On Thu, 2014-10-30 at 10:02 -0400, Tyler Hardin wrote: > I'm sitting here with my computer using my phone's internet via USB > tethering and have Orbot on my phone and TBB on my computer. If I set Orbot > to tunnel all tethered traffic through Tor and then open up TBB, am I > really running Tor over Tor? > > If so, has anyone ever thought about the pros/cons of this? Obviously, it's > exponentially more inefficient. But is it any more secure? I have done it accidentally with a misconfigured transparent proxy that sent its own Tor traffic to its own transparent proxying port. It worked, though a bit slower (as expected). I don't think it would be any more secure. The most serious publically known attacks against the anonymity of Tor users (browser bugs etc notwithstanding) are correlation attacks where the attacker compare traffic at the client end with traffic at exit nodes and see if it looks similar in timing and data sizes. A six-relay circuit (which is what you get when running Tor over Tor) doesn't change that at all. An attack where the traffic is actually traced all the way through the Tor relays would be harder, but those are probably not the attacks we should be worrying about in the first place. And a longer circuit may make it more likely that an attacker can correlate traffic _inside_ the circuit as well. --ll
Attachment:
signature.asc
Description: This is a digitally signed message part
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk