[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] corridor, a Tor traffic whitelisting gateway
-----BEGIN PGP SIGNED MESSAGE-----
this is an interesting concept.
Do you know Whonix ? (Full disclosure: I am a maintainer of
Whonix.) It is an Isolating Proxy  with an additional Transparent
Proxy  (Anonymizing Middlebox), which can be optionally disabled.
> # corridor, a Tor traffic whitelisting gateway
> There are several transparently torifying gateways. They suffer
> from the same problems:
> - It's tricky to isolate circuits and issue NEWNYM signals,
> especially if multiple client computers are involved. - Any garbage
> software can pump identifiers into "anonymous" circuits, and get
> itself exploited by malicious exit nodes. - Trust is centralized to
> the gateway, which is bad enough when used by one person, and just
> inappropriate when shared with strangers.
> **corridor takes a different approach. It allows only connections
> to Tor relays to pass through (no clearnet leaks!), but client
> computers are themselves responsible for torifying their own
What's the threat model here? As I understand, it's ensuring stream
isolation for one workstation while another workstation is
compromised. Please correct me, if I am wrong.
In comparison, Whonix's threat model is that applications running on
the workstation are not to be trusted. Even malware on the workstation
with root rights shouldn't be able to find out the user's real
external IP address.
With corridor, the workstations are allowed to contact any Tor relay,
The problem is, anyone, including adversaries can run Tor relays.
Since the corridor gateway will allow the workstation to connect to
any Tor relay, an adversary "only" needs to set up it's own Tor relay
and once an application on the workstation (such as the browser) is
compromised, can find out the client's real external IP address.
I am wondering if the advantages of corridor and Whonix can be
combined. Without running Tor over Tor, which is recommended against. 
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to