On Friday 07 November 2014 17:29:23 Aymeric Vitte wrote: > And 5 "do not send anything outside", no? Usually you can restrict with > your ISP box but can you trust it? > What happens if you connect directly your PC to the Cloak with a cable? I haven't really decided. The box have a wan as well as a lan port. I sort of expected to leave the lan port open and it certainly is in the current firmware version. One option would be to make it possible to toggle it with a press on a button, but I really haven't thought that one through at all. Any ideas appreciated. > Maybe the concept of several wifis is good but I don't see it very > usable, not sure what would be the security requirements for this but > assuming that I am trusting my local network why not a simple web > interface where you can configure the same for any device connected to > the box: I think that is mostly related to the target audience for a device such as this. The less that needs to be configured the better - assuming that most users interested in a box such as the Cloak won't want to make massive reconfiguration. Of course a "power user" can squeeze the box to run exactly as they prefer. But it's important to me to have sensible default so that as many people as possible can use it without changing anything. > > - do not allow anything outside > - allow all traffic outside Tor > - force everything through Tor (warning: close your bittorrent clients) > option: the Cloak could detect the bittorrent traffic > - force eveything through Tor except torrents > - force ssl through Tor, non ssl outside Question - is Bittorrent still an issue at all? I actually tried a few days ago - a quite popular torrent (thousands of seeds) bootstrapping using a magnet link - my netbook connected to a Cloak prototype with every single TCP port routed through Tor. After 24 hours the magnet hadn't even downloaded - not a single byte received. I suspect all trackers are using UDP now - and I guess most bittorrent clients too. -- Lars Boegild Thomsen https://reclaim-your-privacy.com Jabber/XMPP: lth@xxxxxxxxxxxxxxxxxxxxxxxx
Attachment:
signature.asc
Description: This is a digitally signed message part.
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk