hashtable wrote:The voodoo network is unique / insane ? I can't explain it verbally, but something below the threshold of my consciousness understands the topology of the network.
When connecting to a normal singlehop VPN service your Internet traffic is routed through a single VPN server. With a multihop VPN service it is routed through 2 or more VPN servers in different jurisdictions. This technology has been carefully incorporated into the IVPN network using the same 256 bit OpenVPN encryption as the singlehop VPN servers.
Quad VPN works on the basis of daemon that simultaneously connects a separate VPN server with all other VPN servers. Each VPN server can simultaneously be a backend server, a frontend server or a transit server. Thus, there's formed a global server network with no chances to track the traffic route.
It worked during testing - it was slow - but I expected that.
The test only used one exit node - but the whitepaper talks about creating vps endpoints on the fly? Does that mean the ip address resolved will change in flux as needed, even though the same cores are being used?
One of the challenges is that, in the usual "multi-hop" snake oil diagram out there, it's all made to look simple and easy to do. Of course, the only reason that's the case is that they're not actually implementing anything
hashtable wrote:I completely agree, and I hadn't heard of 'GRE tunnels' before reading the 'stream of consciousness' README on voodoo's github. It's fundamentally simple - without the bs every single other VPN provider 'claims' to provide. You (or whoever wrote it) did so transparently - open source - so cryptostorm has my trust and respect.
Then I read the blog posts and slowly put together how this came to be -![]()
My hope is that someone will come along and explain what voodoo is, an elegant and memorable paragraph or two. In fact, as we've been asked in twitter to do a nontechnical "this is what voodoo is" post, my hope that someone savior will appear and solve that problem gets riper by the day!
hashtable wrote:
My hope is that someone will come along and explain what voodoo is, an elegant and memorable paragraph or two. In fact, as we've been asked in twitter to do a nontechnical "this is what voodoo is" post, my hope that someone savior will appear and solve that problem gets riper by the day!
I think I understand now - the half voodoo![]()
Client IP <---> Server IP ------------- Server IP <----> Dest IP
It should appear normal from the outside - client connects to vpn and a destination receives a request from the vpn and the response is routed back to the client. The magic happens inside the cryptostorm servers. Two servers (e.g. Romania / Russia) are connected via gre tunnels, which allows them to share a SINGLE local network (192.x.x.x). So keep that in mind, as I discuss the 'hops'. When server A receives a request, it needs to forward it and also respond to the client. Here's where the voodoo happensServer A will pass the request to Server B - but when Server B receives it, she'll think it just came from her local network. So from a routing perspective - instead of hopping from A to B - the packet will appear to have teleported via some quantum superposition of A & B 's local network. When B routes the payload to the final destination, the OpenVPN protocol will think the packets been in the same local network this entire time.
The POSTROUTING rules and the information given to clients and destination is a little confusing to me, but it's consistent. A might say it's B and B might say it's A, you might think your talking 1 on 1 with A - but it might be B or C? And same with the website. However, somehow, both you and the website will agree that it came from the same IP address. But if the traffic, I mean *when* the traffic is arbitrary intercepted at various points, the meta data won't match. It'll appear fragmented from an outside observer, while being continuous and singular from within the OpenVPN protocol. As if it exists in two states simultaneously, and the observer determines whether or not it's a particle or wave.
kensinclair wrote:are there still use-cases where Tor would provide some functionality that you couldn't get with voodoo?
Return to “cryptostorm reborn: voodoo networking, stormtokens, PostVPN exotic netsecurity”
Users browsing this forum: No registered users and 4 guests