[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Using Tor as a library

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Using Tor as a library
From: "Fabio Pietrosanti (naif)" <lists@xxxxxxxxxxxxxxx>
Date: Thu, 28 Mar 2013 14:51:53 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 28 Mar 2013 09:52:09 -0400
In-reply-to: <87r4izhj93@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <1364455937.42380.BPMail_high_noncarrier@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <5154125B.8010801@xxxxxxxxxxxxxxx> <87r4izhj93@xxxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130307 Thunderbird/17.0.4

On 3/28/13 12:10 PM, Christopher Schmidt wrote:
> "Fabio Pietrosanti (naif)" <lists-BEJ3GKOyH/EwUp2xcto6ig@xxxxxxxxxxxxxxxx> writes:
>> That's the future of Tor, to be integrated as a library just like an
>> encryption library into application.
> No, it's not.  Embedding a Tor client in another application cripples
> auditability, configurability, updateability etc. of Tor.  So does
> embedding a controller.  Even worse, an application trying to outsmart
> the user by controlling Tor on its own poses a severe security risk.
It completely disagree with that vision.
A separate component can be tampered or misconfiguredwithout leveraging
the specific application context of use.
A separate component cannot leverage the efficient automatic-update
procedures of a specific application using it.
>
> Other than an encryption library, there is no well-defined output to an
> input that a Tor library should produce.
The input and output is so very well defined that there's an RFC 1928
defining it.

Without a tight integration with an application there are additional
risks, such as applications "leaking DNS" or "connecting directly if
Socks server is not available" .

Without direct application integration (linking tor with the
application) there is *much more code and complexity involved* and this
represent a risks for the end-user.

>
> Tor is a vivid, organic ecosystem of different, replaceable projects
> that integrate into each other.  Embedding a static subset of these in
> an application is wrong.
The same for major crypto library like OpenSSL, but all applications
link it directly rather than using an outdated IPC mechansmis here
called "SOCKS" (involving multiple layers of software in userspace and
kernel-space to be used).

From the software architectural and security perspective having Tor
integrated within an application represent a security advantage for the
end-user, imho without any doubt.

Fabio
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Using Tor as a library
  - From: wac
- Re: [tor-dev] Using Tor as a library
  - From: Fabio Pietrosanti (naif)
- Re: [tor-dev] Using Tor as a library
  - From: Christopher Schmidt

Prev by Author: Re: [tor-dev] Using Tor as a library
Next by Author: Re: [tor-dev] Using Tor as a library
Previous by thread: Re: [tor-dev] Using Tor as a library
Next by thread: Re: [tor-dev] Using Tor as a library
Index(es):
- Author
- Thread