[tor-talk] Cloak Tor Router
Aymeric Vitte
vitteaymeric at gmail.com
Fri Nov 7 18:46:24 UTC 2014
Le 07/11/2014 19:24, Aymeric Vitte a écrit :
>
> Le 07/11/2014 19:07, Aymeric Vitte a écrit :
>>
>> Le 07/11/2014 18:18, hellekin a écrit :
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA512
>>>
>>> On 11/07/2014 01:29 PM, Aymeric Vitte wrote:
>>>> >
>>>> >- force ssl through Tor, non ssl outside
>>>> >
>>> *** Is that what you meant? Can you explain why?
>>
>> Yes but again we are not talking about strong anonymity here (unless
>> for a browsing use with the Tor browser and the proxy set to the
>> box), question of usability again by people not familiar with this
>> (but I forgot to mention the http nowhere option, and if users set it
>> then will they understand that all non ssl traffic is blocked?), some
>> thoughts are:
>>
>> - for a normal user is it better to have the non ssl traffic mitmed
>> by the exit nodes or should it go outside?
>> - torrent traffic goes automatically outside
>> - non ssl websockets (like Peersm's where we have ssl (+Tor) over ws
>> and not the contrary) do not go through Tor, so again you are not
>> using Tor over Tor
>>
> and:
>
> - if some devices or apps (like browsers) are sending dubious stuff
> outside, it's likely to be ssl one (like [1]) so you can not know what
> it is, I have not checked yet what my Chromecast is doing, it's in the
> TODO list
>
> [1]
> https://s3.amazonaws.com/ksr/assets/000/690/973/f9a25528976205dff93e60fc40dfa91f_large.jpg?1371808994
>
This makes me think too that project [1] [2] could resurrect with a
Cloak, the Cloak would replace the servers used to intercept itself.
Quickly explained the principles are that the browser is intercepting
itself with the complicity of servers, it then changes the URLs (sent
and received in the page) to a fake domain and navigates on the fake
domain via the Tor network, nobody can know outside of the browsers what
are the real domains, even for ssl (the server name is the fake domain).
[1] https://www.youtube.com/watch?v=QOP4NHvJAGM
[2] http://www.ianonym.com
--
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
More information about the tor-talk
mailing list