[Noisebridge-discuss] Transparent Tor-ification
Sai Emrys
noisebridge at saizai.com
Wed Mar 17 10:54:23 UTC 2010
On Wed, Mar 17, 2010 at 3:39 AM, Rubin Abdi <rubin at starset.net> wrote:
> Re: Leaking data via DNS, javascript, headers, etc, that's not possible
> if all traffic is being routed through Tor, which it is if I'm to
> understand it correctly.
I'm not sure whether a torified AP would prevent DNS leaks; I suppose
it depends on whether the client takes its suggestion for a DNS
provider. (This is why torbutton reroutes dns requests over tor to
opendns.) Let's be generous and say it will.
But that is definitely NOT adequate to prevent data leakage that's
more than enough to practically compromise your anonymity.
People like me (http://cssfingerprint.com) and other researchers
(http://panopticlick.eff.org,
http://www.iseclab.org/people/gilbert/experiment/, etc) can derive a
lot of information about you without knowing your IP, which is
(mostly) all that Tor itself hides. That information can very easily
be used to both psuedonymously fingerprint you (like I currently do)
or to fully deanonymize you (like iSecLab's experiment does).
Tor is no panacea; it just makes you look like you're coming from some
random IP, and IPs are only one way to identify people. *
>> Firefox + TorButton (+ Proxifier to cover other traffic sources)
>> covers at least the first one. :-P
>
> This setup works if you only care about http/web traffic, and have
> Firefox setup correctly, and aren't running any extensions that don't
> care about your proxy settings, and stay away from java and anything
> else embedded, and live on the Google Opt Out Island.
Actually, Proxifier covers all the other traffic AFAICT (including DNS
proxying), whether or not something wants to obey the proxy settings.
But again, all the above applies; proxies (like Tor) are only one
slice of privacy defense.
And if you are signed in to something, then of course you already lost
'cause you're *telling them*. :-P
- Sai
* Incidentally, they're not even always a good way. IMPE I've dealt
with ISP-level NATs, some with effective monopolies on small countries
(like the UAE, IIRC), that make everyone there look like they're on
the same IP. Still a fair amount of information, but not enough to
fully identify someone.
More information about the Noisebridge-discuss
mailing list