[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Tor Router
There are many similar projects that are "Tor routers". Many of the
projects floating around Github and the like are produced by amateurs
with little understanding of the requisite conditions and safe
configurations, and as a result, they are remarkably poorly configured.
Nonetheless, even if a project is evaluated to be correctly configured,
it's often a bad idea to use it, and as a result, these should not be
relied on for anonymity unless you know what you are doing.
Firstly, the programs on your computer are likely not going to be
correctly configured (1) to use Tor in a manner that does not leak
metadata and securely transfer information and (2) to practice good
Why's the first point important? Well, your email client, for instance,
might append certain types of metadata to the headers of sent mail, or
might send your password insecurely, or in a manner that makes it
trivial for a bad exit node to recover this password, for example, the
problems with STARTTLS, a common protocol designed for securely
communicating with the mail provider, is known to be broken such that a
bad exit can downgrade the connection to plaintext:
https://blog.filippo.io/the-sad-state-of-smtp-encryption/. Other parts
of your operating system might inappropriately be sending data that is
unnecessary, or even dangerous such that it could compromise anonymity.
The second point is also very important. Tor Browser practices stream
isolation between tabs (for new connections etc) and other programs
correctly configured do this too, like the parcimonie.sh script. If
stream isolation is not practiced, different programs may share the same
tor circuit, which is a great risk.
In light of this, I'd argue that journalists (and ordinary citizens!)
should just use Tails, which chooses and configures programs to use Tor
safely. For instance, it makes use of the TorBirdy extension for
Thunderbird, which configures Thunderbird to have safer settings for
sending mail over Tor. It will also do the same for other programs, but
you should be aware installing extra software is dangerous in some
cases. It also runs live, on a USB drive for instance, which makes it
suitable for traveling.
Hi Tor Community,
I remember some time last year there was talk about a router for
journalists to bring with them when they went abroad.
It was really simple. I don't remember what it was called, netaid
Does anyone here know? Whats the progress of that project?
Is it safe to use? Also where can I find it online?
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to