[tor-talk] [tor-dev] Linux kernel transproxy packet leak (w/ repro case + workaround)
Abel Luck
abel at guardianproject.info
Tue Apr 1 15:45:42 UTC 2014
On Saturday 29 March 2014 03:10:47 grarpamp wrote:
> On Fri, Mar 28, 2014 at 5:20 PM, intrigeri <intrigeri at boum.org> wrote:
> > grarpamp wrote (28 Mar 2014 21:02:35 GMT) :
> >> [...] what happens with entire vm IP transproxy (perhaps like
> >> Tails)?
> >
> > Tails only uses a transproxy for the automapped .onion addresses:
> > https://tails.boum.org/contribute/design/Tor_enforcement/
>
> My mistake. I think I meant to say whonix [1], just haven't followed
> the developments of those two projects in quite some time.
> [1] Or any model that sandboxes apps/OS/vm behind a firewall that
> redirects all tcp and dns traffic into tor Trans* options and drops
> the rest.
As the maintainer of the qubes-tor (TorVM) plugin for Qubes, I'm definitely
interested in this answer as I imagine Patrick @ whonix is too.
I'll see if I can reproduce this bug with the Qubes context [0]
~abel
[0]: https://github.com/abeluck/qubes-tor/blob/master/start_tor_proxy.sh
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140401/53c8e213/attachment.sig>
More information about the tor-talk
mailing list