[tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

Fri Mar 2 01:39:45 UTC 2012

> "proper proper" <proper at secure-mail.biz> writes:
>
> > I
> was told, to ask this question here. [3]
> >
> > Tor's transparent proxy
> feature is at the moment a bit complicated to take
> > advantage off and
> therefore unpopular. That might change in the future, because
> > a) documentation
> improves [1]; b) in the future (depending on the outcome of
> > this bug)
> there might be per-configured, ready-to-use packages; c) you discussed
> >
> to give TorRouter such a feature #3453 [2] as well.
> >
> > You ask the
> user not to use Bittorrent over Tor, as the network can not handle the load.
>
> >
> > What about operating system updates behind a Transparent Tor Proxy?
> The same goes for the installation of legitimate software. No warez. "apt-get
> install gnome"
> >
> > The transparent proxy feature is great, it
> offers to reduce the risk of leaks and offers an anonymous torified operating

> system. Operating system updates behind Tor are a dilemma. It's several hundred
> of megabytes.
>
> [...]
>
> I don't see a difference between regular downloads
> and operating system
> updates.  (I am speaking of Debian here, I don't know
> how other
> operating system or distributions handle package installation and
>
> updates.)  Are regular downloads of 'several hundred of megabytes' not
> encouraged
> by the Tor project?

THAT is my question.

<snip>
> If you are concerned that operating system downloads may compromise your regular Tor online activity you could set up a dedicated tor instance just for operating system updates.

I am not concerned about it. In fact operating system updates behind a transparent proxy improve the isolation of the protected system as the system gets never to see it's real IP address. My concern is, that I am going to harm the Tor network, if many people
were to use the transparent proxy (TransPort) feature of Tor. Right now only very few people can make use of. But when that becomes equally easy as downloading, installing and using the Tor Browser Bundle, I am not sure, if that's okay for the network.

> You can easily do so by separating traffic at user level (root vs. regular users).  Why do we need a special package for such a simple task?

That's not possible. Everything behind the transparent proxy, root or regular user, has only two options, use Tor or nothing.

______________________________________________________
powered by Secure-Mail.biz - anonymous and secure e-mail accounts.