[tor-talk] Cloak Tor Router
Lars Boegild Thomsen
lth at reclaim-your-privacy.com
Tue Nov 4 01:12:48 UTC 2014
On Monday 03 November 2014 17:58:56 michi1 at michaelblizek.twilightparadox.com wrote:
> > WiFi clients are isolated from each other so no - if someone break Wi-Fi security they can access the Tor network (or the internet - depending on which Wi-Fi network they break), but in order to sniff traffic from other devices the Cloak device itself would have to be accessed (ie. root password guessed) and the device reconfigured (disable wifi isolation).
> What prevents me from setting up a DHCP server or sending false ARP responses
> to route all traffic to me?
Well, in theory (that is if it works as advertised) Client Isolation should do the trick. I have not read through the source code and I have not done a really thorough test of this, but I believe it works at driver level by actually manipulating arp responses to each client. In short - each client will only be able to see itself and the access point and no traffic should be passed between them. That should take care of stuff like arp poisoning and fake DHCP.
> > IsolateClientAddr
> > Don’t share circuits with streams from a different client address. (On by default and strongly recommended; you can disable it with NoIsolateClientAddr.)
> > Each client will have their own address so it is my understanding circuits will not be shared.
> Ok, this should do it.
Yeah I think so.
> > Wouldn't that be solved by enabling:
> > IsolateDestPort
> > Don’t share circuits with streams targetting a different destination port.
> I do not think this actually solves it. For example there are many programs
> which use HTTP even tough they have nothing to do with web browsing. Also
> there are programs (like P2P) which use random ports and may cause lots of
> circuits being established.
Yes - P2P might actually lead this device to exhaust it's memory, but then again - P2P is not really encouraged on Tor in the first place for obvious reasons. And yes - traffic from one client using the same protocol to the same server would probably always pass through the same circuit. I would think that is pretty unavoidable unless someone make a "IsolateSrcPort" in Tor.
Do you reckon that would be a huge problem. I do believe the primary concern here (as I understand it) is the following scenario:
1. You want to browse a web site anonymously
2. While you do that - some other application - say Windows Update - phone home
If that traffic passed the same circuit you would be vulnerable at the exit node. However, it is extremely unlikely that the server you were browsing anonymously is exactly the same server that another application were accessing, so this kind of traffic would already pass through different circuits and thus use different exit nodes. Am I wrong here?
Lars Boegild Thomsen
Jabber/XMPP: lth at reclaim-your-privacy.com
More information about the tor-talk