[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How can I trust all my Tor nodes in path

Ringo Kamens wrote:
> Linux is very tor friendly. If you are a linux noob I suggest ubuntu. I
> oppose the idea of a tor police force for several reasons:
> 1. Lie detectors don´t work
> 2. It is no better than the opressive governments tor tries to circumvent
> 3. It would take too much work.
> I do appreciate the effort to find a solution. Perhaps there is a way
> that tor clients to calculate a checksum of the server files?
> Ringo Kamens
Nope. At the very best case a VM could run tor halting on every
instruction, and logging the relevant parts of memory. Tor would be
unable to tell. That's why someone came up with Trusted Computing. But
that has enough evil uses to make its implementation a bad idea.
> On 12/2/06, *Total Privacy* <nosnoops@xxxxxxxxxxx
> <mailto:nosnoops@xxxxxxxxxxx>> wrote:
>     "Tim Warren" <tewarren@xxxxxxxxx <mailto:tewarren@xxxxxxxxx>> said:
>     > Maybe you could answer a question for me. Should I NOT login in to
>     > a site, such as a bank, when using Tor? Or do I need to make sure
>     > it is https:?
>     >
>     > Appreciate any clarification.
>     >
>     > Thanks,
>     I´ll put it this way, if you are registered as your real identity
>     on your bank (and not going to hack somebody else´s account), then
>     just log in by https directly from your machine/ISP. No need for
>     hiding by using Tor.
>     Then about malicious nodes. Since the Tor is be open source, it
>     gotta be decompilable reversing ingengeering to whatever anybody
>     want with it, such as example tap out data in between itself or
>     log what in is what out to middle node and so on. If not, why not?
>     A soution could be to set up a private "Tor police force" and let
>     everyone that want to be accepted as a part of the system, sign
>     a legally deal to let this international Tor police force (how
>     about the name TPF or ITPF or TIPF) at any moment without warning
>     run in to every Tor computer node/router room and get full access
>     to everything in it. Of course the members of such "police force"
>     should be hand picked by comprehensive test (lying detectors and
>     lot of advanced stuff) to be legitimated. Every aproved Tor node
>     runner should then be very happy to be granted vit such visit of
>     the Tor International Police Force, because if they not find a
>     compromised, modified, malicious Tor software, You´r clean!
>     BTW, now I´ve also received a maybe fishing from "Hokata Japan Ltd"
>     about some business and money transactions. Funny or not, the IP
>     was from Italy!
>     At last, I´m considerating to switch from Windows to Unix (Linux)
>     and hope it is user friendly with Tor. Anybody knows about it?
>     --
>     http://www.fastmail.fm <http://www.fastmail.fm> - Does exactly what
>     it says on the tin

They who would give up essential Liberty to purchase a little temporary
Safety, deserve neither Liberty or Safety
--Benjamin Franklin

Attachment: signature.asc
Description: OpenPGP digital signature