[tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

Moritz Bartl moritz at torservers.net
Fri Mar 2 00:27:58 UTC 2012

On 02.03.2012 00:12, proper proper wrote:
> You ask the user not to use Bittorrent over Tor, as the network can not handle the load.

The problem is that Bittorrent opens a lot of concurrent connections to
download many pieces at once. And all those "Tweak your Torrent client
and get mighty mighty speed" add to that.

The second reason to avoid Bittorrent over Tor is that there is no
audited torrent client. There is none because of the first reason. There
have been studies about various torrent clients leaking information
directly leading to the deanonymization of users (IIRC the packets
contained local interface IPs), and Tor cannot stop an application from
doing that.

But, yes, in general it holds that the Tor network could use more relays.

>> Operating system updates over Tor are the main reason that
>> transparent proxying is not recommended -- automatic update
> installers are likely to leak information about the software they are
> trying to update, whether due to malicious design or due to lack of
> consideration for users' location privacy.

Everyone has a "customized" operating system. Windows users not so much
because Microsoft's greatest failure was to never add package
management. Still, knowing about the updates itself is already a risk
for your anonymity. Ideally, all Tor users would use the exact same
version of some static operating system like TAILS, and update all at once.

>  If someone were to promote an easy-to-use per-configured anonymous
> torified operating system


Moritz Bartl

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20120302/4b3e0cbc/attachment.pgp>

More information about the tor-talk mailing list