[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Thoughts on proxy setup wrt insecure connections

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Thoughts on proxy setup wrt insecure connections
From: thecarp <thecarp@xxxxxxxxx>
Date: Mon, 28 Feb 2011 16:32:49 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 28 Feb 2011 16:33:05 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=rPvGeF5juVpvR6ONUxPaaJXoNoqR5WaXTUpL1BgDyqY=; b=Uc+1GynrY0y3DRubUNLbZY/mF2pK1fLSx3ZWhWo+jCoS0jP+D4c+2ifZUpSXgXQ6Td QI0yHQGa5pkjb+5Gfc0/TD3u/mTMnDxsxqbH0QyaLpWjx7Y6Zj3ymmO8OV3nN7cRFsZT ho9YKcjAw3E3zzir5DoAezixwf4Q3W4l/Abvw=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=jRTOplPQqrHDcA1hkfIYj97e60dIlaLHU6v6TuFzxKZ/KkhM/lCWVxqZsaS95+FR4Q 9QdcwDcDy2uFnXWHT51LCE77oU73YXmJLrX4PukphjvmRjOXAUU8drQlTgw9U7RcWUCu kpA+7vwwUxSqab628nWpu8flP04wlXu2A9O/Y=
In-reply-to: <20110228123045.126721b1@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4D6BFF60.5070104@xxxxxxxxx> <20110228123045.126721b1@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.13) Gecko/20101208 Thunderbird/3.1.7

On 02/28/2011 03:30 PM, Robert Ransom wrote:
> On Mon, 28 Feb 2011 15:02:40 -0500
> thecarp <thecarp@xxxxxxxxx> wrote:
>
>> After the whole discussion about "gatereloaded" and "badexits" I was
>> thinking a bit about the discussion and wondering if there is a way to
>> add a bit more protection to people who are, well, newbs. As one article
>> pointed out:
>>
>> "many who use Tor mistakenly believe it is an end-to-end encryption
>> tool. As a result, they aren't taking the precautions they need to take
>> to protect their web activity. "
>>
>> This is a similar, but not exactly the same problem. Clearly blocking
>> all port 80 would be pretty harmful to a lot of use. However, for
>> protocols like pop3 or imap, the case for allowing them is clearly not
>> as strong, though, the case for banning them completely or requiring
>> exit nodes to carry both is... pretty dubious (especially given that
>> some people will run things on non-standard ports anyway).
> Connections to the plaintext POP3 and IMAP ports may be secured using
> the STARTTLS command.

I always forget about STARTTLS

You are absolutely right of course, and that applies to other protocols
as well.
>> So here is my thought, what do people think of a configuration item in
>> tor, setup to be "on" by default, which blocks attempts to go to certain
>> ports at the proxy level, but allows users to turn this "protection" off
>> if they wish to? Maybe make the list of blocked ports configurable.
> This enables attacks against users' anonymity -- for example, a web
> page at <http://evil-site.example.com:80/> could include
> <http://evil-site.example.com:110/foo.png> as an inline image to
> distinguish users who have configured their Tor client to allow
> connections to port 110 from those who have not.
>
The only hole I would shoot in that is that, as I mentioned, polipo is
already blocking access to many ports by default, and so this sort of
attack is already possible for some of those ports. Actually that makes
a good case for not running anything on ports that polipo blocks by
default, since any change there could be detected so easily. I never
thought of that.

Good anonymity really is a much harder problem than it would seem. It
really is amazing the number of ways it can fail.... and in such simple
ways.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Thoughts on proxy setup wrt insecure connections
  - From: Joe Btfsplk

References:
- [tor-talk] Thoughts on proxy setup wrt insecure connections
  - From: thecarp
- Re: [tor-talk] Thoughts on proxy setup wrt insecure connections
  - From: Robert Ransom

Prev by Author: [tor-talk] Thoughts on proxy setup wrt insecure connections
Next by Author: Re: Tor raid [was: "cease and desist" from my vps provider...]
Previous by thread: Re: [tor-talk] Thoughts on proxy setup wrt insecure connections
Next by thread: Re: [tor-talk] Thoughts on proxy setup wrt insecure connections
Index(es):
- Author
- Thread