[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Any risks with another application using Tor's SOCKS 5 interface?



On 04.12.2013 18:57, James Marshall wrote:
> Is there any risk with another local application using Tor's SOCKS 5
> interface?  I heard a vague comment that it wasn't recommended, but I
> haven't heard exactly what the risks are, if any.

Using a regular browser opens you to a lot of deanonymization attacks
that Tor Browser does not. Read
https://www.torproject.org/projects/torbrowser/design/ for more details.

> This is for CGIProxy, which can use SOCKS 5 to provide a clientless
> front-end to the Tor network (clientless in the sense that it doesn't
> require an installation on the browsing machine).  This could significantly
> increase the potential user base of Tor, since many users can't or don't
> want to install anything on their browsing machine.

You don't have to "install" Tor Browser, just extract to any directory
you have write permission for. This can be a USB stick, or the home
directory, or, if you can boot from a separate disk, Tails. So, everyone
"can" install Tor Browser.

With CGIProxy, you have to trust the operator of the cgi proxy, because
it sees all traffic.

-- 
Moritz Bartl
https://www.torservers.net/
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk