[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Designing a secure "Tor box" for safe web browsing?

> I should also mention here that I never got an answer
> on this list
> about whether Tor is actually designed to withstand active attacks
> from within the client. It could be that running everything inside a
> VM doesn't
> even help against discovering the externally exposed IP of
> an exploited VM
> guest by some kind of active network probing attack.

Did you ever open a new topic devoted to that topic? If you ask that questions inside another topic it is less likely to get answered. Alternatively you can search the trac, and if it doesn't exist, you can request it as enhancement and see, if they answer "should be already implemented", "not supported", "don't know" or whatever else the answer may be.

Anyway, for this kind of attack, the attacker capabilities (passive/active access to ISPs) are important. Even a single ISP is a risk. The ISP could stop or throttle the web server for
a while and then use it's connection at it's maximum. If he can passively view all the traffic and either the guard node or user is inside the observed network, he can find out something.

Let's look at at a regular cracking kiddy. They can use metasploit and exploit the outdated/flawed server software behind a hidden service. Or even write it's own exploit. If that are all of the attacker's capabilities, then the Tor user is still safe. From there he would still have to exploit Tor. Or alternative, from start, he could also simply ignore all the VM/server software and directly exploit which Tor. Tor inside another system is safer, depending on the thread model.

For an adversary controlled machine, which can only exit traffic through Tor, if Tor can withstand or not, I don't know anyone who has ever researched that yet. After all only a minority uses the "Tor box" approach.


powered by Secure-Mail.biz - anonymous and secure e-mail accounts.

tor-talk mailing list