The State of the DNS and Tor Union (also: a DNS UDP - >TCP shim)
Jacob Appelbaum
jacob at appelbaum.net
Tue Jul 6 01:51:10 UTC 2010
On 07/05/2010 03:07 PM, coderman wrote:
> On Sun, Jul 4, 2010 at 3:17 PM, coderman <coderman at gmail.com> wrote:
>> ...
>> a better wording:
>>
>> "... ultimately, any application that uses DNS or UDP may compromise
>> your anonymity."
>
> i should mention that the Tor Browser Bundle when used as directed has
> been and continues to be most resilient to these attacks. while this
> is a very limited environment (no plug-ins, flash, java, etc.) these
> limitations are a feature ensuring your protection.
>
I think that the TBB could use one and only one major enhancement: a DNS
proxy that is used by all of the applications that ship with it.
> when you start using arbitrary applications or plug-ins with Tor or
> any other anonymity service you open yourself up to great risk as
> described here for DNS, not to mention other side channels avenues
> using TCP directly.
I agree. I think that this is inspiring me to work on torwall a little
more next week...
All the best,
Jake
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list