[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor exit+proxy

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor exit+proxy
From: Maxim Kammerer <mk@xxxxxx>
Date: Sat, 7 Jan 2012 06:00:03 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 06 Jan 2012 23:00:39 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dee.su; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type:content-transfer-encoding; bh=A9WiuQWs503bg2vAH3a1A5NH+WFZM4UyfZhP/k3Egbs=; b=J/GKViAsFgpBR7uzqLyfXurSE++12ZU5bh8dHhO2yI/G8bHvI9Mlur4z8eVhWt2iJj 1pc26p7vlL0rNIN+tYV8/SgHAYMI5MYLDKsQTbnWBT+nJrZ5nIVRnd95V/ZMhOZEhqf6 zLTbEQKAK6fFP1aWgoqSD+PbHp2PcoLku/bpU=
In-reply-to: <N1-36RNJpUkbM@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-36RNJpUkbM@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Sat, Jan 7, 2012 at 03:30,  <hmoh@xxxxxxxxxxxxx> wrote:
> It's not recommend. And for cleartext http (not https) there will be now not one, but two servers who can log and tamper your cleartext traffic.

So there is no principal difference from a security standpoint.

> There is a paper where they explain the changes they made to Firefox.

Can't find it, can you provide a reference?

> Indeed. But i think the Tor devs do not like that idea much. 1. because of mentioned earlier [1].
> 2. because the list of Tor exit servers is available to the open public. That is good. See https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates#CommentForumSpam

There is nothing "good" about the list of Tor exist being available.
It's an unfortunate result of Tor's network design, and not something
that one could easily prevent in any type of anonymizing network, so
why not provide a list of exit nodes upfront? That prevents people
hogging the network with exit node scanners.

> Now imagine the idea Tor + open proxy gets promoted because the devs encourage that with a new option like Tor + your personal extra proxy chain... That wouldn't give Tor more credibility as it would be even harder to stop abuse form it.

Don't see why a Tor user should care about Tor's credibility in this scenario.

-- 
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Tor exit+proxy
  - From: Javier Bassi

References:
- Re: [tor-talk] Tor exit+proxy
  - From: hmoh

Prev by Author: Re: [tor-talk] Hoax?
Next by Author: Re: [tor-talk] Google as default search engine revisited
Previous by thread: Re: [tor-talk] Tor exit+proxy
Next by thread: Re: [tor-talk] Tor exit+proxy
Index(es):
- Author
- Thread