[Freedombox-discuss] Tor
Tim Retout
diocles at debian.org
Sun Oct 6 22:20:42 UTC 2013
Hi all,
I have been thinking about Tor some more, especially in light of
Friday's story:
http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption
My impression is that Tor itself comes out reasonably well from what we
know, but governments will try to exploit any browser vulnerabilities,
and are running their own Tor nodes.
I still believe it's not a good idea to be routing unencrypted traffic
through Tor, and you need to be checking the certificates for the
encrypted traffic. Browser plugins are risky too.
I'm also worried about DNS. In order to properly anonymize your web
browsing, all DNS requests need to go through Tor - but right now most
sites don't use DNSSEC afaik, so are vulnerable to a MITM attack at that
level.
By the way, this page explains why you shouldn't run DNS for non-Tor
browsing over TorDNS:
https://trac.torproject.org/projects/tor/wiki/doc/DnsResolver
With all the above, I think we are a long way from being able to provide
safe web browsing over Tor to non-technical users. At least, not
without getting them to use a separate browser (probably TBB).
However, I do like the idea of running a Tor relay (not an exit node) by
default on Freedombox. Just don't use it for web browsing! SSH and
SSL-encrypted IRC are possible uses - do the DNS lookups over Tor, and
check the identity of the other end properly.
HTTPS could work, but the DNS requests (and any plain HTTP resources
required) would have to go over non-Tor anyway, so I doubt there's much
point from an anonymity point of view.
--
Tim Retout <diocles at debian.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20131006/0248aae8/attachment.sig>
More information about the Freedombox-discuss
mailing list