[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor server using Vista?


I agree with Steve.

I recommend running tor server on Vista, so that You can report bugs to the developers.

About security:

Ringo thinks running Tor on Windows is a security risk because of backdoors. But every OS has bugs, including linux, unix, bsd, mac OS. And probably almost every program running on any OS isn't programmed in an optimal way, and probably a majority contains bugs. There is no perfect program, and there is no perfect OS. Ask any engineer/programmer you know, and he will confirm this.

When running Tor+Vidalia+Privoxy on Vista, the biggest security risk will probably be one of these three programs, rather than Vista itself. Tor+Vidalia+Privoxy will probably contain bugs that create security risks on your computer. So in my opinion, you should only run a Tor server on a Vista computer without important documents.

I wouldn't myself run a Tor server on a computer that I use to access banks, or a computer where I store my digital pictures, work/school documents, and other important things. I run my server on a computer only used for unimportant programs that don't need a secure environment. If a hacker would format the hard drive, or delete files it wouldn't matter much. (I have a backup of everything of any importance on my server, but 99% is of low importance.)

Others run a Tor server on a dedicated server. This is of course the best solution, but not a very effective use of a computer's resources. When running a dedicated Tor server you have the possibility to run a very secure OS, like a minimalistic ultra secure version of linux or bsd. So the only reason to run a dedicated Tor server on Vista is for testing purposes.

If you want to run a Tor server on a PC that contain your digital pictures and other important things, make backups often. If you use your computer to access your bank(s) don't run: a Tor server, file sharing program, web-server, ftp-server, or other server programs that are accessible from the outside. Those programs are probably a bigger security risk than Windows itself, as Microsoft almost weekly update their security problems through windows updates.


Steve Crook skrev:
On Fri, Jan 04, 2008 at 07:23:38AM -0500, Ringo Kamens wrote:
   This is certainly not adviseable because of the lack of security built
   into windows and the possible backdoors.

Anonymity systems like Tor are designed to be resistant to bad nodes,
even when the operator of the node is a bad guy.  Working on this
premise, how can the security weakness of Windows be sufficient
justification for not running a Tor node on it?  Certainly some degree
of caution and careful monitoring would be advisable but this holds true
when opening any public service.

Running a Tor server on Vista seems like a very good idea, if only to
provide the developers with feedback on how well it works.