[Noisebridge-discuss] Transparent Tor-ification
Jonathan Lassoff
jof at thejof.com
Wed Mar 17 15:01:44 UTC 2010
Excerpts from Rubin Abdi's message of Wed Mar 17 03:39:27 -0700 2010:
> Sai Emrys wrote, On 20100317 032938:
> > You missed that you can leak data (with DNS, javascript, headers, etc)
> > despite using Tor, the outgoing Tor server could sniff your
> > unencrypted traffic, the NSA could set up a bunch of high-availability
> > Tor servers and own you end to end, ....
>
> Re: Leaking data via DNS, javascript, headers, etc, that's not possible
> if all traffic is being routed through Tor, which it is if I'm to
> understand it correctly.
>
> > Firefox + TorButton (+ Proxifier to cover other traffic sources)
> > covers at least the first one. :-P
>
> This setup works if you only care about http/web traffic, and have
> Firefox setup correctly, and aren't running any extensions that don't
> care about your proxy settings, and stay away from java and anything
> else embedded, and live on the Google Opt Out Island.
>
There's a reason it's on a separate network, rather than just some DHCP
trickery. You can't route out of this network unless it's through tor,
so no worries about proxy config, DNS config, etc.
All DNS traffic is redirected through tor. All TCP sessions are
redirected through tor.
That said, this still comes with the caveats Rubin mentioned, plus any
problems with anonymity-busting info that your browser leaks through the
tor-ified session.
One day I'll get around to adding privoxy in the transparent redirection
path.
--j
More information about the Noisebridge-discuss
mailing list