPN service can do that - indeed, the cryptostorm was designed for exactly this use scenario, and to protect against exactly this kind of threat vector. [...]


You *can* do this. No, it wasn't designed to run bittorrent and frowned upon if you do. Check out Tails (http://tails.boum.org). Should you use Tor if you're looking for a high bandwidth internet usage? No! That's not what it was designed for. Low-latency anonymity, yes.

cryptostorm_team wrote:Cryptocloud was one of the founders of the industry: first with OpenVPN, first with seriously privacy-centric Terms of Service, first to commit publicly to 'corporate seppuku' if some government goons try to force us to backdoor our service. Some of these have since become "standards" in the VPN industry... and some we still lead everyone else in our pioneering approach to the challenge of real network security. We built the service to protect against PRISM before anyone outside of the NSA knew what PRISM was. So in a roundabout way, the world is catching up to us... and our customers benefit from the years we've invested in doing things right.


Cryptostorm deserves props for the seppuku policy. This is what makes them a model, and a leader among VPN providers. But that doesn't mean they should get a pass on their security, "just because they said so". A not so great president once said "trust but verify". Where's the verification? How about tell us "how" the system was built to protect against PRISM? Again has there been any analysis done on the feasibility of a traffic correlation attack from Cryptostorm's ISP? As much as I would like to believe that Cryptostorm will fight for its customers, and I'm sure really wants to, what won't make up for a flawed technologial design. I prefer to trust the math than trust the people.

cryptostorm_team wrote:
    A note on process: if you see something in this essay that makes you crazy, call us out! Post a reply (no registration necessary, natch), make your case in our twitter feed, send us an old-fashioned email... whatever (please don't facebook us, lol: #dumpfacebook). If we're wrong - and it happens, just like anyone - we'll correct it & cite your contribution if you'd like. Or if we disagree, we'll say why we think we're on the right track. That's how real security technology works: open, direct, often passionate debate and discussion and critique. The idea is that everyone gets smarter when we all state clearly what we have to say, and when we (respectfully) challenge each other if we disagree: with facts or counter-examples or our own well-honed hunches, if it comes to that. Too often in the "VPN industry," any sort of criticism is seen as an "attack" and results in childish, counterproductive temper tantrums. Or petty, stupid personal attacks try to substitute for real security expertise. Enough of that. We're all adults - let's act like it.



Now this is what I like to hear, and its the kind of dialogue that inbues confidence and respect.

cryptostorm_team wrote:The stakes are high. Now is the time to subvert the coalescing surveillance machine that threatens to engulf the entire planet in its iron grasp. We can #UnPRISM and continue to evolve a free, diverse, decentralized internet - but to do so we need good tools, and good selection of tools for specific jobs. We must all work together to spread knowledge of these tools to the huge swaths of citizens who at this moment in time have no idea - literally no idea - how to protect themselves from dragnet surveillance (they're often frantic for solutions, but easily fall prey to snake-oil nonsense or square-peg/round-hole mis-specified toolsets).

Now is the time to show leadership, and to make it count.


amen. know your tools.


sp00k
Posts: 2
Joined: Fri Oct 18, 2013 3:06 pm

Re: Tor & VPNs - comparing & contrasting network privacy tec

Postby sp00k » Sun Oct 20, 2013 2:19 am

sp00k wrote:While I'm definitely a proponent of and advocate for crypto everywhere, all the time, VPN is also not a "magic bullet", just as Tor isn't. They both have their problems (which need to be discussed and be very public about). And I think saying its "100% secure" is good marketing, instills confidence, and keeps the masses calm, but what does it mean, really? Tor's crypto isn't any worse than Cryptostorms's. I'd argue that there is no 100%, including Cryptostorm, and that kind of hyperbole is the what turns off security conscious people. Tor never claims 100% about anything and they are very up front about what they can and can't do and potential attack vectors.

Wouldn't Cryptostorm show that they really were above the fold by having an independent audit of their network? Or how about a white paper looking at the feasilbility of a Traffic Correlation Attack? I suppose that's one of the hard things for a business to do, air their dirty laundry because it might mean scared customers. Whereas Tor has no customers. I'm not saying it would be easy. Cryptostorm doesn't get $2mil a year in grants. But I think that level of openness, will attract more customers than you scare aware because customers will see that's its not just a war of words.

[...]
Again this sounds a little bit over the top. "Ok children, go back to sleep, we'll protect you from all the baddies." I think its a disservice to the users to gloss over the real limitations that can be provided, by any service. Why not put it all out there? Saying something like "we've got your back till it leaves our network, so make sure your important communication is encrypted", is a lot more honest and truthful. The internet needs (even more of) a reality check. A false sense of security does nothing but put real people more at risk because they didn't accurately evaluate the risk in the first place. My impression is that this forum and Cryptostorm stands for telling it like it is, no BS, no sugar coating. This forum is doing that in analysis of other organizations and technologies, but what about itself?


In case it seemed like I was being too ciritical, I want to say that posting configs and having an open discussion on the token auth mechanism are amazing. I've not seen this done anywhere, and really sets a bar. I stand by much of what I said in theory, but Cryptostorm is really taking things to a new level. Amazing!

*Also*, I forgot that I wanted to mention for anyone reading this, that these are not orthagonal technologies. You don't have to choose one or the other. One might think about having the VPN as a base network, but then running Tor on top of that for any comms that needs higher anonymity and you're willing to accept the higher risk of a malicious exit node (for instance you need to access an encrypted resource from a particular country).

User avatar

Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

The value of sharp, direct, unflinching debate in general

Postby Pattern_Juggled » Sun Oct 20, 2013 3:25 am

Your analysis and commentary above are, in a word, excellent.

