[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: "Practical onion hacking: finding the real address of Tor clients"

To: or-talk@xxxxxxxxxxxxx
Subject: Re: "Practical onion hacking: finding the real address of Tor clients"
From: Paul Syverson <syverson@xxxxxxxxxxxxxxxx>
Date: Fri, 20 Oct 2006 19:12:58 -0400
Cc: Paul Syverson <syverson@xxxxxxxxxxxxxxxx>
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Fri, 20 Oct 2006 19:13:07 -0400
In-reply-to: <20061020224945.GB13617@moria.seul.org>
References: <4535B995.8010304@appelbaum.net> <1161248804.28290.2514.camel@localhost.localdomain> <20061020155340.6c206ba6@localhost> <200610201949.50498.robert@roberthogan.net> <20061020201603.GE14861@itd.nrl.navy.mil> <4ef5fec60610201531q7fcd11a2o3677fb166ff7517@mail.gmail.com> <20061020224945.GB13617@moria.seul.org>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.2.1i

On Fri, Oct 20, 2006 at 06:49:45PM -0400, Roger Dingledine wrote:
> On Fri, Oct 20, 2006 at 03:31:22PM -0700, coderman wrote:
> > i'm fond of the transparent proxy router approach we've used to try
> > and fail safe for most protocols (at least with respect to the DNS
> > leaks and covert TCP connections via Java/Flash/etc).[1]
> [snip]
> > it would be nice to have a detailed proxy checker available that looks
> > at these Java/Flash/RealPlayer/etc holes.  right now there are a
> > handful of common http proxy checkers but these look for headers and
> > IP at best.
> 

Expanding what I was suggesting in my previous message, which I know
is just one little piece of the pie, is that when you run the
installer wizard for your favorite OS. Part of it is to run a
configuration check.  This causes you to connect to a snoop server
that identifies you every which way it can think of both within and by
bypassing the anonymized circuit, maybe compares to info from an
unanonymized connection from you. There should then be
warnings/suggestions/links/more-wizard-dialogues/etc for things to do
if you come up found. I think there are already servers out there that
do a moderate job at this, and there are at least a few people I can
think of to suggest other things to do (who no doubt have plenty of
time to do this ;>). There can also be a link from the Tor
home page for general use, and/or for periodic rechecking, etc.

Gotta go,
Paul
-- 
Paul Syverson                              ()  ascii ribbon campaign  
Contact info at http://www.syverson.org/   /\  against html e-mail

References:
- "Practical onion hacking: finding the real address of Tor clients"
  - From: Jacob Appelbaum
- Re: "Practical onion hacking: finding the real address of Tor clients"
  - From: George Shaffer
- Re: "Practical onion hacking: finding the real address of Tor clients"
  - From: Fabian Keil
- Re: "Practical onion hacking: finding the real address of Tor clients"
  - From: Robert Hogan
- Re: "Practical onion hacking: finding the real address of Tor clients"
  - From: Paul Syverson
- Re: "Practical onion hacking: finding the real address of Tor clients"
  - From: coderman
- Re: "Practical onion hacking: finding the real address of Tor clients"
  - From: Roger Dingledine

Prev by Author: Re: "Practical onion hacking: finding the real address of Tor clients"
Next by Author: Re: "Practical onion hacking: finding the real address of Tor clients"
Previous by thread: Re: "Practical onion hacking: finding the real address of Tor clients"
Next by thread: Re: "Practical onion hacking: finding the real address of Tor clients"
Index(es):
- Author
- Thread