[tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

[Christopher Schmidt]

"proper proper" <proper at secure-mail.biz> writes:

> I was told, to ask this question here. [3]
>
> Tor's transparent proxy feature is at the moment a bit complicated to take
> advantage off and therefore unpopular. That might change in the future, because
> a) documentation improves [1]; b) in the future (depending on the outcome of
> this bug) there might be per-configured, ready-to-use packages; c) you discussed
> to give TorRouter such a feature #3453 [2] as well.
>
> You ask the user not to use Bittorrent over Tor, as the network can not handle the load.
>
> What about operating system updates behind a Transparent Tor Proxy? The same goes for the installation of legitimate software. No warez. "apt-get install gnome"
>
> The transparent proxy feature is great, it offers to reduce the risk of leaks and offers an anonymous torified operating system. Operating system updates behind Tor are a dilemma. It's several hundred of megabytes.

[...]

I don't see a difference between regular downloads and operating system
updates.  (I am speaking of Debian here, I don't know how other
operating system or distributions handle package installation and
updates.)  Are regular downloads of 'several hundred of megabytes' not
encouraged by the Tor project?

The point of Bittorrent and Tor is, well, it's really a lot of traffic -
a lot more than just a few hundred megabytes.  On top of that, UDP is
involved and clients leak information due to the protocol design.

If you are concerned that operating system downloads may compromise your
regular Tor online activity you could set up a dedicated tor instance
just for operating system updates.  You can easily do so by separating
traffic at user level (root vs. regular users).  Why do we need a
special package for such a simple task?

        Christopher