[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] VPN/TOR Router



On 2015-02-02 11:06, Seth David Schoen wrote:
spencerone@xxxxxxxxxxxxxxx writes:

Hey :)

I have been looking at a physical product by Cryptographi called the
'SnoopSafe Encrypted VPN/TOR Router'[0].

Does this work?  Is this safe?

[0] http://cryptographi.com/products/snoopsafe
There have been a number of discussions on this mailing list before
about standalone Tor routers.  The usual consensus is that using a
separate router together with regular Internet applications is risky,
because the applications don't know that they shouldn't behave in
certain ways.  For example, the applications might mention your real IP
address in the course of some protocol, or they might send or allow to
be sent a persistent cookie, which might eventually be sent over both a
Torified and a non-Torified connection.

It occurs to me that such a computer wouldn't *know* your real IP to share, it would only see it's local IP, and the only IP it would learn as an external IP is that of the Tor exit node.

However, the other anonymity related concerns would definitely apply. Things like browser identification, cookies and other data that are used within Tor and outside of Tor and similar would be huge problems. If your goal is to be anonymous, this is obviously a major problem, but not everyone needs anonymity, sometimes it's desirable and sufficient to encrypt and protect your traffic from the first hop. In this type of environment, implementing Tor at the network level would have a number of advantages, including reducing the odds of certain types of leakage while still allowing many/most applications to function without further configuration.

While I wouldn't necessarily suggest using Tor at the router level for all users, for at least some use cases, it probably makes a lot of sense to consider this as an option.

--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren


--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk