Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ

community/crowdsourced voodoo exitnodes - discussion

To stay ahead of new and evolving threats, cryptostorm has always looked out past standard network security tools. Here, we discuss and fine-tune our work in bringing newly-created capabilities and newly-discovered knowledge to bear as we keep cryptostorm in the forefront of tomorrow's network security landscape.

Topic Author
Guest

community/crowdsourced voodoo exitnodes - discussion

Postby Guest » Thu Mar 24, 2016 11:11 am

This is awesome.

But for this to be really ground breaking and useful, Voodoo nodes need to be crowd sourced, not run by CS. And they also need to change repeatedly and not be fixed for the whole session of the user, to prevent easy fingerprinting and pinpointing users' IP addresses (I assume multiple people can connect to one Voodoo at the same time or else this is useless).

Background:
Voodoos see the Source IP addresses of users, but NOT the plaintext data. Never see plaintext data since they'll always be encrypted either to or from the Core OpenVPN server.

Cores see the plaintext data (assuming no other Encryption is in place), but NOT the Source IP address (they see the Voodoo IP).

So, what these requirements I listed prevent is putting all of the user's apples in one basket (data and IP in the hands of CS staff), and of course, this will add plausible deniability for CS and distance them from some headache; and at the same time ensure that users guarantee that whoever has the data doesn't have their IP, and whoever knows their IP (the Voodoo) can't see their data (since there encrypted to and from the Core OpenVPN server).

So again, ease make Voodoo nodes a crowd efforts. Otherwise I can't see how this is any different that traditional OpenVPN setup.


Topic Author
Guest

Re: community/crowdsourced voodoo exitnodes - discussion

Postby Guest » Tue Mar 29, 2016 8:54 am

I don't think we're trying to create a hyperboria meshnet - but I like the idea of crowd-sourcing - sort of. Trust is critical - and the VPS endpoints (or jumps or whatever) are the weakest link which is why they need to be disposable. All data is encrypted before it reaches any CS server - and the tokens already prevent anyone at CS from knowing who's connecting. However - they are routing the traffic - the routed traffic has metadata a - b - c.

Only those watching the entire internet would be able to see the correlations... and it's trivial for them now. Voodoo - I think - obscures the metadata - but the more VPS nodes avail the better - especially if we were distributed. But if it's being routed then you wouldn't be able to jump through the stateless - DNS mesh of the WWW via deepdns. We also need to trust the endpoints and expect them to the be targeted so they can be shut off. i think. i dunno if i know what i'm talking about though. I agree we should try to share resources and crowdfund if possible but critical difference between tor and cjdns - tor assume everyone is bad - cjdns assumes everything is good. Tor is global - cjdns might have a presence in some cities but it's limited by how far a wifi signal can go. I like voodoo because it's novel and obscure - but someone needs to monitor and protect all the servers...


Topic Author
Guest

Re: community/crowdsourced voodoo exitnodes - discussion

Postby Guest » Fri Apr 15, 2016 2:13 am

sorry i misread part of your post you're right about the ip addresses but none of the endpoints are going to make sense to anyone outside watching and anyone inside won't know what or where the final destination is - but its different than an ordinary opvn setup - even a multi-hopped setup - or tor itself. deepdns


Last bumped by Anonymous on Fri Apr 15, 2016 2:13 am.


Return to “cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity”

Who is online

Users browsing this forum: Bing [Bot] and 11 guests

Login