[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Proposal: Integration of BridgeFinder and BridgeFinderHelper (on-disk Data protection)
On 3/27/12 12:09 PM, Robert Ransom wrote:
> It's not a typo. Those BridgeFinderHelpers MUST NOT be installed
> unless the user has explicitly permitted that they be installed. Even
> if the user has explicitly permitted that a BridgeFinderHelper be
> installed and write data to disk, it SHOULD NOT write data to disk if
> that is not absolutely necessary.
It arise to my mind the idea discussed to provide a Tor HS Data support
with some specific level of protection in the hands of the Tor operator:
http://www.mail-archive.com/tor-dev@xxxxxxxxxxxxxxxxxxxx/msg00855.html
It was an idea to protect Tor HS but it may be extended as a general
concept for *ALL* tor related data.
Fitting everything into sqlite database protected with sqlcipher (or
other methods) that ask the user for a password, would probably mitigate
this issue and a lot of other ones that are under the hood.
-naif
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev