[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor exit+proxy

On Sat, Jan 7, 2012 at 03:30,  <hmoh@xxxxxxxxxxxxx> wrote:
> It's not recommend. And for cleartext http (not https) there will be now not one, but two servers who can log and tamper your cleartext traffic.

So there is no principal difference from a security standpoint.

> There is a paper where they explain the changes they made to Firefox.

Can't find it, can you provide a reference?

> Indeed. But i think the Tor devs do not like that idea much. 1. because of mentioned earlier [1].
> 2. because the list of Tor exit servers is available to the open public. That is good. See https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates#CommentForumSpam

There is nothing "good" about the list of Tor exist being available.
It's an unfortunate result of Tor's network design, and not something
that one could easily prevent in any type of anonymizing network, so
why not provide a list of exit nodes upfront? That prevents people
hogging the network with exit node scanners.

> Now imagine the idea Tor + open proxy gets promoted because the devs encourage that with a new option like Tor + your personal extra proxy chain... That wouldn't give Tor more credibility as it would be even harder to stop abuse form it.

Don't see why a Tor user should care about Tor's credibility in this scenario.

Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)
tor-talk mailing list