[tor-talk] risk of relay exploit

[starlight@xxxxxxxxxxx]

Hello,

Can anyone comment on the pros and cons of running
a separate client-only 'tor' instance for local
browsing while maintaining an independent instance
configure as a relay?

My thought is that if high-resource adversary
exploits/subverts the relay code and inserts
a trojan/parasite, they would be in a position
to monitor unencrypted traffic on the SOCKS port.

Is the probability of exploit significantly
reduced for instances that do not accept relay
connections?  If so then keeping local browsing in
a non-relay client would seem to be more secure
since I understand that remote relays see only
encrypted traffic.

Thanks

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk