[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] TorBirdy seems to connect to the same exit node again and again
>If this is the concern that request to check.torproject.org might
>compromise security, this is the clear indication that TorBirdy/TBB
>aren't adequate for the requirements. Clearly, such people should
>to VM isolation, and there is no need to ever go to
>from there, and there is no risk even if one does.
Good point. It's true, there's no such thing as enough security if the
consequence is high. To be fair though PT-design has come a long way
from the classical bridge. It's not uncommon to attempt to evade
detection by obfuscation of the protocol at the bridge itself. A
properly configured VM would provide a benefit here. What's to stop a
whistleblower from carrying around a custom TBB/TorBirdy instance that
uses unpublished bridges (hosted by some friendly nation)? No more
than carrying around a properly configured VM or live boot of Tails.
I'm just saying *if* a patch were to propose making the 'test proxy'
option more accessible it would (likely) be shot down. The only
reasonably sane way to do so would be to include an actual proxy test
that links to the optional ip check. For consistency, if nothing else.
As long as the proxy test succeeds I can't imagine why the ip check
would be needed except maybe for debugging.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to