[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Thoughts on Tor router hardware



> My conclusions are that running Tor on the router can enhance both
> security and usability.

You are dead wrong on that. (Semi-) transparent proxying is bad for quite a few reasons.

There is a huge number of applications with their own automatic update process that's insecure and vulnerable to man in the middle attacks. They may use non-encrypted connections, don't verify the server certificate (anyone with some valid certificate can impersonate the update server) or use weak/broken cryptography (even Microsoft update was vulnerable at one point). If that traffic runs over Tor, chances of being attacked increase dramatically, since malicious exit nodes can easily perform man in the middle attacks. This has happened in the past, with exit nodes injecting malware into downloads.

Unless you know what you are doing, a lot of your traffic will run over the same circuit (something that TBB tries to avoid) and can potentially be correlated. Some of your traffic will likely contain unique identifiers that can be tied back to you.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk