[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: A suggestion to TOR [a proxy server]

To: or-talk@xxxxxxxxxxxxx
Subject: Re: A suggestion to TOR [a proxy server]
From: Gregory Maxwell <gmaxwell@xxxxxxxxx>
Date: Sun, 25 Jul 2010 20:02:12 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 25 Jul 2010 20:02:19 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=jed8Ygd3vtMXcBywIHFMTO3hntUftTm0mpNsNQVW6Qk=; b=jgoKhJIaBv2qH64wdpwhODBRDzZ6rzE8p/1jCewyLQbTsqlXJxeWrK4yKvUBNmaei3 ybK/Se9YNsgvtGSYK/fseD+fL9ioPI3Mi41iOhgnz7eK2Pv2U7fz7sUysmM0dzy270l9 BTND6uVyWZmcVXehUAjjHYfyIQRIWerPNMXnY=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=Z8r3OAhNvING+zKiFuCn9tJUFY3nJDN2CfTs0NGvlHNskj+BHMWLx5lkKlNrh1WjKv gdy+74THUygm16ktT7MHT38J/MGX6DOCkfKdja+Ge0R0T4zSqCTyIXMj6An/RXrvcOtY ZPySzRd1exgObtv8MxcpWYzGiCgdF+VZw+5bA=
In-reply-to: <AANLkTi=Sfa0R3fbYUL2ntk++NaoMndbB8nYRWqOsiERL@xxxxxxxxxxxxxx>
References: <1280073515.1838.8.camel@arshad-desktop> <20100725204032.GA21630@sescenties> <201007251744.30198.praedor@xxxxxxxxx> <AANLkTi=FO-WYqr0+JfRLH5bHAw=+jvOU0zqm_9OeTsDZ@xxxxxxxxxxxxxx> <4C4CB38F.1080109@xxxxxxxxxxxxxx> <AANLkTikvJPTPG1m-07tGAF5w-0EULjFi+ESBG6kQd9pJ@xxxxxxxxxxxxxx> <AANLkTi=Sfa0R3fbYUL2ntk++NaoMndbB8nYRWqOsiERL@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Sun, Jul 25, 2010 at 7:33 PM, Kory Kirk <kory.kirk@xxxxxxxxx> wrote:
> I think this can be achieved with a Java applet. So maybe when JTor is
> finished. A relay could host a web server, and have the Java applet on it.
> The applet would need to be signed, and could be further verified by a
> checksum, which could be done automatically by Torbutton. The server would
> act as the entry point for all of your circuits.ÂSince the JVM is running on
> your machine, the entry point would not see the destination. Imagine if
> there was a list of relays implementing this method, and you could possibly
> choose one by location.
>
> Seth David Schoen writes:
>> The Tor developers don't think that would achieve the "same
>> objective" as Tor, because the proxy server would be in a
>> position to know both where you are coming from and what you
>> are doing.
> I think this would be solved because data going from the client to the proxy
> server would be the same as normal traffic between client and entry node.
> Although it would probably bring up all sorts of adversarial issues. I am
> interested if anyone sees a major flaw in this design.
> -koryk

(1) If the user can't install the regular tor package that means that
someone else has enough control over his system that he can't trust
any validation on his system. Short of abusing the treacherous
computing for good, there is no real way to have confidence in any
validation system running on an untrusted machine.

More practically important,

(2) If the user can install the torbutton software he either could
install tor directly or a version of torbutton can be shipped
_including_ tor itself.

and

(3) If the server in question provides the torbutton it could easily
provide a modified copy of it. So this doesn't eliminate the
bootstrapping problem.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: A suggestion to TOR [a proxy server]
  - From: Kory Kirk

References:
- A suggestion to TOR [a proxy server]
  - From: emigrant
- Re: A suggestion to TOR [a proxy server]
  - From: Seth David Schoen
- Re: A suggestion to TOR [a proxy server]
  - From: Praedor Atrebates
- Re: A suggestion to TOR [a proxy server]
  - From: Gregory Maxwell
- Re: A suggestion to TOR [a proxy server]
  - From: Moritz Bartl
- Re: A suggestion to TOR [a proxy server]
  - From: Gregory Maxwell
- Re: A suggestion to TOR [a proxy server]
  - From: Kory Kirk

Prev by Author: Re: A suggestion to TOR [a proxy server]
Next by Author: Re: A suggestion to TOR [a proxy server]
Previous by thread: Re: A suggestion to TOR [a proxy server]
Next by thread: Re: A suggestion to TOR [a proxy server]
Index(es):
- Author
- Thread