[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor-node/relay: System installation vs. TorBrowser

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Tor-node/relay: System installation vs. TorBrowser
From: Dave Warren <davew@xxxxxxxxxxxx>
Date: Mon, 16 Mar 2015 16:29:52 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 16 Mar 2015 19:35:23 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple; d=hireahit.com; s=MD-20140321; t=1426548597; x=1427153397; q=dns/txt; h=Message-ID: Date:From:User-Agent:MIME-Version:To:Subject:References: In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=w6D6HSsot GnxVjSQyQpaz0ftO04eEsYKH6PQk3RzzIk=; b=x2GcxFKo66AlLzvPYHkIf20ZF TKVmrXc6rsLuQ3RNL1kSYPez9fyraVIuSAWULluuijQcOvUVp1rHrKqL7LxV03tk hd4ymLJLtH4cX98BFJ7Ch2q/KfVT9+x04L+YzUaEW25rmqE7NBCJgDUGjhhq7Ik0 NCl2/+JLAQBPlGjabw=
In-reply-to: <20150316172439.74017c4b@lapsdeb>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <1426502914.4119.17.camel@xxxxxxxxxxxxxxxx> <20150316172439.74017c4b@lapsdeb>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:24.0) Gecko/20140623 FossaMail/24.6.0

On 2015-03-16 14:24, Stephen R Guglielmo wrote:

On Mon, 16 Mar 2015 11:48:34 +0100
"Lars Edman @ LinuxSuSE"<lars.edman@xxxxxxxxxxxx>  wrote:

>I found they today absolutely discouraged from the use of such a
>"system installation" when using tor as a client. When it came to
>using tor as a node/relay or running a server they referred the
>question to you.
>
>Do you consider this kind of installation insecure?

This is generally considered insecure. There are a few things that the
TBB does that a default Firefox configuration routed through a SOCKS
proxy (Tor) doesn't do.

For example, the TBB has NoScript (blocks JavaScript), HTTPSEverywhere
(forces HTTPS on sites that support it), and the TBB also deletes
cookies, history, and other data upon closing. And I'm sure there are a
few other things that they wrap into the bundle (DNS leaks too); I
don't follow TBB development closely enough to know the specific
details.

These are all security issues. Javascript can be used to uniquely
identify a machine and get your real IP address. If you use HTTP, in
theory, a Tor exit relay can sniff your login credentials. Files on
disk, such as history, cached website files, cookies, can all be used
to identify the sites you visit if your computer were to be inspected.

Note, however, that while these are all potential security issues,they're not all issues that apply to every situation. If your safety orlivelihood depend on privacy or anonymity, obviously you need to beparanoid, and TBB is definitely the wise choice.

However, if you just use Tor to surf geographically restricted websites,or to offer you moderate privacy from a snoopy ISP (hotel or public wifihotspot access) and don't mind the stray request leaking, the proxylevel application may well be sufficient, especially since you canconfigure applications to use system-wide proxy settings, giving you aone-click on-and-off switch.

I suspect both uses are common use cases, and just using SOCKS proxiesmay well be good enough for some users, but if you value safety,security, privacy and anonymity, TBB is a much stronger solution.


--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Tor-node/relay: System installation vs. TorBrowser
  - From: Lars Edman @ LinuxSuSE
- Re: [tor-relays] Tor-node/relay: System installation vs. TorBrowser
  - From: Stephen R Guglielmo

Prev by Author: Re: [tor-relays] Legal situation of tor in Europe
Next by Author: Re: [tor-relays] EDIS now bans Tor
Previous by thread: Re: [tor-relays] Tor-node/relay: System installation vs. TorBrowser
Next by thread: Re: [tor-relays] Tor-node/relay: System installation vs. TorBrowser
Index(es):
- Author
- Thread