[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal: Integration of BridgeFinder and BridgeFinderHelper (on-disk Data protection)



On 3/27/12 12:09 PM, Robert Ransom wrote:
> It's not a typo.  Those BridgeFinderHelpers MUST NOT be installed
> unless the user has explicitly permitted that they be installed.  Even
> if the user has explicitly permitted that a BridgeFinderHelper be
> installed and write data to disk, it SHOULD NOT write data to disk if
> that is not absolutely necessary.

It arise to my mind the idea discussed to provide a Tor HS Data support
with some specific level of protection in the hands of the Tor operator:

http://www.mail-archive.com/tor-dev@xxxxxxxxxxxxxxxxxxxx/msg00855.html

It was an idea to protect Tor HS but it may be extended as a general
concept for *ALL* tor related data.

Fitting everything into sqlite database protected with sqlcipher (or
other methods) that ask the user for a password, would probably mitigate
this issue and a lot of other ones that are under the hood.

-naif
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev