[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] About TBB downloadings

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] About TBB downloadings
From: Andrew Roffey <andrew@xxxxxxxxxx>
Date: Thu, 16 Oct 2014 11:13:28 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 16 Oct 2014 07:23:41 -0400
In-reply-to: <543F9C3E.4010803@xxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <543F9C3E.4010803@xxxxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Lluís wrote:
> In the web page here:
> 
> https://www.torproject.org/download/download.html.en#warning
> 
> advises us not to "... open documents downloaded through Tor while 
> online"
> 
> Many technical manuals and scientific papers are written in pdf 
> format, and I usually read them.

The reason for this is that offline applications can leak information
outside of Tor. If the file downloaded contained an identifier unique to
your Tor connection, and an application outside of that Tor connection
leaked the identifier, then it would breach anonymity.

For example, if you downloaded a HTML page as a file and an image
contained a unique ID this could occur.

To answer your question (or not really):

> Is it safe to download them with TBB first and then open them with, 
> say, "Document Viewer" ?
> 
> Where can I find more information about it ?

I'm not sure whether Evince (I'm assuming this is what you're referring
to) leaks information, e.g. downloading of external resources.

By the way, Tails solves this problem by forcing all applications to go
through Tor.

-- 
Andrew Roffey  http://andrew.roffey.org
 [mailto|xmpp]:andrew@xxxxxxxxxx
 see website for GPG/OTR pubkeys
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] About TBB downloadings
  - From: Lluís

References:
- [tor-relays] About TBB downloadings
  - From: Lluís

Prev by Author: Re: [tor-relays] About TBB downloadings
Next by Author: Re: [tor-relays] Anonbox Project
Previous by thread: Re: [tor-relays] About TBB downloadings
Next by thread: Re: [tor-relays] About TBB downloadings
Index(es):
- Author
- Thread