[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: funneling a wireless net's outbound connections through tor



Scott Bennett wrote:

If they use an Internet cafe, their traffic is subject to being monitored. If they use Tor it is *also* subject to being modified.

     If they go to a coffee shop or other location with free wireless
access, their traffic is also subject to being modified, but at *any
and every* hop between their computer and the destination, unless they
use end-to-end encryption anyway.
Example 1:

 [deleted as not unique to the tor environment  --SB]

Example 2:

 [deleted as not unique to the tor environment  --SB]

Scary huh?

     Of course.  But in my intended setup, the only places that could
happen would be in my equipment, the exit node, the destination, or the
hops between the exit node and the destination.  It's not going to happen
in my equipment because I don't do that sort of thing and wouldn't have
the time or energy to devote to it even if I did do that kind of thing.
That leaves the exit node, the destination, and the hops between them.
     If the traffic does not go through tor, then those things could
happen at any of the up to 32 hops normally allowed for a TCP connection.
I do not see how reducing the number of potential points of attack
increases the risk.
Of course, you could argue that the person running the Internet cafe or the ISP could do that, but I am inclined to believe it's much more likely to occur on the Tor network than in those cases.

     So could anyone along the path of an ordinary, unencrypted TCP link.
Some governments apparently do this sort of thing already, most likely
including the U.S. government.

1.) People that can perform these attacks if you just use a normal Internet connection: Governments, people working for ISPs

2.) People that can perform these attacks if you use Tor: Governments, people working for ISPs and anyone who know how to install Tor. Including some wannabe hacker 13 year old kid living on the other side of the World.

If you use Tor, you considerably increase the number and range of people that could potentially attack you. You also make yourself a tastier target.

This is not a bad thing if you know how to deal with it. It *is* a bad thing if you don't. For example, I have only ever had attempted MITM attacks against my ssh sessions when using them over Tor.

     Aside from that, the only IP addresses that could conceivably be
discovered would either be the one temporarily assigned to my connection
or the one assigned on a private network by my wireless router via DHCP.
     In any case, I still would appreciate helpful information, so I'll
repeat my questions here, quoting from my original query:
The anonymity of the IP address is not at issue here. The issue is, by using Tor, you allow the possibility of exit nodes monitoring and modifying traffic, so you should only use Tor if you truly understand these issues and how to deal with them.

     I see.  The elitist approach to limiting use of damned good software.
Reminds me of David Sternlight claiming that there was no reason for anyone
to use PGP and therefore people shouldn't bother with it.  It was ridiculous
on its face, yet he persisted in trolling the PGP news groups with it for
years.  Do you work for the NSA by any chance?  (Like you would really say
so if you did.  Right.)

Your interpretation of what I said is quite hilarious.

Hopefully nobody will help you use Tor for something that is dangerous and that you clearly don't understand. For your users sake.

Mike