funneling a wireless net's outbound connections through tor
Mike Cardwell
tor at lists.grepular.com
Mon Oct 1 14:19:26 UTC 2007
Scott Bennett wrote:
>> If you set up something like that you're opening up all sorts of attacks
>> against the people who use your service. If they don't know that all of
>> their plain text traffic can be read and modified by, "dodgy," exit
>> nodes, and almost certainly *will* be at some point...
> How will they be subject to any greater number of possible attacks
> if their connections are funneled through tor than if they are not? They
> can go to any of several coffee shops in the area and use unencrypted,
> completely unprotected, free or paid wireless services. They just can't
> do that at home. If you see some way by which anonymizing their TCP
> source addresses and their UDP port 53 (name service) packets' source
> addresses when they access the Internet at home will cause them to suffer
> more attacks than they will in any public location or, for that matter,
> from a direct connection in their own dwelling if they had one, please
> enlighten me.
If they use an Internet cafe, their traffic is subject to being
monitored. If they use Tor it is *also* subject to being modified.
Example 1:
Your user goes to http://www.hotmail.com/ and enters their login
details. The Tor exit node controller has written something to modify
the html on that page so the form posts to a http url instead of a https
url. Their login details are now compromised.
Example 2:
Your user goes to http://www.msn.co.uk/livemessenger to download msn
messenger. They click the "download it now" link. The tor exit node
controller intercepts that request and returns a modified exe containing
a trojan instead of the original.
Scary huh?
Of course, you could argue that the person running the Internet cafe or
the ISP could do that, but I am inclined to believe it's much more
likely to occur on the Tor network than in those cases.
> Aside from that, the only IP addresses that could conceivably be
> discovered would either be the one temporarily assigned to my connection
> or the one assigned on a private network by my wireless router via DHCP.
> In any case, I still would appreciate helpful information, so I'll
> repeat my questions here, quoting from my original query:
The anonymity of the IP address is not at issue here. The issue is, by
using Tor, you allow the possibility of exit nodes monitoring and
modifying traffic, so you should only use Tor if you truly understand
these issues and how to deal with them.
IMHO. There's no need to use Tor for general web browsing, and at the
end of the day it probably makes your online experience more dangerous
rather than less dangerous.
Mike
More information about the tor-talk
mailing list