I know the tech team is juggling quite a bit of mid-launch operational work currently. As such, I might take a run at a summary reply to those areas for which I'm at least marginally qualified... and call on the deep tech folks to pick up the balance as their schedule moderates this week.

One thing I can say without hesitation, and on behalf of all of us here: open debate, open critique, and open discussion are the ONLY way to ensure systems are secure in real-world scenarios (well, that and of course actual pen testing of said systems - obviously) and the ONLY way to create a sustainable path for improvements in security over time. That's a fundamental, essential given to all these discussions - the more things are hashed over, debated, and explored the smarter we all become and the fewer stupid errors are going to persist.

During that, it's expected - almost mandatory - that things will get "heated" from time to time. Sure, we can all do our best to be collegial and respectful and that's a good skill and a healthy starting point... but we're also shit-flinging primates at core, and when we're passionate about topics we'll often get, well, passionate in our debates! In terms of cryptostorm as a team and as individual team members, this is something we're all used to and we take it as in fact a good sign that a discussion is genuine and not just foo-foo patter.

Obviously, it's possible to be just a dick (like Canadian Scott :-P ). That's not really helpful, usually. But even dicks sometimes make good technical points, and being a dick doesn't obviate a cogent argument. I'm not saying you're being a dick in above posts - not at all - but making a general point about the fact that sharp elbows aren't a disqualifying trait. When that kind of thing veers into ad hominem personal attacks, distracting trolling, or other such nonsense, then no it's no longer helpful. Even so, unlike thin-skinned "bloggers," we don't delete posts here. Worst-case, they get moved down to the "Dumping Ground" so they don't derail otherwise-useful threads... but they're still there if folks want to read them, respond to them, expand them. It'd take a really, really destructive post to get it actually removed entirely from the forum here... I can't remember such happening in this forum, related forums, or historical versions of this forum that have evolved into its current form. Ever. It could happen - there's attacks against 3rd parties that we wouldn't allow to stand here as they don't involve firsthand participants in debates who can defend themselves, for example - but it's not something we've yet seen.

So, within those very wide boundaries, fire away. No need to sugar-coat, although a modicum of civility goes a long way (again, not referring to the above-poster specifically but to sharp commentary in general); we're all adults here, and most folks in the guts of the tech world are well used to a bit of sharp debate - thin skins are uncommon. Those of us who trace back to pre-HTTP days of BBSes and other such text-only venues can confirm that things have always been a bit rough when the stakes are high.

And, when it comes to online security, the stakes are indeed high...
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f

User avatar

parityboy
Site Admin
Posts: 1096
Joined: Wed Feb 05, 2014 3:47 am

Re: Tor & VPNs - comparing & contrasting network privacy tec

Postby parityboy » Fri Feb 21, 2014 7:18 am

I know this thread is several months old, but I thought I'd add my take on things.

amen. know your tools.


Absolutely. Unfortunately, at the moment it's more a case of "know your tool chain". In terms of ease of use, bearing in mind that a large number of the people that would benefit from Tor and/or VPNs are not technically savvy, the two models are much of a much. A VPN actually requires more configuration steps while a Tor environment requires the same step to be repeated for every application to be used.

Speaking of applications, there are still too many of them with leaks. I'm currently writing this post using the Rekonq (version 2.2.1) browser, over Tor (I'm on the laptop). In normal browsing mode Rekonq respects the SOCKS settings, while in private browsing mode it totally ignores them. Being open source, you'd think this would have been caught but it proves that without rigorous testing (or even basic testing) open source code holds no guarantees.

Obviously if I was using something like BadVPN or Tortilla, it would be less of an issue but those products require the Tor client relay to be running on a separate host to the network adapter, so unless the user has a certain amount of technical savvy (i.e. setting up a virtual machine) it's a non-starter. Also, without decent firewall rules in place, leaks can still happen anyway.

As far as bandwidth goes, yes Tor is short of it. I think Tor existing bandwidth can be put to better use with a couple of changes, but whether these happen or not remains to be seen.

1) Entry policies. This is just a name for a mechanism whereby the traffic entering the network is routed according to its destination port, such that light-traffic protocols such as IRC, XMPP and perhaps VoIP applications such as Mumble and TeamSpeak are routed through lower-bandwidth relays, while protocols such as HTTP are directed through relays with higher bandwidth.

2) Exit policies. Currently, there are relatively few exit nodes and a Tor circuit will favour the highest bandwidth relay that can actually exit the traffic. Unfortunately, even some of the larger exit node operators (you know who you are) fancy themselves as ISPs and run an exit policy of "accept *.*". This kind of neutrality would be fine if Tor a) wasn't run by volunteers and b) didn't have idiots running BitTorrent over it. The likes of Azureus/Vuze have a lot to answer for.

By allowing BitTorrent traffic to exit the network, BitTorrent users are encouraged to use the network even more which hurts Tor even more. Relying on people to use their discretion is simply not going to work, because too many people aren't like that. Rather than pushing the idea that BitTorrent over Tor is "frowned upon", I think more should be done to make a permitting BitTorrent traffic "frowned upon", at least until the network has enough capacity to deal with it (which, if we're honest, will never happen).

I love Tor. I think it's a great tool which should be cherished and nurtured. I was running a middle relay until the upstream provider got their knickers in a knot. I love CS too, I think the team is doing a fantastic job (which is why I'm a member), and I think that Tor and CS are complementary. If I find a decent hoster, I might even run a Tor exit node which actually exits onto CS. :D


Return to “cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity”

Who is online

Users browsing this forum: No registered users and 4 guests

cron

Login