[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] [Suspected Junk Mail] Re: Cloak Tor Router



I've only one thing to say about this idea or any other similar
Kickstarter project. You've got to be stupid to sacrifice the control
and flexibility offered by running Tor on a computer for a
configuration that operates at the router/switch. There's no such
thing as easy anonymity online. There's no such thing as easy privacy
online. Anyone who's actually interested in these projects should just
fork over their money at Kickstarter and stop spamming tor-talk with
useless self-promotion. Yes, you, Cloak. If you think it's such a good
idea just do it and take advantage of the daft--get it over with
already. So I can laugh at you when your buyers realize how stupid
they were for not reading the Tor manual.

Honestly--it's not hard to learn to be anonymous online. If you
seriously consider these projects to be of some value you should just
stop. Stop trying to be anonymous and just fork over your data to
whomever wants to look at it.

The only thing that comes close to anonymity/privacy online is to
treat each device as if it *could* be compromised. If they aren't yet
compromised that may well be in the future. Then you see having
absolute control and flexibility is a strength of Tor. Who the hell
wants anonymity and actually trusts their networking equipment?

That's all
leeroy bearr

On 11/3/2014 at 11:59 AM, michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
wrote:Hi!

On 10:34 Mon 03 Nov     , Lars Boegild Thomsen wrote:
> On Sunday 02 November 2014 11:36:14
michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
...
> > 2) Every device can sniff on traffic from all other devices on the
same
> > network. If you have one device which is compromised or somebody
breaks the
> > wifi securety you are in trouble.
> 
> WiFi clients are isolated from each other so no - if someone break
Wi-Fi security they can access the Tor network (or the internet -
depending on which Wi-Fi network they break), but in order to sniff
traffic from other devices the Cloak device itself would have to be
accessed (ie. root password guessed) and the device reconfigured
(disable wifi isolation).

What prevents me from setting up a DHCP server or sending false ARP
responses
to route all traffic to me?

> > 3) Depending on the configuration you may end up routing traffic
from multiple
> > devices over the same circuit. 
> 
> This one surprises me a bit.  The Tor manual states:
> 
> IsolateClientAddr
> Donât share circuits with streams from a different client address.
(On by default and strongly recommended; you can disable it with
NoIsolateClientAddr.)
> 
> Each client will have their own address so it is my understanding
circuits will not be shared.

Ok, this should do it.

> > You will almost certainly route traffic from
> > different programs on the same device over the same circuit. This
may allow an
> > exit node operator to correlate multiple identities.
> 
> Wouldn't that be solved by enabling:
> 
> IsolateDestPort
> Donât share circuits with streams targetting a different
destination port.

I do not think this actually solves it. For example there are many
programs
which use HTTP even tough they have nothing to do with web browsing.
Also
there are programs (like P2P) which use random ports and may cause
lots of
circuits being established.

 -Michi
-- 
programing a layer 3+4 network protocol for mesh networks
see http://michaelblizek.twilightparadox.com
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk