Re: [tor-talk] transparent tor routers

[Rob van der Hoeven <robvanderhoeven@xxxxxxxx>]

On Mon, 2016-01-18 at 10:15 +0100, coderman wrote:
> On 1/18/16, Christian StÃveken <christian@xxxxxxxxxxxxx> wrote:
> > ...
> > I was talking to one of the tor developers at the Wauholland place the
> > last day @32C3 about his opinion on transparent tor wlan boxes like
> > anonabox or invinzbox and others.
> 
> a recurrent theme. past discussion threads:
> 
> 1. "[tor-dev] design for a Tor router without anonymity compromises"
>   https://lists.torproject.org/pipermail/tor-dev/2015-May/008766.html
> 
> 2. "[tor-relays] Anonbox Project - Mike Perry"
>   https://lists.torproject.org/pipermail/tor-relays/2014-October/005541.html
> 
> 3. "[tor-relays] Anonbox Project - Roger Dingledine"
>   https://lists.torproject.org/pipermail/tor-relays/2014-October/005544.html
> 
> 4. "[tor-talk] Cloak Tor Router"
>   https://lists.torproject.org/pipermail/tor-talk/2014-November/035436.html
> 

The arguments made by Mike and Roger are about users that *need* the
best anonymity. For these users Tor browser and Tails are the safest
options.

The Tor network gives users IP address anonymity but does not
de-anonymise application data that is send over the Tor network. For
some (most?) users this is OK because:

A) The traffic from the exit node they use cannot be monitored by a
party that can harm them because: the adversary has no way to intercept
the traffic from the exit node to the destination, or the connection to
the destination is encrypted (SSL). 

B) They use Tor to escape censorship. These users use Tor as a simple
proxy.

I think a large group of (potential) users would benefit from Tor router
hardware. But as always they must be well informed about what anonymity
protection they can expect from a hardware solution. 

Hardware offering Tor routing is becoming very cheap and I think it's
time to reexamine what we can do with it. 

If you want to play, here is some hardware I recently bought that can
run Tor firmware:

http://www.amazon.com/GL-AR150-router-150Mbps-OpenWrt-Pre-installed/dp/B015CYDVG8/

This $25 router does not have Tor firmware by default. You can download
the Tor firmware from:

http://www.gl-inet.com/new-tor-firmware-for-gl-ar150-and-gl-inet6416/

> i still prefer the "Tor enforcing privacy router" approach instead.
> then the router can act as a fail-safe for Tor instances running on
> the client.
> 

Maybe you like my virtual Tor environment. It transparently routes all
TCP and DNS traffic trough the Tor network (guaranteed no leaks).
Currently in alpha and for Linux only (tested on Debian Wheezy)

https://hoevenstein.nl/another-virtual-network-environment

Regards,
Rob.

https://hoevenstein.nl


-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk