i need to access a service that has both clearnet and onion domains
i try to use the onion, but most of the time the onion is down and only the clearnet domain is available
i would like to mitigate a timing attack (correlation) such as:
an adversary controls both entry + exit nodes
both nodes know i requested “clearnet website x”
now they can confirm my real ip (or the vpn ip if used before tor)
normal scenario
using tor + clearnet site + https, they would know that i accessed the site, but not my username or any other info due to https correct? the only way to match it to a username would be if they also had access to the site’s DB and could check login/logout timestamps?
https proxy
if i setup a https proxy after tor, this should mitigate the attack?
the exit node would only see the https proxy ip and not that i’m accessing “clearnet website x”, correct?
i.e. whonix workstation => https proxy (firefox) => clearnet site
If the website isn’t blocking the tor exit nodes I wont use a proxy or vpn over tor. You will need to get a VPN anonymously, paying in cash or monero and trust in another third party service.
Tor over a VPN or bridge to hide to your ISP that you are using TOR looks better, but the problem is the same.
It’s a complicated and controversial subject. If you don’t trust guard or exit nodes the most accurate solution in my opinion would be to self host yourself it, or have a list of trustworthy relays and configure to use it.
“If the website isn’t blocking the tor exit nodes I wont use a proxy or vpn over tor. You will need to get a VPN anonymously, paying in cash or monero and trust in another third party service.”
this is not about getting blocked, it’s about being forced to use the clearnet domain because the onion is constantly down (and i need to use the service)
my idea was to self-host something like Tinyproxy on a vps and set it on Firefox (on the Workstation). i’m mostly sure it would work, but now i’m thinking if there could be a DNS leak before hitting the https proxy
“Tor over a VPN or bridge to hide to your ISP that you are using TOR looks better, but the problem is the same.”
the VPN would protect my real ip yes, but then i would be only a single last layer away from exposure
“It’s a complicated and controversial subject. If you don’t trust guard or exit nodes the most accurate solution in my opinion would be to self host yourself it, or have a list of trustworthy relays and configure to use it.”
yes, i thought about self-hosting an entry node and forcing whonix to only use my node
would need to ask what are the pro/cons on another thread, and if it’s doable
This is not a good idea. Restricting the relays you use will make your system’s behavior stand out from the vast majority of other Tor users, making it easier to fingerprint you.
If the proxy connection is actually encrypted (which is not guaranteed, see https://security.stackexchange.com/a/61336), and you trust TLS entirely, and ignore the possibility of timing attacks against TLS, yes. But keep in mind TLS is easy for state-level and certificate-authority-level adversaries to compromise and timing attacks against it have been found before. See:
Also bear in mind that unless you’re using an anonymity-preserving hosting provider (i.e. one that lets you access the machines over Tor and takes payment in cryptocurrency), or you’re using a publicly hosted server, you’re going to bind your identity to the proxy server that you create, which basically eliminates any benefits of using Tor. You may also stand out from other users by using a server most (or all) other Tor users don’t use; depending on the adversary you’re up against this may or may not result in the adversary deciding to monitor your server’s Internet traffic and being able to figure out what sites you access that way.
if you only use your own guard (entry) node, can you explain further how can they fingerprint you?
was thinking of setting up TinyProxy or a similar tool
so as i understand it, after the exit node, there is no more Tor encryption so i would depend on TLS only for that last hop, and TLS could be decrypted/MITM
the proxy vps would be paid in monero and accessed over tor (from the workstation)
it would only be used for this situation and not for the rest of the traffic/websites
This isn’t quite what I was talking about when saying something was a bad idea. That being said, the problem is that with Tor, you have to worry about passive observation on a large scale. Tor has code that picks relays, and that code should be the same on the machines of all users of the same version of Tor. Your traffic patterns thus blend in with everyone else’s. Once you start changing what relays Tor routes traffic through, now there’s something about your traffic that is going to be distinctly different from almost every other user on the network. This is one reason why Tor-over-Tor is a bad idea.
Correct. If you wanted to circumvent that, what you might be able to do (no idea if this would work, I’ve never done it before) is stand up a Tor hidden service on the proxy VPS, and proxy your traffic through that. That would let you keep your traffic well-encrypted in the Tor network all the way to the VPS, and only leave the network through the VPS. That might work, as long as your identity can’t be linked to the proxy server.