[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Cloak Tor Router




Le 07/11/2014 19:24, Aymeric Vitte a écrit :

Le 07/11/2014 19:07, Aymeric Vitte a écrit :

Le 07/11/2014 18:18, hellekin a écrit :
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 11/07/2014 01:29 PM, Aymeric Vitte wrote:
>
>- force ssl through Tor, non ssl outside
>
*** Is that what you meant?  Can you explain why?

Yes but again we are not talking about strong anonymity here (unless for a browsing use with the Tor browser and the proxy set to the box), question of usability again by people not familiar with this (but I forgot to mention the http nowhere option, and if users set it then will they understand that all non ssl traffic is blocked?), some thoughts are:

- for a normal user is it better to have the non ssl traffic mitmed by the exit nodes or should it go outside?
- torrent traffic goes automatically outside
- non ssl websockets (like Peersm's where we have ssl (+Tor) over ws and not the contrary) do not go through Tor, so again you are not using Tor over Tor

and:

- if some devices or apps (like browsers) are sending dubious stuff outside, it's likely to be ssl one (like [1]) so you can not know what it is, I have not checked yet what my Chromecast is doing, it's in the TODO list

[1] https://s3.amazonaws.com/ksr/assets/000/690/973/f9a25528976205dff93e60fc40dfa91f_large.jpg?1371808994


This makes me think too that project [1] [2] could resurrect with a Cloak, the Cloak would replace the servers used to intercept itself. Quickly explained the principles are that the browser is intercepting itself with the complicity of servers, it then changes the URLs (sent and received in the page) to a fake domain and navigates on the fake domain via the Tor network, nobody can know outside of the browsers what are the real domains, even for ssl (the server name is the fake domain).

[1] https://www.youtube.com/watch?v=QOP4NHvJAGM
[2] http://www.ianonym.com

--
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk