Hypothesising here not an actual thing because why bother…
Lets say you ran one VPN tunnel and then another tunnel inside that. Would that provide a much harder trace of the originating IP ? So… would it be possible to run a set of tunnelled ultra low resource virtual machines layer upon layer out of a single NIC ? like 50 in a crazy VM-VPN chain ? what’s the flaw here if you only needed snail pace communications ? I know there is no point, its just something i wondered.
You wouldn't need the VMs, you could just run a bunch of vpn connections through each other. But it probably won't help too much, as it's difficult to trace a connection back to its source ip if the VPN provider is set up properly and using a shared IP for all its users. It's more likely that they will trace you to your account with the VPN provider.
Also this is essentially how tor works so you're probably better off using that.
And if you ran 50 vpn through each other it probably wouldn't work at all as the overhead for all 50 connections would probably be larger than the packet size, it would either not work of there would be so much fragmentation that it would just be horrible to use.
There are a lot of ways to trace a person not just ip, so trying to cover that up is only part of a sollution.
I agree this wouldn't be effective, however with Tor you don't know who holds the intermediate and exit nodes, with the exit node being able to read your data as a VPN provider could, but you don't know the end node. Not to mention each VPN provider along the path could read the data transferred, and if not properly encrypted, would be able to extrapolate from that data sent, which could lead to identification 30 VPNs down.
I would disagree that the overhead is larger than packet size as most of that information would change dynamically as it routes. What would kill the packet is the fact it would have to do so many hops that the TTL would expire. While tunneling through the VPN the packet may grow in size in order to accommodate the VPN encryption, but as soon as that VPN shoots the packet out of it, the packet would no longer have that encryption, thus the packet shrinks.
At the end of the day @meggerman don't do shady shit on the internet that requires this solution.
lol im not actually doing this but I 100% agree with that sentiment. I wouldn’t touch TOR tbh its name is so ubiquitous that just running the thing implies shady activity.
I don't actually use VPN's because in the past when used for work purposes they tended to be slow and flaky, also if im buying stuff i want to be in my region and i have no interest in watching content that the provider sees no interest in sharing with me in my region.
I was wondering if multiple VPN's are stronger than just one.
I guess the answer is, it depends. If you're using a decent VPN service then someone who is trying to trace your IP should not be able to link activity to your real IP, so you shouldn't need to have multiple VPNs. Ultimately you have to create an account with each VPN provider you use and this will be the easiest way to trace you. Although if the attacker is in a position where they can see both the incoming and outgoing traffic of a VPN server then it should be fairly trivial to determine which traffic belongs to which IP by looking at the packet size and timings, so in that scenario having multiple VPNs would offer some protection.
I'm fairly sure that using multiple layers of encryption, such as sending VPN traffic inside a VPN actually weakens the encryption. I think it makes it more vulnerable to cryptanalysis, but I'm not sure, cryptography is complicated.
But there are more ways to identify a person than just their IP address; cookies, metadata, patterns in your traffic can all be used to track you or identify you.
Thanks. Why is it that there aren’t many differing products on the market ? VPN outside of a typical SSL connection seems to be ubiquitous
There are a few; tor and maidsafe for example or SSH tunnels. VPNs are easy to deploy as someone else has done all the hard work, all you have to do is run the server and have a decent lawyer. It's a proven technology and is much easier than developing your own thing that does something similar.
Ease of use often collides with proper security though ? Also I thought TOR was just VPN but with torrent technology and nodes ?
Nothing to do with torrents as far as I know. I'm pretty sure it's it's own thing as in it's not using some other type of VPN like openvpn. It works in a similar way to a VPN but it's unique in how it works.
Thanks for the clarification.
Ars actually did an article that discusses VPNs that I feel would explain things a bit better here: http://arstechnica.com/security/2016/06/aiming-for-anonymity-ars-assesses-the-state-of-vpns-in-2016/