[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)

On 07/05/2010 03:07 PM, coderman wrote:
> On Sun, Jul 4, 2010 at 3:17 PM, coderman <coderman@xxxxxxxxx> wrote:
>> ...
>> a better wording:
>> "... ultimately, any application that uses DNS or UDP may compromise
>> your anonymity."
> i should mention that the Tor Browser Bundle when used as directed has
> been and continues to be most resilient to these attacks. while this
> is a very limited environment (no plug-ins, flash, java, etc.) these
> limitations are a feature ensuring your protection.

I think that the TBB could use one and only one major enhancement: a DNS
proxy that is used by all of the applications that ship with it.

> when you start using arbitrary applications or plug-ins with Tor or
> any other anonymity service you open yourself up to great risk as
> described here for DNS, not to mention other side channels avenues
> using TCP directly.

I agree. I think that this is inspiring me to work on torwall a little
more next week...

All the best,
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/