hi,
sajolida@??? wrote (16 Apr 2014 10:40:14 GMT) :
> intrigeri:
>> "because the administrators of the VPN can know both where you are
>> connecting from and where you are connecting to"
>>
>> --> How about mentioning that basically anyone who can monitor the VPN
>> server's connection can also do that?
> I'm not sure I understand what you mean here? Are you referring to an
> attacker sitting on the ISP of a VPN server, and observing incoming and
> outgoing connections?
Yes.
> I'm not very knowledgeable about VPNs in the real-world, but I thought
> that a VPN could be a big network infrastructure of its own, spreading
> across the world. And so, potentially, without a single point where you
> can observe both the incoming and outgoing connections. In that case,
> breaking the anonymity of the VPN would require a global adversary or
> being the admin of the VPN.
I guess it's correct that large VPN providers have multiple point of
presence on the Internet. Still, an attacker only needs to monitor
these N points, and then I think my point still holds if N>1 but is
relatively small, which I expect to be the case. Monitoring the IX's
where these POP live works too.
Regarding the other changes and answers: great!
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc