[tor-bugs] #2667 [Tor Relay]: Exits should block reentry into the tor network
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Wed Sep 19 01:04:24 UTC 2012
#2667: Exits should block reentry into the tor network
-----------------------+----------------------------------------------------
Reporter: mikeperry | Owner:
Type: defect | Status: new
Priority: critical | Milestone: Tor: 0.2.4.x-final
Component: Tor Relay | Version:
Keywords: | Parent: #2664
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by mikeperry):
Replying to [comment:15 arma]:
> Replying to [comment:13 mikeperry]:
> > Replying to [comment:12 arma]:
> > > A specific example of such a network is the open torified wireless
that some variations of the Torouter expect to offer, where a) it's open
wireless so people get to watch it, and b) because of #2667 you'd be
prevented from using your own Tor client.
> >
> > Hrmm. This sounds like something we can solve with a tweak to the
#2905 language. I updated #5611 to suggest it.
>
> I'm not following. The problem is that we'd prevent people behind a
Torified network from running their own Tor client. At the same time we
tell them that if they really want to be secure, they should run their own
Tor client. I think our advice is correct.
Hrmm.. For traffic analysis resistance against attacks like website
fingerprinting, it's been shown to be better to share a single tor client
to perform concurrent activity. On the other hand, the only advantage that
I'm aware of with having your own local Tor client is the ability to do
"New Identity" and have it give you a new circuit.
Can you explain why asking people if they are behind a Tor transproxy
doesn't work? These people should be a small minority...
What if proper provides those people with alternate TBB launch scripts
that allow them to launch Tor Browser without a local tor client, and
optionally specify the control port and password for their upstream Tor
client's control port?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2667#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list