[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18361 [Tor Browser]: Issues with corporate censorship and mass surveillance
#18361: Issues with corporate censorship and mass surveillance
------------------------------------------+--------------------------
Reporter: ioerror | Owner: tbb-team
Type: enhancement | Status: new
Priority: High | Milestone:
Component: Tor Browser | Version:
Severity: Critical | Resolution:
Keywords: security, privacy, anonymity | Actual Points:
Parent ID: | Points:
Sponsor: |
------------------------------------------+--------------------------
Comment (by jeffburdges):
We're adding an "auto-pay" option to the auditor signing keys in GNU Taler
to allow the creation of denomination signing keys for automatic payments
without user confirmation. https://taler.net/
Automatic payments are a potential deanonymization vector if the attacker
can issue as many denomination keys as they like. We'd therefore envision
the Tor project being the auditor who limits the issuing of new
denomination signing keys.
Ideally, CloudFlare would run a mint whose denomination keys the Tor
project signs every few months. Anytime a TBB user solves a CloudFlare
CAPTCHA they'd receive stash of token that TBB automatically uses to
access pages.
We've actually had some limited discussions with CloudFlare about doing
this. I'll speak about it some at the Tor dev meeting later this week.
Along with several interesting variations.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18361#comment:45>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs