I just wanted to clarify that the torified Apt traffic on Kicksecure is only Apt traffic. In that case, if a user wanted to use a VPN client on there desktop would there be any correlation risks?
Or would it be perfectly okay to use a VPN with the torified apt traffic. I guess my concern is that if I’m using a paid VPN with my identity and torified Apt traffic, I don’t want that to be correlated.
Have I understood this correctly?
The Whonix website (not Kicksecure) has a lot on VPN combination theory:
No attempts to exclude any traffic from any VPNs that the user may or
may not use are being implemented in Kicksecure nor planned. Such weird,
surprising functionality is to be avoided.
DonaldDomain via Kicksecure Forums:
The purpose of torified Apt updates was confusing me if you used a VPN, because the update servers would then get the VPN servers IP address.
No.
Kicksecure apt:
user -> VPN -> Tor -> destination
I don’t know how a user -> Tor -> VPN -> destination would be possible
without installing a VPN inside a Whonix-Workstation that is routed
through a Whonix-Gateway.
Unless you have a VPN on the router.
Okay but if you have a Kicksecure desktop, with a VPN client on the computer, doesn’t all the traffic originating from the desktop travel through the VPN client on the desktop?
Therefore the torified Apt travelling through the VPN client on the desktop as well?
Or is the apt traffic excluded from that.
Sorry just having trouble understanding.
DonaldDomain via Kicksecure Forums:
Unless you have a VPN on the router.
No difference.
Okay but if you have a Kicksecure desktop, with a VPN client on the computer, doesn’t all the traffic originating from the desktop travel through the VPN client on the desktop?
Yes.
Therefore the torified Apt travelling through the VPN client on the desktop as well?
Yes.
Or is the apt traffic excluded from that.
No exclusions.
No contradiction to what I said earlier.
This is a certainty.
Because a VPN tunnels all traffic through the VPN. This includes
traffic types such as IP, DNS, web, ssh and… And Tor. For the sake of
VPN connection scheme consideratins, there is nothing special about Tor
traffic versus lets say web traffic.
The VPN connects first before anything else because it runs on the
system level.
Other applications such as IP, DNS, web, ssh and Tor operate only on the
application level.
Just test it by yourself if you don’t believe me. Use Tor Browser or
something. The IP address in Tor Browser will always you’re using a VPN
be a Tor one. This will be independent on whether the host operating
system has a VPN enabled or disabled.
The VPN you’re using on the host operating system or not won’t influence
the IP address you can see in Tor Browser on test websites such as
check.torproject.org.
I apologize for any confusion, I understand now. Thank you.
I had read that using a VPN that was paid with identifying information and tor together wasn’t a good idea, and was just wondering if this extended to APT traffic as well.