Should Whonix document/encourage end users to turn clients into relays on their machines?
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not: * it increases the attack surface, * it makes their IP address public, * the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------------
On 2016-10-17 03:04, teor wrote:
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not:
- it increases the attack surface,
- it makes their IP address public,
- the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
Good idea. We are waiting for snowflake bridge transport to be ready and we plan to enable it by default on Whonix Gateway. Its optimal because no port forwarding is needed or changes to firewall settings (because VMs connect from behind virtual NATs).
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
bancfc@openmailbox.org transcribed 1.7K bytes:
On 2016-10-17 03:04, teor wrote:
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not:
- it increases the attack surface,
- it makes their IP address public,
- the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
Good idea. We are waiting for snowflake bridge transport to be ready and we plan to enable it by default on Whonix Gateway. Its optimal because no port forwarding is needed or changes to firewall settings (because VMs connect from behind virtual NATs).
You're planning to enable "ServerTransportPlugin snowflake" on Whonix Gateways by default? And then "ClientTransportPluging snowflake" on workstations behind the gateway?
On 2016-10-17 10:24, isis agora lovecruft wrote:
bancfc@openmailbox.org transcribed 1.7K bytes:
On 2016-10-17 03:04, teor wrote:
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not:
- it increases the attack surface,
- it makes their IP address public,
- the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
Good idea. We are waiting for snowflake bridge transport to be ready and we plan to enable it by default on Whonix Gateway. Its optimal because no port forwarding is needed or changes to firewall settings (because VMs connect from behind virtual NATs).
You're planning to enable "ServerTransportPlugin snowflake" on Whonix Gateways by default? And then "ClientTransportPluging snowflake" on workstations behind the gateway?
I was planning to enable the server by default (I thought WebRTC was P2P though) but after looking at it some more I don't think it's a good idea.
Not everyone is in a position to run a bridge because they may be living in a censored area themselves. It might also make Whonix users stand out if it was a default. Also Snowflake servers may actully be exposing themselves to privacy risks which is not something we are prepared to do:
"A popular privacy measure advocated to certain classes of users (eg: those that use VPN systems) has been to disable WebRTC due to the potential privacy impact. While this is not a concern for Tor Browser users using snowflake as a transport, there is a segment of people that view WebRTC as harmful to anonymity, and the volunteers that are contributing bandwidth are exposed to such risks. "
https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/SnowFl...
***
Offtopic: I think a pluggable transport thats implemented with bittorrent would be awesome because of how widespread the protocol is and because of the existing infrastructure out there that users can potentially bootstrap off of if seed servers volunteer to run a bridge sever/facilitator.
On Wed, Oct 19, 2016 at 10:35:16PM +0200, bancfc@openmailbox.org wrote:
On 2016-10-17 10:24, isis agora lovecruft wrote:
You're planning to enable "ServerTransportPlugin snowflake" on Whonix Gateways by default? And then "ClientTransportPluging snowflake" on workstations behind the gateway?
I was planning to enable the server by default (I thought WebRTC was P2P though) but after looking at it some more I don't think it's a good idea.
It doesn't make sense to run the Snowflake server on a lot of bridges anyway. It's not like the obfs* model where you need lots of bridges in order to get IP diversity. Snowflake gets IP diversity by routing through web browsers. The bridge itself may even be blocked by the censor; it doesn't matter.
The server component of Snowflake isn't even WebRTC. Snowflake is WebRTC between the client and the browser proxy, then WebSocket (which is easier to program) between the browser proxy and the bridge. The server component is actually just a WebSocket server, borrowed from flash proxy.
Interesting... I thought that a Tor client running a relay would actually help its privacy because you can't tell if its a client connection or relay connection...
El 17/10/2016 a las 3:04, teor escribió:
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not:
- it increases the attack surface,
- it makes their IP address public,
- the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
On 17 Oct 2016, at 19:48, juanjo juanjo@avanix.es wrote:
Interesting... I thought that a Tor client running a relay would actually help its privacy because you can't tell if its a client connection or relay connection…
It depends what sort of privacy you're after. It provides a certain level of traffic hiding, but it makes the IP address and uptime/downtime/latency/weird pauses public. We don't recommend it.
T
El 17/10/2016 a las 3:04, teor escribió:
On 7 Oct 2016, at 08:11, bancfc@openmailbox.org wrote:
Should Whonix document/encourage end users to turn clients into relays on their machines?
Probably not:
- it increases the attack surface,
- it makes their IP address public,
- the relays would be of variable quality.
Why not encourage them to run bridge relays instead, if their connection is fast enough?
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org
tor-dev mailing list
tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------------