[Noisebridge-discuss] Transparent Tor-ification
Sai Emrys
noisebridge at saizai.com
Thu Mar 18 08:44:28 UTC 2010
On Thu, Mar 18, 2010 at 1:20 AM, Jacob Appelbaum <jacob at appelbaum.net> wrote:
>> Evidently it's a very common choice, at least. (It's evidenced also
>> when using e.g. the default "enter search keywords as a psuedo-url"
>> functionality - I always get openDNS' web search page while using
>> torbutton.)
>
> I think something is wrong there. You should show us which nodes are
> doing this and we should fix them. We have code to detect DNS providers
> that return lies. Perhaps you've created some corner case?
Maybe. For whatever reason, I wasn't able to replicate it just now.
I'll let you know if I see it again.
>> IIRC, Proxifier installs something as root that does this. There might
>> be some channels that leak, but I haven't found any. It's not an
>> extension, it's a full app.
>
> I'd be curious to see how it works.
>
> It's possible that it's done with something like LD_PRELOAD or dynamic
> function overloading on Mac OS X.
>
> It seems to be non-free software without source code. That's a shame.
You could always contact the developer to ask about these things. ;-)
I am not he, so I can't answer any of this.
>> You disagree about a different scope though. "Lost" here, again, means
>> with respect to the website in question. If they know who you are ...
>> they know who you are. Duh.
>
> No. They know who you claim to be for that stream, for that circuit, for
> whatever value of you is you...
I'm presuming here that we're talking about e.g. signed cookies or
certificates that give the website an authenticated identity.
Of course if you control your cookies finely enough to say when you
want to give them to a site and when not, then you can control when
they know who you are.
Again, this is something that IIRC Torbutton helps scrub.
> Tor and Torbutton should be fine. Privoxy and Polipo are only needed for
> caching and dealing with The Great Firefox SOCKS Proxy Bug. If it wasn't
> for that bug, Firefox would be reasonable and not lock up all the time.
> You really wouldn't need the proxy at all if they'd just ship a fix for it.
I didn't know there was one. Linky?
- Sai
More information about the Noisebridge-discuss
mailing list