[tor-talk] Cloak Tor Router
Lars Boegild Thomsen
lth at reclaim-your-privacy.com
Mon Nov 3 02:34:26 UTC 2014
On Sunday 02 November 2014 11:36:14 michi1 at michaelblizek.twilightparadox.com wrote:
> > and we really would like this product to be what the TorRouter never became
> I would really like to see this happen. To me it seems your goals are
> slightly different tough. Torouter tries to provide public wifi (without
> risks for the operator), run bridge (and other) nodes and create hidden
> services (see https://trac.torproject.org/projects/tor/wiki/doc/Torouter ).
It is quite clear that the Cloak will not be able to provide bridge and/or exits - it simply does not have the resources. Hidden services however should be within the realm of possibility. The public Wi-Fi is definitely a use case we are quite aware of.
> The kickstarter page suggests it can be used to anonymise outgoing traffic
> from clients to the internet. This may be quite problematic for these reasons:
> 1) People will not get hardened clients. See
> https://www.torproject.org/projects/torbrowser/design/ for a list of changes
> made by torproject.
Even the Tor browser is facing the same issues if used wrongly. On the Download page of Tor there is a list of 5 warnings. One of these warnings read:
"Tor will encrypt your traffic to and within the Tor network, but the encryption of your traffic to the final destination website depends upon on that website. To help ensure private encryption to websites, the Tor Browser includes HTTPS Everywhere to force the use of HTTPS encryption with major websites that support it. However, you should still watch the browser URL bar to ensure that websites you provide sensitive information to display a blue or green URL bar button, include https:// in the URL, and display the proper expected name for the website. Also see EFF's interactive page explaining how Tor and HTTPS relate."
> 2) Every device can sniff on traffic from all other devices on the same
> network. If you have one device which is compromised or somebody breaks the
> wifi securety you are in trouble.
WiFi clients are isolated from each other so no - if someone break Wi-Fi security they can access the Tor network (or the internet - depending on which Wi-Fi network they break), but in order to sniff traffic from other devices the Cloak device itself would have to be accessed (ie. root password guessed) and the device reconfigured (disable wifi isolation).
> 3) Depending on the configuration you may end up routing traffic from multiple
> devices over the same circuit.
This one surprises me a bit. The Tor manual states:
Don’t share circuits with streams from a different client address. (On by default and strongly recommended; you can disable it with NoIsolateClientAddr.)
Each client will have their own address so it is my understanding circuits will not be shared.
> You will almost certainly route traffic from
> different programs on the same device over the same circuit. This may allow an
> exit node operator to correlate multiple identities.
Wouldn't that be solved by enabling:
Don’t share circuits with streams targetting a different destination port.
> 4) If you have a mobile device you probably want to be safe everywhere, not
> just at home.
Which is why the device will be highly portable ;) I get what you mean but as stated earlier, everything security related is at the end of the day a matter of compromise.
> BTW: If you want to show people you are serious about privacy I would suggest
> creating your screenshots+demos with a free operating system.
Here is one running on Linux:
The team members didn't appreciate my skills as a camera man, so it never went on the web-site or kickstarter page.
Lars Boegild Thomsen
Jabber/XMPP: lth at reclaim-your-privacy.com
More information about the tor-talk