[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: blog about tor and skype

To: or-talk@xxxxxxxxxxxxx
Subject: Re: blog about tor and skype
From: Roger Dingledine <arma@xxxxxxx>
Date: Tue, 6 Mar 2007 14:16:00 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 06 Mar 2007 14:16:22 -0500
In-reply-to: <20070306115735.84118.qmail@web23310.mail.ird.yahoo.com>
References: <20070306115735.84118.qmail@web23310.mail.ird.yahoo.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.5.9i

On Tue, Mar 06, 2007 at 11:57:31AM +0000, sy16 wrote:
>  I read in this blog http://www.hermann-uwe.de/blog/howto-anonymous-communication-with-tor-some-hints-and-some-pitfalls 

To clarify for the or-talk readers, it looks like the suggestion for
using Skype with Tor can be summarized as "use Freecap".

> in the comment/reply section:
> 
> Not meant for privacy             It seems like there's a slight misunderstanding here. This setup is not going to anyonymize all of your Skype telephony traffic, but will only allow you to tunnel connections to the Skype servers through TOR. As such, your peer-to-peer traffic will not be anonymized, and even your telephony traffic to the skype servers may be unencrypted. You just fake your IP address towards the skype authentication server, that's all.
> ----------------------
> I do not understand this paragraph.  Doesn't "tunnel connections ... through TOR" mean encrypting the traffic, whether voice or text?

The problem is that Skype uses either UDP or TCP, depending on the
situation. If it chooses TCP, Freecap will intercept it and send it
through Tor, and for that traffic you'll get anonymity as well as
encryption up to the point where it reaches the first Skype hop --
after that you have to rely on whatever encryption Skype gives you (and
as Enigma pointed out, there are some cases where Skype gives you none).

> If I send a text message in skype through tor, is it or is it not encrypted by tor?

Yes, if it goes through Tor, then it is encrypted by Tor, up to the point
where it reaches the first Skype hop. After that, it's up to Skype to
protect it.

But if it doesn't go through Tor (for example, Skype choses to use UDP),
then Tor isn't anywhere in the picture.

> If I make a skype call through tor, is the voice traffic encrypted by tor?

Same answer as above.

> Finally, please tell me how to configure skype to use tor -- I have confidence in tor's protective power :-)

Step one would be to force Skype to use TCP only. I'm not sure how to do
this; one option would be to firewall yourself so only the Tor process
can send outbound traffic (don't ask me how to do that in Windows, it's
probably really hard), and I hear Skype is smart enough to keep trying
until it finds something that works.

I should also note that Tor is going to make you a very sad Skype voice
user, since it'll add both latency and jitter. But maybe Skype text is ok.

(I personally don't use Skype, because I don't know what the heck it
does. But for Windows users, I guess that's par for the course. YMMV.)

Good luck,
--Roger

Follow-Ups:
- Re: blog about tor and skype
  - From: Enigma
- Re: blog about tor and skype
  - From: Juliusz Chroboczek
- Re: blog about tor and skype
  - From: Roger Dingledine

References:
- blog about tor and skype
  - From: sy16

Prev by Author: Re: pop3 and smtp over ssl [was: ssh]
Next by Author: Re: blog about tor and skype
Previous by thread: Re: blog about tor and skype
Next by thread: Re: blog about tor and skype
Index(es):
- Author
- Thread