[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Reminder: don't run transparent proxies at exits

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Reminder: don't run transparent proxies at exits
From: Zack Weinberg <zackw@xxxxxxx>
Date: Fri, 9 Jan 2015 21:35:38 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 09 Jan 2015 21:49:11 -0500
In-reply-to: <54B08BE4.2030403@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuwe8_nZkPH-RhaRjxapfvgDVThiSxteZ+SoC9Lx+WCQ5g@xxxxxxxxxxxxxx> <CAHZ_AjuH9R=6dpD_C0MkurhFdC7j+D2aDsVfZxqq2H-d2PB0tQ@xxxxxxxxxxxxxx> <54B0726D.3000009@xxxxxxxxxxxxx> <CAHZ_AjuC+faZJSOfYuLYisOigObdQ9ou6JgJ62nK1OYS4rjXvA@xxxxxxxxxxxxxx> <54B08BE4.2030403@xxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Fri, Jan 9, 2015 at 9:18 PM, cacahuatl <cacahuatl@xxxxxxxxxxxxx> wrote:
> If you're caching exit traffic and a very naughty person uses your exit,
> you've potentially cached "evidence" (to be seized).

That logic applies equally to DNS; indeed, it is why the CMU Tor exit
*doesn't* run a DNS cache.

(It talks to CMU's DNS servers, which do cache, but for the entire network.)

(If you can't trust your network provider's DNS resolver, the tradeoff
may be different.)

zw
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Reminder: don't run transparent proxies at exits
  - From: eric gisse

References:
- [tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers
  - From: Nick Mathewson
- Re: [tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers
  - From: eric gisse
- Re: [tor-relays] Reminder: don't run transparent proxies at exits
  - From: Nusenu
- Re: [tor-relays] Reminder: don't run transparent proxies at exits
  - From: eric gisse
- Re: [tor-relays] Reminder: don't run transparent proxies at exits
  - From: cacahuatl

Prev by Author: [tor-relays] How to get NAMED Flag
Next by Author: Re: [tor-relays] Relays not listed
Previous by thread: Re: [tor-relays] Reminder: don't run transparent proxies at exits
Next by thread: Re: [tor-relays] Reminder: don't run transparent proxies at exits
Index(es):
- Author
- Thread