[tor-bugs] #2667 [Tor Relay]: Exits should block reentry into the tor network

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Wed Sep 19 01:04:24 UTC 2012 

#2667: Exits should block reentry into the tor network
-----------------------+----------------------------------------------------
 Reporter:  mikeperry  |          Owner:                    
     Type:  defect     |         Status:  new               
 Priority:  critical   |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor Relay  |        Version:                    
 Keywords:             |         Parent:  #2664             
   Points:             |   Actualpoints:                    
-----------------------+----------------------------------------------------

Comment(by mikeperry):

 Replying to [comment:15 arma]:
 > Replying to [comment:13 mikeperry]:
 > > Replying to [comment:12 arma]:
 > > > A specific example of such a network is the open torified wireless
 that some variations of the Torouter expect to offer, where a) it's open
 wireless so people get to watch it, and b) because of #2667 you'd be
 prevented from using your own Tor client.
 > >
 > > Hrmm. This sounds like something we can solve with a tweak to the
 #2905 language. I updated #5611 to suggest it.
 >
 > I'm not following. The problem is that we'd prevent people behind a
 Torified network from running their own Tor client. At the same time we
 tell them that if they really want to be secure, they should run their own
 Tor client. I think our advice is correct.

 Hrmm.. For traffic analysis resistance against attacks like website
 fingerprinting, it's been shown to be better to share a single tor client
 to perform concurrent activity. On the other hand, the only advantage that
 I'm aware of with having your own local Tor client is the ability to do
 "New Identity" and have it give you a new circuit.

 Can you explain why asking people if they are behind a Tor transproxy
 doesn't work? These people should be a small minority...

 What if proper provides those people with alternate TBB launch scripts
 that allow them to launch Tor Browser without a local tor client, and
 optionally specify the control port and password for their upstream Tor
 client's control port?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2667#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list