Persistent Tor Entry Guard Relays can make you trackable Across Different Physical Locations



How do you think the idea that adding censorship circumvention tools to WhonixGateway

(copy/pasted from a text editor )

@2xiangzi Thanks for your insights. Congratulations to you and your 1 million friends for poking holes all over the GFW! (At the same time, it’s sad that 1 million is still less than one tenth of one percent of the population. Of course, I’m sure the number of people who have access to any computer technology is a much smaller subset to begin with.)

Fun Fact: There’re about 1 million people able to circumvent the Internet Censorship in China and nobody has been arrested for reading/watching political sensitive materials. What the CCP really care is people who express themselves.

I guess the CCP has too much on their hands to go after everybody. But it’s still better not to be watchlisted in the first place. Everybody who expresses themselves began by reading/watching first. The impending economic slowdown is going to send Chinese internal security into overdrive / crackdown mode. I’ve read that even more terrifying to the CCP than freedom of expression is freedom of association - people who organize any type of meetings / gatherings.

Even if you could enforce --always-use-lantern-network, you could still be discovered as a Tor user because your destination is unencrypted through the network.

I’m sorry. I don’t understand ‘because your destination is unencrypted through the network’, dosen’t that mean your ISP is not able to know where you are going by using an encrypted proxy?

Sorry, written poorly. What I meant was that Lantern uses https to route traffic. So, from the FAQ:

Lantern users acting as access points can see the website you’re accessing and where you’re accessing it from, but the actual content you are reading from or posting to that site is not visible to them because it is encrypted over HTTPS.

Assuming I understand correctly that Lantern is strictly direct P2P and not a multi-hop relay… My point is: Can’t the CCP set up a bunch of Lantern nodes and see which Chinese IPs are connecting to Tor? Because you’re using Tor, the final destination IP will be hidden but Lantern will not hide that you are using Tor. It seems Lantern would be easier to attack for a mass surveillance dragnet while a VPN would be easier to attack for targeting an individual. (Attack would be analogous to https://www.torproject.org/docs/faq#EntryGuards, but unlike Tor, Destination IPs are in the clear.)

Didn’t realize that OpenVPN was blocked. That does limit your choices.

You can use it to avoid Cloudflare captchas :slightly_smiling: And as you mentioned, Lantern sever will get the same information that Tor exit node can get.

I’m beginning to like the idea of using Lantern post-Tor to evade Tor bans. Since each destination could potentially route through different peer IPs, I’m guessing that Tor circuit creation will cycle normally? Sounds much better than using a static Tor circuit to connect to a static Socks5 proxy or VPN (most popular VPN IPs are blacklisted like Tor also but a custom VPS usually works (but then the disadvantage is using a non-shared IP)).


I assume you read this page:

How about using Lantern to connect to an obfuscated bridge? It’s not foolproof but the extra hop may make the other 999,999 people easier targets. When a bear is chasing you, you don’t have to outrun the bear - you just need to outrun the guy next to you.