[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Building tracking system to nab Tor pedophiles




I've seen a VM that routes all traffic over TOR, invisibly to the O/S. (Not sure what they do about UDP).
Developed at Georgia Tech.



On Wed, Mar 07, 2007 at 12:56:22AM -0500, James Muir wrote:
 > http://blogs.zdnet.com/security/?p=114

 The approaches suggested won't work if you use Firefox with NoScript set
 to disable JavaScript, Java, Flash and any other plugins.

You still have to be careful though -- if you enable them for some domains that you trust (say, foo.com), then you can still get nailed when you visit foo.com from an evil exit node, it inserts some malicious applets, and your noscript says "well yeah, but the user typed in foo.com, therefore this applet is from foo.com, so I trust it".

So the moral of the story appears to be turn the plugins off, period.
The broader moral is: don't run code from strangers on your computer. The
even broader moral would be to lament that we're still not using SSL on
most Internet interactions. And maybe the fourth is that we (somebody
here) should work on easy instructions for locking down common OS network
interfaces so only Tor communications can get through. Or Tor LiveCDs
that have that already done. Or VM images that can be run as routers
between your computer and the Internet.

--Roger