Did I just burn myself

Temple · June 7, 2016, 1:59am

I use Whonix on my host machine and also on my dedicated server, on both earlier today I installed team viewer and connected from my host to the dedicated server.

Tonight i’ve just found out team viewer uses udp.

What information would have leaked when I did this? Is this server now burned? Thankfully I was just in the process of setting it up so I have nothing on it.

entr0py · June 7, 2016, 4:12am

Where did you install TeamViewer? I’ll assume you installed it in each of your Whonix-Workstations, and not on the Hosts or Gateways.

It can. But not when you route it over Tor, since Tor doesn’t support UDP.

Your TeamViewer connections (if they succeeded) were made using TCP. But even if Tor supported UDP, why would you think that UDP would be more prone to de-anonymization?

Still, there are plenty of reasons not to use TeamViewer. It’s not mentioned in the wiki, but I can’t imagine TeamViewer would be ranked very high on the recommended list.

It uses a proprietary, closed-source protocol.
It uses central servers to establish connections and/or to serve as proxies for your connections. When both ends use TeamViewer over Tor, they still maintain IP anonymity, but why involve a middle-man when you can connect directly? If the TeamViewer software has unique identifiers, then your activity will be pseudonymous.
Ambiguous security track record (including current events).

Patrick · June 7, 2016, 7:04pm

Burned. ISP, NSA, the server provider and who not had all a chance to log your real IP connecting there.

Temple · June 8, 2016, 1:04am

When I see Patrick post that I begin to worry, I must state that both teamviewers were installed on the workstations and only ever connected to one another via the workstations.

So time to close that server and start with a new one and never touch tv again or am I going to be ok?

entr0py · June 8, 2016, 3:18am

Patrick’s answer assumed that you meant what you wrote. My answer applies in this situation (despite my carelessness in reading your post).

Temple · June 8, 2016, 10:31am

Thank you, so I need to learn how to write better questions noted.

What concerns me or maybe I just don’t understand it correctly is UDP, tor doesn’t support UDP so what happens when I run a program that uses it from my Whonix workstation? Should it just fail to connect? I’m at no risk of it leaking my i.p?

When I connected my two teamviewers both of which were located inside a Whonix workstation I read that tor doesn’t support UDP and assumed that as they had connected a leak of my i.p must have occurred.

I have since read the wiki about tunneling UDP at the time of me using the teamviewers I was ignorant regarding tor not supporting UDP.

Patrick · June 8, 2016, 3:36pm

No leak. No risk.

entr0py · June 8, 2016, 7:20pm

It depends on the program. Determined programs like Skype and Teamviewer will use a different protocol to get out. Others, like some VOIP/SIP apps, will fail.

This is only partially correct:

TeamViewer - Wikipedia
network - How does Team Viewer establish a Remote Desktop Connection? - Information Security Stack Exchange

Temple · June 8, 2016, 10:38pm

Thank you both for your patience dealing with me regarding this matter my mind is now at ease regarding this and I’ve learned some stuff regarding tunnels from the wiki I previously didn’t know.

Thank you.