[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] DNS and DNSSec Questions

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] DNS and DNSSec Questions
From: <proper@xxxxxxxxxxxxxxx>
Date: Thu, 31 May 2012 00:30:17 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 30 May 2012 18:30:34 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=secure-mail.biz; s=default; t=1338417018; bh=x4xhlNipHA2UbUML0qqhoZtPYwUBCqDCXme+mh2bIjg=; l=5188; h=Date:MIME-Version:Message-ID:From:Subject:Reply-To:To:In-Reply-To: References:Content-Type:Content-Transfer-Encoding; b=RG7XjnKPtgvoCTWUKf53gf/e5E62+OuH87a4A7NfTFqF6eXPE32pqx+Uft8Ziv5WY eiuG/U9laYF7ccbyh4zhsZYUC/ifTXJ/PwQcZp3znNZtENr2j6INjYKbd7rJDPGnjV 2iPwEyErX7he/h/i3KiOUR4NcRKYHto/2fCjNR8I=
In-reply-to: <1338384914.9702.YahooMailNeo@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1338384914.9702.YahooMailNeo@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

> Hello, I have recently started using TOR and would like to understand and
> clarify some doubts:
>
>
>
> My DNS doubts:
>
> 1) If I use Norton ConnectSafe for Home (the cloud-based DNS Web filtering
> service); am I risking i) to loose my anonymity (i.e my IP, etc.) and/or
> ii) to be totally susceptible for my internet/Jitsi trafficto be captured
> and tracked by any attacker?
>
> 2)Â If I useOpenDNS Parental Control Solutions such as OPEN DNS Premium DNS
> or OPEN DNS Home; am I risking i) to loose my anonymity (i.e my IP, etc.)
> and/or ii) to be totally susceptible for my internet/Jitsi trafficto be captured
> and tracked by any attacker (Norton, my local network administrator, or any
> government)?
>
> 3) If I use alternatively theOPEN DNS DNSCryptfor Windows, (combined or not
> with 1 or any of 2); am I risking i) to loose my anonymity (i.e
> my IP, etc.) and/or ii) to be totally susceptible for my internet/Jitsi
>
> trafficto be captured and tracked by any attacker (Norton, my local network
> administrator, or any government)?

I know OpenDNS and DNSCrypt, but I haven't used the other products.

However, I don't see how they are related to your Tor use?

When you use the Tor Browser Bundle, all your DNS requests will be done over Tor, the Tor exit will do the DNS resolution for you. You really shouldn't mess with that.

If you use any of these products, they *should* (have only experience with OpenDNS) not touch your Tor DNS, unless they are doing some really fancy stuff. You can use such products, if you really must, they *should* only tamper with your non-Tor connections.

> 4) If I run TBBundle together with a Non-TOR say Chrome session, and a Non-TOR
> 'Forex application' session (i.e Metatrader or Saxobank); am I risking i)
> to loose my anonymity (i.e my IP, etc.) and/or ii) to be totally susceptible
> for my internet/Jitsi trafficto be captured and tracked by any attacker (Norton,
> my local network administrator, or any government)?

No, I've never heard any of these, but wait if others disagree with me. Tor and non-Tor traffic traffic, at the same time, is expected. People have their automatic updaters, instant messengers or even Firefox running next to the Tor Browser Bundle.

Of course, you can get more security by isolating machines. One machine/internet connection exclusively for Tor use and one exclusively for non-Tor use offers some advantages, but that's not expected.

>
> I would like to mention that yesterday I received a note by help@xxxxxxxxxxxxxxxxx
>  saying thatI CAN use TBB alongside a Non-Tor session say in Chrome, if I
> keep them separate I would not loose anonymity. I feel this is
> totally wrong since my IP would be well established, and also my using of
> TOR. Hence, an attacker can 'own' me easily.

I don't see why it were easily. Did you read [1]?

> 5) I would like to configure to be a relay though I saw in the Network Map
> that the people "relaying" were shown with their IP address and
>
> platforms detailed. IsnÂt this dangerous, I mean, doesn't a person
> giving relay (obviously a Tor user) loose its anonymity by publishing
> his IP?

Being a relay, doesn't prove, you are a Tor user. For example there are Tor servers in the amazon cloud and it's unlikely, the the owner uses the same server as a client.

Please read [2].

Tor does not hide the fact, that you are a Tor user. You can do this to some extend, if you are using bridges, or better private bridges, or even better private obfuscated bridges.

Tor concept for providing anonymity is different, in the set of all Tor users, you look equal. If you were the only user, you were indeed not anonymous, but that's not the case. Perhaps [3] is useful as well.

I read, dunno if it's still valid, I don't find the link, being an relay (or was it an exit?), can also enhance your anonymity, since there is no prove, that it was you, who caused the traffic. There are also some drawback, see [4].

If you scare being a public relay for that reason, please consider hosting a private obfuscated bridge. It's published nowhere, is needed and you decide, whom you give access.

> 6) Finally, would you recommend www.hushmail.com as a webmail service that
> respect -quite as Tor.org- our user anonymity?

No. They make promises, which they can not held. Research them, you will find negative things. Their encryption is bogus, since the server has the ability to break it. Rather use GPG, which is well designed, since not even the authors can break the encryption.

>
> Well, my apologies for the long questionnaire....I thank you all very much
> in advance for your "liberation" drive.

Thanks for hosting a relay or bridge.

[1] https://www.torproject.org/docs/faq.html.en#Torisdifferent
[2] https://www.torproject.org/docs/faq.html.en#HideExits
[3] https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#YoushouldusesteganographytohideTortraffic.
[4] https://blog.torproject.org/blog/risks-serving-whenever-you-surf

______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] DNS and DNSSec Questions
  - From: Pasan tus cosas, siempre.

Prev by Author: Re: [tor-talk] email over Tor / anonymity sets vs. source IPs (was: Torbutton-birdy version 0.0.2)
Next by Author: Re: [tor-talk] How to Control middle Nodes?
Previous by thread: Re: [tor-talk] DNS and DNSSec Questions
Next by thread: [tor-talk] Tor Hidden Service: Non-Existing vs Non-Rechable
Index(es):
- Author
- Thread