[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Securing a Relay - chroot

On 05/27/2011 11:22 AM, CACook@xxxxxxxxxxxxxxx wrote:
On Friday 27 May, 2011 08:10:47 tagnaq wrote:
You do not mention the threats you worry about and assets you care
about (thread model + security requirements).

Yes that's because I don't know what threats there may be.


I am a
user, I don't have an MS in Computer Science.

Heh, I've known those who do who couldn't get as far as you have already.

 For example I don't
understand, "maps subnets and/or ports to inside. Separating traffic
into VLANs. In general having a lot more control of the hardware

Wikipedia has a great article on VLANs.

What good is this if users can't secure their own machine
Why set up a relay if my own machine could be

You are asking entirely valid questions that the entire data security industry also struggles with every day on a deep level. I don't have a real satisfying answer for you.

You already understand the key point though: separation. Decide which systems you trust and for what purpose in what contexts you trust them. Place systems in different trust zones accordingly. Implement barriers between the zones and be very selective about what is allowed to pass.

No wonder you have a hard time recruiting relays, much
less exit points.  I guess the coyness here is for some good reason,
but it's not doing the cause any good.  Looks like I have to give up
on a relay.

Computers and networks are inherently good at copying and leaking information, they do it without even trying. Providing an open service while perfectly blocking the flow of selective information is actually extremely difficult to do on shared hardware.

There is always a cost to security, usually complexity, performance, administration, and money. I find this stuff fascinating and spend all my learning about it. But when I set up a relay the other day, I chose to address most of these problems with money: I paid a few dollars a month for a remote virtual host environment having no trust relationships with any of my other systems.

- Marsh
tor-talk mailing list