funneling a wireless net's outbound connections through tor
Robert Hogan
robert at roberthogan.net
Mon Oct 1 18:45:28 UTC 2007
On Monday 01 October 2007 16:35:29 Mike Cardwell wrote:
>
> If you use Tor, you considerably increase the number and range of people
> that could potentially attack you. You also make yourself a tastier target.
>
> This is not a bad thing if you know how to deal with it. It *is* a bad
> thing if you don't. For example, I have only ever had attempted MITM
> attacks against my ssh sessions when using them over Tor.
>
I think torifying a user's traffic without informing him of it is a very bad
idea. Pop3 is the best example. I don't think anyone with all the facts to
hand would ever use a pop3 session over Tor. Whatever the merits of the
well-you-go-over-x-hops-anyway argument (and it generally does not apply to
pop3), tor is always x-hops + 1, and that '+ 1' could be anyone from Aunt
Nellie to the NSA, no special privileges required.
This is one of the main challenges faced by Live CDs and other Torified
environments - is it better to anonymize everything in the session or always
prevent the likes of pop3 from being anonymized, ever?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20071001/d1513a6b/attachment.pgp>
More information about the tor-talk
mailing list