Anonsurf through anonsurf

i had in my mind if its unsecure to run anonsurf on
my host machine and then run anonsurf in my virtual
machine at the same time
i have not been able to fine any answers

Its difficult to find an answer because nobody really knows.

Embedding tor connections would mean more hops, but more hops don’t necessarily mean its more secure. If you use tor differently to everybody else, you could make yourself unique from a technical standpoint, if you are unique you can potentially be traced. Its one reason why people use tails and torbrowser, to keep configurations the same.

You will also find the connection will be slower with more hops.

The tor website mentions it briefly. https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#ToroverTor
Because they don’t really know if its safe, they don’'t recommend it.

2 Likes

thanks for that link :smiley:
“When using a transparent proxy, it is possible to start a Tor session from the client as well as from the transparent proxy (read the warning!), creating a “Tor over Tor” scenario. Doing so produces undefined and potentially unsafe behavior. In theory, however, you can get six hops instead of three, but it is not guaranteed that you’ll get three different hops - you could end up with the same hops, maybe in reverse or mixed order. It is not clear if this is safe. It has never been discussed.”

so is most “likely” all about not being on the same tor connection both on the host and the vm

Hello @FriendlyDude :slightly_smiling_face:

I did try using anonsurf on host machine and in a vm simultaneously, Theoretically, it should give you more hops -> aka more anonymity. The fact that you will get different relays every single hop is not assured.

For me. I ran an internet speedtest on vm with anonsurf active on both the machines, got 1.7mbps download & 0.9mbps upload. Actual bandwidth is 120mbps up & down. So that’s a serious loss of speed.

On the same hand, more hops means attack vector increases, theoretically of course.

I reckon using Tor-over-tor wouldn’t really help much in case of privacy & especially security. Either use it on host or vm one at a time to avoid any speed drops that I faced :blush:

1 Like

good information :smiley: thanks

hope more people have some cool inputs :smiley:

love this forum <3

1 Like

A Lot of packets would drop and the bandwidth speed would take a dive. A big dive @FriendlyDude

Tried that 6 & 9 Hops approach, It was a BAD IDEA. I wasn’t even able to load duckduckgo’s onion homepage until upto first 10-12 minutes.

If you really want privacy, Try this setup -> Run VPN on main machine & then surf .onoin or web via Tor browser. I’ve used paid subscription of ProtonVPN for few months, Didn’t notice any severe speed dips either while using Tor. But I left that VPN service provider because a lot of conspiracies were hitting up the market. Using Just Tor would be sufficient enough for browing anonymously (Of course only if you are not upto some ‘h4ck0r 0f ar3a 51’ type of sh*t :wink: ) since Your ISP and its partners are going to see you are using a VPN or Tor anyway to hide something. When VPN or Tor comes to their mind, the first thing they thing is that the user is trying to hide something and completely ignore the fact that vpns can be used for secure connection too.

So As @KidKlown & @RedRuby I agree with both of them. It wont really provide any more anonymity that you get from 3 hops, I mean. Lets consider this, If feds/ISP are able to crack 1 relay to unmask your IP and your activites, they can crack all the relays <- as simple as that. So putting yourself behind 100 relays wont be much helpful since the relay is already broken. Hope you get my point :smiley_cat:

Not sure what you mean by ‘crack’, but i don’t believe this is correct.

The only relay that knows your IP is the entry node, and the only relay that knows your activities, is the exit node. The entire point in onion routing is that not one relay knows everything.

1 Like

you could try first running anon surf, then connecting proxychains to standard socks proxy (while on Anon Surf) to further distance your connection from your host machine.

As someone said ‘looping’ tor may or may not make analysis more possible.

With tor, my own thought is “leave as small footprint in tor network as possible.” Because tor is heavily targeted it makes sense to proxy out through other networks if you need that additional level of anonymity.

The way I see it the more data you use on tor, the more analysis fingerprinting points you possibly create. (given artificial intelligence analysis)

But this is just my own personal privacy theory.

1 Like

My bad for not being clear @KidKlown . That was a hypothetical statement. What I meant is, if feds were able to break the anonymity of users routing through relays & track individual user somehow, lets say by exploiting some sort of vulnerability or target-specific planted bug (again, its a hypothetical statement) for relay 1(entry node/bridge/relay1) to relay 2, they can do the same for relay 3 to relay 4 to relay 5 and so on. So my point here was, Practically, you will get same anonymity in 100 hops than what you will get from 3 hops [browser-relay1[entry node/bridge)<->relay2(hop)<->exitnode(relay3)<->clearnet OR Browser <-> 3 User’s Relays <-> 3 Website’s Relays <-> .onion] and at loss of usability (loss of bandwidth). Surfing a .onion site already gives you more hops as compared to surfing clearnet over Tor. Adding more hops would rather just reduce speed at the cose of mere more anonymity which I suppose is not worth it (at least for me :100:

Hopefully my statement is clear :slight_smile:

2 Likes

Thanks for all for the inputs :smiley: the only thing that isn’t concerned me atleast is the internet speed , i prefer “privacy” over internet speed if i should choose one :smiley:

here the other day i was trying to run anonsurf on my host, an then in my vm, and then i made a vm inside the vm and activated anonsurf on that so i had 3 anonsurf running so and speak ,just for fun ,

but i didn’t have to waith like 12 minutes :smiley:

once again all thanks for keeping this alive is VERY interesting to see for me what people can come up with :smiley:

1 Like

Now I’m curious to know your system specs (RAM, CPU, GPU) & How much of it you allocated to VMs :stuck_out_tongue:

Intel® Core™ i7-3610QM CPU @ 2.30GHz
8 gb ram
nvidia geforce gt 630m 2gb
SSD

is getting kinda old

1 Like

So How much ram you allocated to your VMs?

the first vm host have 6gb of ram, and the vm inside the vm has 3 gigs of ram :slight_smile:

Have you tried just adding more nodes/hops to your virtual machine. If security is what your after I would just run whonix in a Virtual Machine and add more middle nodes manually. Go to the Tor site and look at their config file options it should just be a one liner in the config file if I remember correctly.

That will give you additional security (by more hops & whonix doesn’t allow ip discovery by design) and preserve your speed/performance.

The problem with the virtual tor tunnel and host tor tunnel is they are both doing the entry node and exit node negotiations seperately. By configuring the tor config file your are adding additional middle nodes without extending the entry exit nodes. You also can change the number so on VM -> Host it is 6 hops no matter what. You can change it to 4, 5, 6, 10 hops or whatever.

Edit: Here is the guide it also has a number of other options that you should take a look at if you are trying to be secure. https://2019.www.torproject.org/docs/tor-manual.html.en

3 Likes

In reality anonymity isn’t a scale, you are either anonymous or you aren’t. You cant be ‘more anonymous’ but you can be more secure.

In theory increasing hops wont increase security, if anything its more likely to harm it. Not to mention you are putting more load on the network, and slowing down your connection speed.

2 Likes

For anyone that is interested, here is a repo full of selected anonymity related papers:
https://www.freehaven.net/anonbib/

5 Likes

Thats one intresting site @KidKlown :grinning: Thankyou for Sharing The Link

1 Like

thanks :slight_smile: i think that is gonna be some interesting reading for me :smiley:

1 Like