[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] TBB, iptables, and seperation of concerns
- To: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-talk] TBB, iptables, and seperation of concerns
- From: "Chris" <tmail299@xxxxxxxxxxx>
- Date: Mon, 12 Dec 2011 03:19:07 -0500
- Authentication-results: smtp04.embarq.synacor.com smtp.user=gilbertewaid; auth=pass (LOGIN)
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Mon, 12 Dec 2011 03:19:22 -0500
- Importance: Normal
- In-reply-to: <4EE5B4C8.8050109@xxxxxxxxxxxxxxx>
- List-archive: <http://lists.torproject.org/pipermail/tor-talk>
- List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
- List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
- List-post: <mailto:tor-talk@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
- References: <1323634518.16365.140661010296925@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20111212053218.GL5287@xxxxxxxxxxxxxx> <024b8606b2c66e5b4da87f1efd42b8e4.squirrel@xxxxxxxxxxxxxxxx> <4EE5B4C8.8050109@xxxxxxxxxxxxxxx>
- Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
- User-agent: SquirrelMail/1.4.21
- X_cmae_category: 0,0 Undefined,Undefined
> On 12/12/11 7:00 AM, Chris wrote:
>> I have a few problems with the TBB.
>>
>> 1. It isn't in a repository. For security reasons this should be
>> changed.
>>
>> 2. It merges polipo/Tor together with everything else when Tor should be
>> run as a separate user with an unrestricted Internet connection while
>> the
>> user should run Firefox (with appropriate settings) under a restricted
>> user account with no direct Internet.
>
> IMHO the "Starter" of the TBB should be much more intelligent by
> providing:
>
> a) decompression of TBB
> b) splash logo with progress-bar
> c) app-level jailing of various application
>
>
> For point "c" i mean providing a sort of "app-armor" or "*osx" sandbox
> system but at application level with library preloading, directly
> managing the security profile from the starter.
>
> That way it could be much portable the "application security" of the
> system.
>
> -naif
I'd agree. I think it should be taken a step farther even and a
distribution should be produced around it. If you simply install TBB on a
PC you are going to be leaking activities to disk and potentially doing
other things as well. Accidents for instance such as: printing a web page
(possibly unknowingly- possibly to a network printer- possibly to a work
printer, possibly out of paper, you may not even realize it), or running
the wrong browser and not noticing.
If you are forced to boot off an external medium that is a secured
environment this is unlikely to occur.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk