[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Using public Wi-Fi for access


----- Original Message -----

From: Mike Perry

Sent: 09/07/11 03:23 AM

To: tor-talk@xxxxxxxxxxxxxxxxxxxx

Subject: Re: [tor-talk] Using public Wi-Fi for access

Thus spake David Carlson (carlson.dl@xxxxxxxxxxxxx): 

> I would like some advice about accessing Tor through public wi-fi 
> networks at airports, hotels, Starbucks and Mc Donalds.  I did not 
> find information about this that ordinary people could understand on 
> the torproject faq page. 
> I would suppose that, in general, they keep logs which probably 
> include MAC addresses and access times, durations and whatever.  
> This could be used by either police or criminals to track use of my 
> computer around the globe.  Also, some of these networks use the 
> technique of blocking all access until an attempt is made to use 
> http, whereupon they hijack the attempt to redirect to their log-in 
> page.  Then, if the log-in is successful, they finally allow 
> whatever traffic they consider acceptable from, I suspect, that 
> particular MAC address. 
> Is this conjecture all wet, or am I correct that I am probably 
> compromised if I use public wi-fi? 

You are entirely correct in your guess as to how the system works, 
authenticates you, and tracks you. 

However, this does not mean that you're "compromised". If you use a 
default Tor, the wifi owner will at best see you log in, and then see 
that you are Tor user, and not much after that. If you are using Tor 
with bridges, they will likely not know even this much. 

> Is there a way to use public wi-fi safely? 

If you are on a Linux system, you can get the package 'macchanger', 
which can spoof your mac address to valid addresses by arbitrary 
vendors.  This can alleviate the risk of your laptop being tracked 
from access point to access point. Similar utilities exist for 
Windows. For MacOS, Steve Jobs deemed that you must be tracked at all 
times (he likes to 'Think Different'), unless you decide to purchase a 
USB wifi device, in which case he will allow you to change the MAC 
address from the command line using 'ifconfig'. 

However, a serious adversary may still be able to fingerprint your 
wireless driver based on the 802.11 protocol headers[1], or if there 
is a big white van parked nearby, by the actual radio signature of 
your specific device[2]. The former will not specifically deanonymize 
your device, but likely just narrow it down to chipset and possibly 
driver version. The exact capabilities of latter in the field are not 
widely known. Ambient noise and other devices may likely interfere 
with RF fingerprinting on a large scale. 

1. http://www.sandia.gov/news/resources/releases/2006/images/wireless-fingerprinting.pdf 
2. http://petsymposium.org/2008/hotpets/mccoyd_hotpets2008.pdf 

This post made me think of internet cafes in regard to the same issues. I recently watched an online video about the ease of using Tor from a USB and the person who did the video stated that nothing is left on the host machine. Is this true? I thought the cafe operator could also see that I am using Tor and not their browser (many have Firefox) but wondered if they could see where I surf. I do a lot of writing so I am not too concerned but have always been a sort of suspicious sort about my own business, even if I am using a cafe computer. 

Do any addresses get logged in internet cafes? 


Mike Perry 
Mad Computer Scientist 
fscked.org evil labs 


tor-talk mailing list