[tor-talk] Thoughts on proxy setup wrt insecure connections

[Robert Ransom]

On Mon, 28 Feb 2011 15:02:40 -0500
thecarp <thecarp at gmail.com> wrote:

> After the whole discussion about "gatereloaded" and "badexits" I was
> thinking a bit about the discussion and wondering if there is a way to
> add a bit more protection to people who are, well, newbs. As one article
> pointed out:
> 
> "many who use Tor mistakenly believe it is an end-to-end encryption
> tool. As a result, they aren't taking the precautions they need to take
> to protect their web activity. "
> 
> This is a similar, but not exactly the same problem. Clearly blocking
> all port 80 would be pretty harmful to a lot of use. However, for
> protocols like pop3 or imap, the case for allowing them is clearly not
> as strong, though, the case for banning them completely or requiring
> exit nodes to carry both is... pretty dubious (especially given that
> some people will run things on non-standard ports anyway).

Connections to the plaintext POP3 and IMAP ports may be secured using
the STARTTLS command.


> So here is my thought, what do people think of a configuration item in
> tor, setup to be "on" by default, which blocks attempts to go to certain
> ports at the proxy level, but allows users to turn this "protection" off
> if they wish to? Maybe make the list of blocked ports configurable.

This enables attacks against users' anonymity -- for example, a web
page at <http://evil-site.example.com:80/> could include
<http://evil-site.example.com:110/foo.png> as an inline image to
distinguish users who have configured their Tor client to allow
connections to port 110 from those who have not.


Robert Ransom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20110228/fd2baf17/attachment.pgp>