[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] corridor, a Tor traffic whitelisting gateway



Hi Gavin & all,

>> https://github.com/rustybird/corridor/#pitfalls
>>> corridor cannot prevent malware on a client computer from directly
>>> contacting a colluding relay to find out your clearnet IP address.
> 
> I don't think this disclaimer is strong enough. With the 'getinfo address'
> command, malware doesn't even need a colluding relay.

I have to admit I was unaware of 'getinfo address'. For sure, the warning
needs an update as soon as GitHub tells me WTF is going on with my account.

These days, my thinking is that the purpose of corridor is not security but:

safety against accidental misconfiguration (especially for developers);

outsourcing :) the potential troubles of open WiFi to exit node ops, who are
are way better equipped to deal with them;

increasing Tor adoption in your neighborhood.

Rusty

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk