[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Free WiFi Bootable Ditros



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Katya Titov:
> I'm wondering whether there are any bootable distros out there
> which are designed to be used on free WiFi networks (e.g.
> Starbucks, McDonalds) and enforce some level of network encryption.
> Tails would obviously provide a solution here by forcing everything
> through Tor, but I can also see alternatives which force the use of
> an IPSEC VPN, or only allow outbound access to ports which are
> commonly used for secure access (443, 993, etc).

Neither Tor nor Tails fall into the category "designed for free wifi
networks". If Tails where focused primary at public wifis, their
planed mac changer feature had much more priority. [1] Tor provides
anonymity and circumvention, Tails is a LiveCD/USB designed for
privacy and anonymity. If you use them for their purposes, they are good.

But do you rather risk Tor exit nodes sniffing your traffic than
public wifis? Either you are aware of risks of transmitting data over
insecure networks, which is the internet, and take yourself care of
end to end encryption or you don't care at all.

If you are in an uncensored country, Tor/Tails are not so good for
your general surfing. Slow speed, many youtube videos are not
available because they are blocked in Tor Browser, Google will ask for
captcha, Google mail will require phone authentication, I've read
reports, some accounts such as paypal will get blocked if you access
them over Tor...

> It wouldn't need to be an entire distro, just a set of scripts
> which configured the local firewall (iptables, ipfw, even the
> regular Windows firewall) to only allow secure connections, and
> established a Tor or VPN connection (if necessary).

At least with iptables I know it's be easy to limit yourself to a few
outgoing ports.

> This would mean I could use my regular desktop environment to read
> email, check social networks, etc all the while being reasonably
> confident that any traffic which would normally traverse the
> network unsecured (updates, etc, and any misconfigured software)
> would not get access.

You falsely assume that a free wifi hotspot is less secure than a
regular internet access point. You should configure your system in a
way it doesn't matter if there is a man in the middle. (signed
updates, patched correctly configured software, etc.)

If you believe the free wifi hotspot is less secure than your regular
home/cooperate network, you can build a VPN tunnel to your regular
network. That is also safe and routes all your traffic through it.
Alternatively you could use a VPN service.

[1] https://tails.boum.org/todo/macchanger/
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJQFXP3AAoJEJwTGtNxOq7vcWUQALOuIqUMhNCkqVx39CMjvIPc
Y5uuD05TiQmAvrIVnyPEJKD+JipAZs2VHwsQrsdSgIC+Tok6qWqLQL0jL5IviERZ
R18iJxtILu4fFY00T1Hp0ZgPqeGWMBwI36knteqVcRPD3TgBSNdB4bSIxyiEI0n/
5sMcuhzhjor1wY0vw4LW40PgVsOMCm3hHYLwHshTkw9b4O1dg520MLV9dtdCGpbM
TmCWsOFWfLS+i+NQpotRmnlHDhqGy3mj6K3iL5JxljJAbrnBJ4Tz/hHKcf7TUIK+
D97GErKXbtbSYvd6GlJjQ5KGE7gAmqBA9UhzhmaT5lzEfztjrBCRPJPKX7NNXDV8
pUDhe8xyN6MXwayPGo+HJIchID8JOJ0VivBHKQ9hidNx4kIz155U8oXugXsMz03B
MyYksx5IZwvi5wZ6S5gfOLWTEjld6naffqvQ4h3+gvF+9CZx/hs5Ja2Xf05Z3NVO
MNqJz87WPv/WHcLxULPMijpZQQIKEkKjnRjGNri2EOpTfnL6bh5fy2gQJiHPJfr/
jFT213ylool/9ebU2w5DfsxFRXuddL7gmo4syQ4qpLs5TdYZJMEdT9wPNm9DqQEh
JfJGMcIuwtlvr1xqGY9EP4Xlht05hImWHHsLc7ZhgZLM2vrXb/fFz7giqDD3U2sZ
oxyms016yyYTypnGBlF/
=fJRy
-----END PGP SIGNATURE-----
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk