[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Cloak Tor Router

I've only one thing to  say about this idea or any other similar
Kickstarter project. You've got  to be stupid to sacrifice the control
and flexibility offered by  running Tor on a computer for a
configuration that operates at the  router/switch. There's no such
thing as easy anonymity online. There's  no such thing as easy privacy
online. Anyone who's actually interested  in these projects should
just fork over their money at Kickstarter and  stop spamming tor-talk
with useless self-promotion. Yes, you, Cloak. If  you think it's such
a good idea just do it and take advantage of the  daft--get it over
with already. So I can laugh at you when your buyers  realize how
stupid they were for not reading the Tor manual.

Honestly--it's  not hard to learn to be anonymous online. If you
seriously consider  these projects to be of some value you should just
stop. Stop trying to  be anonymous and just fork over your data to
whomever wants to look at  it.

The only thing that comes close to anonymity/privacy online  is to
treat each device as if it *could* be compromised. If they aren't  yet
compromised that may well be in the future. Then you see having 
absolute control and flexibility is a strength of Tor. Who the hell 
wants anonymity and actually trusts their networking equipment?

That's all
leeroy bearr

On 11/3/2014 at 11:59 AM, michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

On 10:34 Mon 03 Nov     , Lars Boegild Thomsen wrote:
> On Sunday 02 November 2014 11:36:14
michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
> > 2) Every device can sniff on traffic from all other devices on the
> > network. If you have one device which is compromised or somebody
breaks the
> > wifi securety you are in trouble.
> WiFi clients are isolated from each other so no - if someone break
Wi-Fi security they can access the Tor network (or the internet -
depending on which Wi-Fi network they break), but in order to sniff
traffic from other devices the Cloak device itself would have to be
accessed (ie. root password guessed) and the device reconfigured
(disable wifi isolation).

What prevents me from setting up a DHCP server or sending false ARP
to route all traffic to me?

> > 3) Depending on the configuration you may end up routing traffic
from multiple
> > devices over the same circuit. 
> This one surprises me a bit.  The Tor manual states:
> IsolateClientAddr
> Donât share circuits with streams from a different client address.
(On by default and strongly recommended; you can disable it with
> Each client will have their own address so it is my understanding
circuits will not be shared.

Ok, this should do it.

> > You will almost certainly route traffic from
> > different programs on the same device over the same circuit. This
may allow an
> > exit node operator to correlate multiple identities.
> Wouldn't that be solved by enabling:
> IsolateDestPort
> Donât share circuits with streams targetting a different
destination port.

I do not think this actually solves it. For example there are many
which use HTTP even tough they have nothing to do with web browsing.
there are programs (like P2P) which use random ports and may cause
lots of
circuits being established.

programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to