funneling a wireless net's outbound connections through tor

Mon Oct 1 15:35:29 UTC 2007

Scott Bennett wrote:

>> If they use an Internet cafe, their traffic is subject to being 
>> monitored. If they use Tor it is *also* subject to being modified.
> 
>      If they go to a coffee shop or other location with free wireless
> access, their traffic is also subject to being modified, but at *any
> and every* hop between their computer and the destination, unless they
> use end-to-end encryption anyway.
>> Example 1:
>>
>>  [deleted as not unique to the tor environment  --SB]
>>
>> Example 2:
>>
>>  [deleted as not unique to the tor environment  --SB]
>>
>> Scary huh?
> 
>      Of course.  But in my intended setup, the only places that could
> happen would be in my equipment, the exit node, the destination, or the
> hops between the exit node and the destination.  It's not going to happen
> in my equipment because I don't do that sort of thing and wouldn't have
> the time or energy to devote to it even if I did do that kind of thing.
> That leaves the exit node, the destination, and the hops between them.
>      If the traffic does not go through tor, then those things could
> happen at any of the up to 32 hops normally allowed for a TCP connection.
> I do not see how reducing the number of potential points of attack
> increases the risk.
>> Of course, you could argue that the person running the Internet cafe or 
>> the ISP could do that, but I am inclined to believe it's much more 
>> likely to occur on the Tor network than in those cases.
> 
>      So could anyone along the path of an ordinary, unencrypted TCP link.
> Some governments apparently do this sort of thing already, most likely
> including the U.S. government.

1.) People that can perform these attacks if you just use a normal 
Internet connection: Governments, people working for ISPs

2.) People that can perform these attacks if you use Tor: Governments, 
people working for ISPs and anyone who know how to install Tor. 
Including some wannabe hacker 13 year old kid living on the other side 
of the World.

If you use Tor, you considerably increase the number and range of people 
that could potentially attack you. You also make yourself a tastier target.

This is not a bad thing if you know how to deal with it. It *is* a bad 
thing if you don't. For example, I have only ever had attempted MITM 
attacks against my ssh sessions when using them over Tor.

>>>      Aside from that, the only IP addresses that could conceivably be
>>> discovered would either be the one temporarily assigned to my connection
>>> or the one assigned on a private network by my wireless router via DHCP.
>>>      In any case, I still would appreciate helpful information, so I'll
>>> repeat my questions here, quoting from my original query:
>> The anonymity of the IP address is not at issue here. The issue is, by 
>> using Tor, you allow the possibility of exit nodes monitoring and 
>> modifying traffic, so you should only use Tor if you truly understand 
>> these issues and how to deal with them.
> 
>      I see.  The elitist approach to limiting use of damned good software.
> Reminds me of David Sternlight claiming that there was no reason for anyone
> to use PGP and therefore people shouldn't bother with it.  It was ridiculous
> on its face, yet he persisted in trolling the PGP news groups with it for
> years.  Do you work for the NSA by any chance?  (Like you would really say
> so if you did.  Right.)

Your interpretation of what I said is quite hilarious.

Hopefully nobody will help you use Tor for something that is dangerous 
and that you clearly don't understand. For your users sake.

Mike