What is the advantage and disadvantage of VPN over TOR

Thu Dec 24 14:55:27 UTC 2009

On Thu, 2009-12-24 at 15:25 +0100, Werner Schram wrote:
> Rashkae wrote:
> > arshad wrote:
> >   
> >> On Thu, 2009-12-24 at 06:52 -0500, Rashkae wrote:
> >>     
> >>> arshad wrote:
> >>>       
> >>>> and how to configure a VPN in jaunty? (i don't have a VPN router, im
> >>>> connecting to interent using mobilephone)
> >>>> thank you very much.
> >>>>
> >>>>
> >>>>         
> >>> Advantage: non-whatsoever
> >>>
> >>> Disadvantage: You'll be routing your vpn traffic through routers
> >>> controlled by other people, who include a handful of University computer
> >>> science departments and even the NSA, who will all be given the first
> >>> chance to sniff all your traffic for passwords and what not.
> >>>
> >>> It should go without saying, this is not at all what TOR is designed for.
> >>>
> >>>       
> >> so you mean,
> >> TOR is better than vpn?
> >>     
> >
> > A vpn tries to keep the communication between two computers secure and
> > private.  TOR strives prevent two computers which are communicating with
> > each other from seeing each other.  Not only are they two completely
> > different objectives, in several ways, they can be considered mutually
> > exclusive.  (Unless you are tyring to connect to a vpn with stolen
> > credentials and want to prevent the vpn  owner from tracing connection
> > back to you.)
> >
> >   
> >> i would like to confirm the following with TOR:
> >>
> >> 1) the site i visit doenst know where i origin from
> >>     
> >
> > Correct
> >
> >   
> >> 2) an eavesdropper cannot intercept the message
> >>     
> >
> > No such protection.  In fact, a security researcher recently published a
> > whole whack of government officials e-mail username and password because
> > he noticed several people using TOR mistakenly thinking it was a
> > security tool rather than an annonimizer.  If you are sending any kind
> > of username / password over TOR, you defeat the pupose entirely.
> > (unless, as I said, the username/password aren't yours.)
> >
> >
> >   
> >> 3) ISP doesnt know which sites visited.
> >>
> >>     
> >
> > Maybe, though there's nothing stopping the ISP from participating in
> > TOR, and maybe end up being part of the chain that brokers the
> > connection.  I don't know enough about TOR internals and encryption to
> > give information on how successful this goal will be.
> >   
> Tor uses entry, relay and exit nodes. When you use tor, you make a 
> connection to a random entry node. The entry node connection a path to a 
> random relay node, which makes a connection to a random exit node. Your 
> communication will be encrypted from you till the exit node, so the 
> entry and relay node cannot read it. This way, the entry node doesn't 
> know the destination (because of the encryption), and the exit node 
> doesn't know where it is from (because that information is only known by 
> the entry node and removed from the packet header). So to know both the 
> origin and the destination of packets traveling trough TOR, you must 
> control an entry, relay and exit node, and make sure the client uses 
> that path. So even if your ISP participates in TOR, it is extremely 
> unlikely that they will be able to track your traffic. Of course this is 
> assuming that you are not enclosing any identifiable information in your 
> package content, in which case the exit node will be able to identify you.
> 
> To repeat what Rashkae already noted, TOR does not provide any 
> protection for your content at all, it merely anomizes the destination 
> (before tor entry) or the source (after tor exit).
> 
> Werner
> 
> 

for me the TOR relay always go through US,german and hardly through
austria and other few countries.

why doesnt it go through the rest of the world, like spain, italy,
india, russia or china etc...?

thank you very much.