[tor-talk] anonabox : the Tor hardware router

[Derric Atzrott]

>> If all users use Tor only for sensitive communications, then state
>> level adversaries can round up all users of Tor and the provided
>> anonymity is of little use.
>
> That's true. But there is a sense in which Tor should be used
> selectively: It's counterproductive to use Tor when identity and
> geolocation are desired and/or essential. If my bank, for example, sees
> Tor IPs, it might freeze my account. And that's a _good_ thing.

I disagree.  I'd rather have more people using Tor even for things
where identity is an essential part of authenticating you, like a bank.

I'd rather see the bank move to other methods.  If we can obsolete
automatic location based identification I think that is a good thing.
You should be able to share your location with your banks website, but
it should not automatically be able to gather it.

> That's why anonabox is so dangerous, even if there were no security
> holes. Guaranteed hardware-based Tor connectivity is great, for those
> who know where, when and how to use it. But providing that to users who
> don't understand the situation is dangerous. And doing it via WiFi,
> which is virtually unsecurable, is even worse.

This I can agree with.

>> Cat photos and Amazon shopping by non-subversives gives vulnerable
>> users cover and is fundimental to the usefulness of Tor.
>
> Cat photos, yes :) But Amazon shopping, maybe not so much.

Why wouldn't Amazon shopping provide Tor users with cover?

>> Should entities encouraging heavy routine use of Tor contribute
>> relays? Absolutely.
>
> Well, I gather that there's currently a surplus of non-exit relays and
> bandwidth. So specifically they should contribute exit relays. That's
> not so easy, however, and there's far too little support for it from the
> Tor Project, in my (albeit limited) experience.

This is definitely a problem that I would love to see worked on some.

Thank you,
Derric Atzrott