[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: torcheck failing in reality
On Wed, 18 Aug 2010 17:57:59 +0000 Marcus Griep <tormaster@xxxxxxx>
wrote:
>> I guess check.torproject.org (btw: you should allways use the
>https
>> version of it) just compairs your source IP with the list of
>exit-
>> nodes (what else should it be doing?).
>>
>
>Might this be an instance where good, always working exit
>enclaving might be
>of significance?
I also thought about this, but this might result in 'false-
negatives' (the check tells you your are not using tor even if you
do) in the following scenario:
- you are using tor and check.torproject.org is (hypothetically)
running as exit enclave
- the check is (hypothetically) just matching against 127.0.0.1
(localhost = tor user, other = non-tor user)
- it might be the case that you are reaching check.t.o over the tor
network and the check tells you, that you are not using tor,
because you used another exit node instead of check.t.o itself
According to [1] this is case if your client has not yet fetched
the node descriptor of check.t.o and is therefore using another
exit node instead of using check.t.o
[1] http://archives.seul.org/or/talk/Aug-2010/msg00065.html
The other question would be:
Is it a problem that check.t.o tells you that you are using tor
even if you don't? (in the case that your source IP address is also
used by an exit node)
If you follow the 'official' recommendations to not mix your
traffic with that of an exit node (even if this is very attracting)
[2] this 'problem' will never arise.
[2] https://blog.torproject.org/blog/tips-running-exit-node-minimal-
harassment
There might be scenarios where you are behind a NAT device and you
do not even know that someone else is running a tor exit using the
same official IP address.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/