[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: funneling a wireless net's outbound connections through tor
Scott Bennett wrote:
If you set up something like that you're opening up all sorts of attacks
against the people who use your service. If they don't know that all of
their plain text traffic can be read and modified by, "dodgy," exit
nodes, and almost certainly *will* be at some point...
How will they be subject to any greater number of possible attacks
if their connections are funneled through tor than if they are not? They
can go to any of several coffee shops in the area and use unencrypted,
completely unprotected, free or paid wireless services. They just can't
do that at home. If you see some way by which anonymizing their TCP
source addresses and their UDP port 53 (name service) packets' source
addresses when they access the Internet at home will cause them to suffer
more attacks than they will in any public location or, for that matter,
from a direct connection in their own dwelling if they had one, please
If they use an Internet cafe, their traffic is subject to being
monitored. If they use Tor it is *also* subject to being modified.
Your user goes to http://www.hotmail.com/ and enters their login
details. The Tor exit node controller has written something to modify
the html on that page so the form posts to a http url instead of a https
url. Their login details are now compromised.
Your user goes to http://www.msn.co.uk/livemessenger to download msn
messenger. They click the "download it now" link. The tor exit node
controller intercepts that request and returns a modified exe containing
a trojan instead of the original.
Of course, you could argue that the person running the Internet cafe or
the ISP could do that, but I am inclined to believe it's much more
likely to occur on the Tor network than in those cases.
Aside from that, the only IP addresses that could conceivably be
discovered would either be the one temporarily assigned to my connection
or the one assigned on a private network by my wireless router via DHCP.
In any case, I still would appreciate helpful information, so I'll
repeat my questions here, quoting from my original query:
The anonymity of the IP address is not at issue here. The issue is, by
using Tor, you allow the possibility of exit nodes monitoring and
modifying traffic, so you should only use Tor if you truly understand
these issues and how to deal with them.
IMHO. There's no need to use Tor for general web browsing, and at the
end of the day it probably makes your online experience more dangerous
rather than less dangerous.