[tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

proper proper proper at secure-mail.biz
Thu Mar 1 23:12:44 UTC 2012


I was told, to ask this question here. [3]

Tor's transparent proxy feature is at the moment a bit complicated to take advantage off and therefore unpopular. That might change in the future, because a) documentation improves [1]; b) in the future (depending on the outcome of this bug) there might be per-configured, ready-to-use packages; c) you discussed to give TorRouter such a feature #3453 [2] as well.

You ask the user not to use Bittorrent over Tor, as the network can not handle the load.

What about operating system updates behind a Transparent Tor Proxy? The same goes for the installation of legitimate software. No warez. "apt-get install gnome"

The transparent proxy feature is great, it offers to reduce the risk of leaks and offers an anonymous torified operating system. Operating system updates behind Tor are a dilemma. It's several hundred of megabytes.

Once users have an anonymous

torified operating system, they use "apt-get upgrade", they won't bother with offline updates, as they are complicated and possible leaks (creates signature).

So what do you suppose to do with the Transparent Proxy feature? How do you want to solve the operating system update dilemma? Can the Tor network handle the load?

Resolutions possible:
a) Propose a solution.
b) Leave it complicated, a nice addon for power users only.
c) Encourage people to extensively use it.
d) Leave the situation as it is. Tell me, not to release a easy per-configured package for an anonymous torified operating system.
e) Remove the TransPort feature, make it even more complicated to use. So we have to use transsocks again if we really want.
f) Propose more, better solutions.

rransomsaid [3]:
> Operating system updates over Tor are the main reason that transparent proxying is not recommended -- automatic update

installers are likely to leak information about the software they are trying to update, whether due to malicious design or due to lack of consideration for users' location privacy.

proper: This is the reason why we want to make them over Tor. Those information would stay anonymous. The reason not to do them over Tor is the network load as described above.

rransom said [3]:
> Also, this is not a ‘defect’, ‘critical’, or an issue to be addressed by changing ‘Tor Client’. Try tor-talk or IRC.

proper: I think it is. Solution e) would be handled by Tor Client. If someone were to promote an easy-to-use per-configured anonymous torified operating system, this could (I don't know, that's why I ask here.) overload the network. This someone could be me. I won't do it if you tell me not to do it, because I don't want to kill the network I use. And someone else is probable not up to it. The demand

for such as thing is there, but no one started working on it for years.

[1] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX
[2] https://trac.torproject.org/projects/tor/ticket/3453
[3] https://trac.torproject.org/projects/tor/ticket/5284

______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.



More information about the tor-talk mailing list