[tor-talk] Cloak Tor Router
vitteaymeric at gmail.com
Sun Nov 9 11:03:04 UTC 2014
Answering your different emails at once:
- anonathing indiegogo: incredible... you can be sure that these guys
are cheating on the crowdfunding campaign, as far as they can
- configuration: as you say the less needs to be configired, the better,
but I am not sure we will reach a consensus of what should go through
Tor and what sould not, as we can see in this thread people have
- cable connection: I think this is required, then minimum configuration
- "do not send anything outside" wifi: I think it is required too
- all TCP through Tor: you say that it's difficult for the Cloak to
detect SSL vs non SSL, but you are proposing a SSL only wifi, so the
Cloak is supposed to know how to do this, no?
- all SSL through Tor, non SSL outside: I think I would choose that
option myself by default for the reasons explained previously (see my
latest answer, stupid traffic going outside will necessarily be ssl, my
ws example does apply too for Tor flash proxies relayers)
- bittorrent: yes that's definitely an issue I think, I suppose the
Cloak does relay the UDP traffic, I don't know what happened for your
test but of course if UDP does not work nothing will happen, bittorrent
trackers (which people should not use at all) and DHT are using UDP, the
bittorrent protocol is using TCP and uTP (UDP), as far as I know it
tries to establish both and breaks the TCP connection if uTP is
successfull, I don't know really what is the most use, as far as I have
seen both are used equally, but I did not study this precisely, maybe
some other people can give inputs here. It's unlikely that the seeders
are blocking the exit nodes, so once the bittorrent protocol establishes
TCP connections with the peers in the swarm through Tor, there are no
reasons that it does not work.
- maybe that's another reason to use "my" default, since the Cloak can
not recognize bittorrent traffic it would go outside automatically
- as previously mentioned I will contact you off the list (when I have
time) for the other topics.
Le 09/11/2014 10:27, Lars Boegild Thomsen a écrit :
> On Friday 07 November 2014 17:29:23 Aymeric Vitte wrote:
>> And 5 "do not send anything outside", no? Usually you can restrict with
>> your ISP box but can you trust it?
>> What happens if you connect directly your PC to the Cloak with a cable?
> I haven't really decided. The box have a wan as well as a lan port. I sort of expected to leave the lan port open and it certainly is in the current firmware version. One option would be to make it possible to toggle it with a press on a button, but I really haven't thought that one through at all. Any ideas appreciated.
>> Maybe the concept of several wifis is good but I don't see it very
>> usable, not sure what would be the security requirements for this but
>> assuming that I am trusting my local network why not a simple web
>> interface where you can configure the same for any device connected to
>> the box:
> I think that is mostly related to the target audience for a device such as this. The less that needs to be configured the better - assuming that most users interested in a box such as the Cloak won't want to make massive reconfiguration. Of course a "power user" can squeeze the box to run exactly as they prefer. But it's important to me to have sensible default so that as many people as possible can use it without changing anything.
>> - do not allow anything outside
>> - allow all traffic outside Tor
>> - force everything through Tor (warning: close your bittorrent clients)
>> option: the Cloak could detect the bittorrent traffic
>> - force eveything through Tor except torrents
>> - force ssl through Tor, non ssl outside
> Question - is Bittorrent still an issue at all? I actually tried a few days ago - a quite popular torrent (thousands of seeds) bootstrapping using a magnet link - my netbook connected to a Cloak prototype with every single TCP port routed through Tor. After 24 hours the magnet hadn't even downloaded - not a single byte received. I suspect all trackers are using UDP now - and I guess most bittorrent clients too.
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
More information about the tor-talk