How dangerous is it to be a communist in the US? Should I be very hush hush about it? I won’t ever be open about it but I’m just wondering how secretive I should be. Most of my close friends and certain family members know that I am a “Socialist”. I am pretty young and still need to start my life and I don’t want to ruin my chances of anything.
Some precautions I’ve taken are installing a vpn and only going doing commie stuff with vpn on. I’ve separated personal and political social media accounts and never post political stuff on my personal ones. Should I be doing any other things?
Thank you in advance
I get the increased attack surface, but wouldn’t they be able to get the ISP’s logs if a VPN wasn’t used (i.e. there would be no difference)?
Just wanted to say you are absolutely correct and most people replying to you are giving you bullshit. And they are ignorant or deliberately misleading people.
All ISPs in the US are part of surveillance programs and networks. This is a fact. The CIA/NSA and the FBI as well as local cops can easily access and understand what you are doing on your ISP connection and knowing your ISP provided IP address immediately leads back to you, your credit card and your home address.
Your home ISP keeps records on you going back years, probably at least 5, but potentially forever tied to your account, name, social, etc.
If you use Tor naked on your ISP connection your ISP knows you are a tor user and the NSA knows you are a tor user and your threat profile on the vast naughty lists is elevated.
VPNs may very well be intelligence honey-pots or otherwise compromised. I would suggest foreign VPNs located outside of US/five eyes jurisdiction as an ideal. However, even assuming that VPN XYZ which is located in Switzerland or France is an NSA run honeypot you are doing nothing to worsen your situation. You’re just adding steps to their process of identifying you which is never not a good thing.
They already have full visibility into your traffic from your ISP and can legally subpoena and use that against you in open court (in fact in many cases your ISP will hand it over without a warrant). By using this theoretical NSA honeypot VPN if they trace it back only that far they cannot in open court reveal that unless they want to blow the lid off the fact they’re running that service and have to shut it down and go to the trouble of spinning up a new one (and do this every time they want to do this) or to engage in parallel construction which is difficult and expensive and not always viable. Unless you are an incredibly high value target they’ll know you use tor but be unable to do anything about it.
Let us imagine for a moment you access a communist revolutionary website via tor, however it was compromised by glowies with malicious javascript that manages to get your computer’s IP address and send out a beacon outside of the tor tunnel to try and get your real IP address. On just tor they now have your real IP address. However if you’re using a VPN (and especially if you’re using it in a very secure manner for example via an injector upstream or the tor client is in a virtual machine with no hope of having access to your real internet connection, only the VPN one) they only have your VPN IP address, a shared IP address.
More HOPS is better so long as the final hop doesn’t know who you are.
What is not secure or sane is to use tor as a tunnel and have the final connection made by your VPN. Why? Because your VPN assumedly knows who you are via payment details and it would defeat the point of tor’s anonymity. You could potentially do this safely if you only ever connected to the VPN over tor (including during sign-up and including during sign-up and all use of your connected email address) AND if you paid using a truly anonymous payment method like giftcards bought with cash far from your home or certain cryptocurrencies subjected to anonymization techniques.
So am I right in thinking that, in the
You -> VPN -> Tor
case described in the article, the VPN would only be able to see the address of the first Tor node and the encrypted data to be sent to that node (i.e. as much as the ISP would see without a VPN)?Correct. Your VPN would connect to the tor network and thus see only the entry IP not the routing or the exit IP (they have no more ability to see that than your ISP does).
Your VPN knows your entry IP (usually the one assigned by your ISP) because it has to send and receive packets to and from it, your VPN also knows your destination as it has to pass packets to and from it for you. However your VPN only knows the first hop. The entry tor node’s IP address. Tor is a multi-hop system involving at least 3 hops, entry, onion routing, and exit. The entry and exit nodes are not supposed to talk directly to each other so in theory can’t correlate who you are and in theory means an attacker that controls an entry or exit node cannot use that to deanonymize people. A sophisticated attacker with control of large amounts of nodes in the tor network (or in a position to carefully observe traffic and perform timing correlation attacks) could in theory de-anonymize you. In such a scenario adding a VPN increases the complexity somewhat as it would mean your attacker would have to not only control significant parts of the tor network but also your VPN.
Thank you; that was also my understanding, but I’m far from a network expert, so I was concerned by @SaddamHussein24’s answers
Hm, that makes sense to me. I am not versed well enough in privacy topics to see why that’s not the case, so I think you’re correct. And the more I search, the more people say that yes
You -> Tor -> VPN
does not hinder the tor connection itself and protects the non-tor traffic coming out of your system + people probably trust their VPN way more than their ISP for good reason.I think
You -> Tor -> VPN
is primarily useful to access websites that block or otherwise inconvenience known Tor nodes (Cloudflare…). The best option for most of those who want all traffic to be secure is probably still TAILS (or Whonix, etc.) without a VPN, just because it’s easy to make mistakes. I mainly use VPNs when downloading things because Tor is quite significantly slowerHeck i meant to write
You -> VPN -> Tor
my bad, but yes you’re totally right on that frontAlso agree just use tails without anything extra probably easiest way
But also very interested in the convo above explaining why we’re both potentially wrong lol
Then you may as well just use a SOCKS proxy. VPNs are just glorified proxies.