[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)

To: or-talk@xxxxxxxxxxxxx
Subject: Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
From: Jacob Appelbaum <jacob@xxxxxxxxxxxxx>
Date: Mon, 05 Jul 2010 18:51:10 -0700
Cc: coderman <coderman@xxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 05 Jul 2010 22:54:04 -0400
In-reply-to: <AANLkTinwFRw3Nsi6S7Gi2wGm7rc86RlFmQOFOn-uEgUZ@xxxxxxxxxxxxxx>
Openpgp: id=E012B42D; url=http://www.appelbaum.net/gpg.asc
References: <4C2E8F27.1050304@xxxxxxxxxxxxx> <AANLkTiltDrcD1pB7LdyLjMirRuXi3Pbz68Mhq3kueD8t@xxxxxxxxxxxxxx> <AANLkTinwFRw3Nsi6S7Gi2wGm7rc86RlFmQOFOn-uEgUZ@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: mutt

On 07/05/2010 03:07 PM, coderman wrote:
> On Sun, Jul 4, 2010 at 3:17 PM, coderman <coderman@xxxxxxxxx> wrote:
>> ...
>> a better wording:
>>
>> "... ultimately, any application that uses DNS or UDP may compromise
>> your anonymity."
> 
> i should mention that the Tor Browser Bundle when used as directed has
> been and continues to be most resilient to these attacks. while this
> is a very limited environment (no plug-ins, flash, java, etc.) these
> limitations are a feature ensuring your protection.
> 

I think that the TBB could use one and only one major enhancement: a DNS
proxy that is used by all of the applications that ship with it.

> when you start using arbitrary applications or plug-ins with Tor or
> any other anonymity service you open yourself up to great risk as
> described here for DNS, not to mention other side channels avenues
> using TCP directly.

I agree. I think that this is inspiring me to work on torwall a little
more next week...

All the best,
Jake
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

References:
- The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
  - From: Jacob Appelbaum
- Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
  - From: coderman
- Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
  - From: coderman

Prev by Author: Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
Next by Author: Problem with the TB automatically usage of an alternative search engine
Previous by thread: Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
Next by thread: Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
Index(es):
- Author
- Thread