[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Library Defeats Tor Followup Addl Info



Yeah ok, thanks for explaining that, I am understanding it now. I think
my problems will be solved once I fix the dns/hosts file bug in Windows
so that it makes dns requests to my internal hosts file first.
But I will take a look at JanusVM also.
On Tue, 16 Oct 2007 20:46:10 +0100, "Robert Hogan"
<robert@xxxxxxxxxxxxxxx> said:
> On Monday 15 October 2007 23:58:37 mark485anderson@xxxxxx wrote:
> <shnip>
> > >
> > > well then explain to me how they can monitor dns traffic if all dns
> > > requests are made within the originating client box and not to any
> > > outside source. maybe all you tor gurus can explain how clients usually
> > > make dns requests through tor and WHY IT IS THAT TOR ALLOWS COMPUTERS TO
> > > LEAK DNS REQUESTS AT ALL???? TOR SOFTWARE SHOULD NOT ALLOW THIS AND
> > > SHOULD FAIL TO WORK IF DNS REQUESTS ARE MADE TO ANY NODE OTHER THAN TOR
> > > THROUGH PRIVOXY. OH THAT'S RIGHT TOR IS "EXPERIMENTAL" AND "NOT FOR
> > > GENERAL USE". FUNNY HOW LONG IT HAS BEEN EXPERIMENTAL. MAYBE THE FAULT
> > > HERE IS WITH TOR, NOT WITH ME OR THE LIBRARY?
> > >
> <shnip>
> 
> Whether a dns request gets routed through privoxy  (or any other privacy
> proxy 
> you use) and then tor depends on the system call the application uses to 
> perform the request.
> 
> The problem is that some applications perform system calls that by-pass
> their 
> own proxy settings. This is more by happenstance than design. It's
> important 
> for Tor users to know how to guard against this and even prevent it and
> the 
> tor devs have put a lot of work into making it easier for tor's helper 
> applications to do so.
> 
> It sounds like in your situation some windows equivalent of a kernel
> module is 
> hooking system calls like dns requests and doing something funky with
> them, 
> the result being that DNS requests that would get routed to Tor on a
> normal 
> installation are being forwarded to a big display board in the staff
> common 
> room or whatever.
> 
> Tor can't manage and inspect your system the way you would like it to.
> Other 
> apps have to help it do this. For browsing purposes, on an OS that you
> can't 
> control and don't own, the only real solution may be something like
> janusvm 
> or a livecd like incognito.
> 
> Hope this helps, and apologies if I'm repeating stuff elsewhere in the
> thread 
> or have misunderstood your query. 
> 
> 
> 
-- 
  
  mark485anderson@xxxxxx

-- 
http://www.fastmail.fm - Email service worth paying for. Try it for free