[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: windows tor



On Wed, Aug 12, 2009 at 10:23 PM, Peter<necedemalis@xxxxxxxxx> wrote:
> I'm not complaining about it, I'm just saying, if you want widespread
> adoption, a kernel driver is the way to go.  And moreover, a kernel
> driver is easier to write and support than a VM.

hi Peter,

there are various reasons for the design decision chosen; a kernel
driver would certainly be useful for non-ethernet Windows clients who
want a transparent Tor proxy.

the advantages of a VM hosting Tor and performing the transparent
redirection is that the Windows TCP/IP stack is bypassed entirely,
avoiding issues with non-paged pool socket buffer resources and many
socket file descriptors/handles.

it is also simpler to write and maintain a Qemu based transparent Tor
proxy virtual machine using existing WinPCAP features for the bridged
network mode and having Windows route through this VM. a kernel driver
to do this would require an intermediate layer driver with hooks into
all of the various L3/L4 protocols and winsock2 / firewall
capabilities (to do securely / properly).

long term it would be great to have a well supported intermediate
layer transparent Tor proxy interface that works on win2k through
win7, however, this is simply too much an effort for the limited
resources available. if you're willing to help with such an effort
that would be great but it sounds like you're already overloaded.

in any case, this solves just one part of the Tor puzzle. you really
do need Firefox and Torbutton to use Tor properly. see
https://www.torproject.org/torbutton/design/ for all the details. a
transparent proxy mode may protect against IP disclosure side channels
but there are still many other privacy risks worth protecting against.

best regards,