|
|
|
|
|
|
by jtome
4762 days ago
|
|
|
I've actually read the opposite (there used to be something about TOR -> VPN here http://sourceforge.net/p/whonix/wiki/Tunnel_Tor_through_prox... they seem to say VPN -> TOR is safe)
I think using VPN -> Tor is normally ok since if you are running tor locally, your vpn provider won't be able to read your traffic since you have encrypted your traffic for tor locally (you've encrypted it four times in total, once for the vpn and three times for tor). The problem with lahana is that, unlike in the last case, in this case the traffic is only encrypted once locally then sent to the lahana node, decrypted, and then encrypted three times for tor. The danger here is that the person running the lahana node can read all your traffic after it is decrypted for them. |
|
|
> The danger here is that the person running the lahana node can read all your traffic after it is decrypted for them.
So if I understand this correctly, if you're in a country with a government that monitors traffic and you connect to a malicious public lahana node that monitors traffic, run by the same government then your traffic is compromised?
But if you run your own lahana node, then it's not (excluding questions about whether or not Amazon have the ability to go into a node for example)?
Sorry if it sounds like I'm being daft I'm just trying to understand the specifics here, so I can figure out ways to address them (if they fall within the scope of lahana, vs traditional Tor uses).