[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Flash, Linux and Tor



On Fri, 12 Oct 2012 13:12:53 +0000
adrelanos <adrelanos@xxxxxxxxxx> wrote:

> Raviji:
> > On Fri, 12 Oct 2012 11:38:34 +0000
> > adrelanos <adrelanos@xxxxxxxxxx> wrote:
> > 
> >> Outlaw:
> >>> Hi! Let`s say main linux user A is cut off from Internet with iptables,
> >>> user B starts Tor. If I run TorBrowser by user A, connect it to Tor
> >>> (which is started by B) with socks and turn on flash plugin, is there
> >>> any security/anonimity leak in this scheme? Thank you.
> >>
> >> If you ever use or used Flash without Tor, your Tor session can likely
> >> be linked to your non-Tor session. (Flash Cookies, browser fingerprint,
> >> fonts, os, kernel, dpi, etc.)
> >>
> >> I believe my project Whonix is currently the safest method to use Flash.
> >> IP/DNS/location remains safe, but Flash usage will always be only
> >> pseudonymous rather than anonymous. Linking your sessions will be
> >> limited to your activity inside the Workstation. Details:
> > 
> > whonix is nice, but heavier on system with virtual box.
> 
> Indeed, thats a major drawback. Thought with some tweaking you could
> switch from KDE to Openbox, reduce RAM... Finally lower RAM requirements
> to ~400MB or so.
> 
> > Where a system wide tor enforcement is a good alternative.
> > It is possible with iptables. We might think about a service,
> > when start do system wide tor enforcement, when stop revert back
> > the system to normal mode. 
> > 
> > Though I am not successful yet to exclude the lan from this enforcement,
> > as I need to access some local IP directly. I need some more understanding
> > with iptables. Can anyone help me with the iptables please ?
> 
> Did you read my first sentence in my first reply?
> 
> "If you ever use or used Flash without Tor, your Tor session can likely
> be linked to your non-Tor session. (Flash Cookies, browser fingerprint,
> fonts, os, kernel, dpi, etc.)"
> 

But can it still pass as the firewall drops all non tor connection ?

Yes, I agree, it still carry the browser fingerprint, fonts, os, kernel, dpi, etc..
and that's why your whonix is nice. Can you make it little bit low fat :-)
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk