[tor-talk] Tor router requirements / best practices [was: Cloak Tor Router]

coderman coderman at gmail.com
Fri Nov 14 21:04:30 UTC 2014

On 11/10/14, Lars Boegild Thomsen <lth at reclaim-your-privacy.com> wrote:
> ...
> Would run an OpenWrt build with Tor as Relay/Exit just fine.  And I would be
> quite OK if the Relay/Exit version required some technical skills for
> installation (as in was not available as a ready flashed plug-and-go
> device).

prior testing on similar hardware shows them at the bottom of the
relay capacity pool.  the trend the last few years has been toward
faster relays, rather than more relays, because of other pressures in
the Tor directory consensus.

> My own area of expertise is mainly the embedded Linux part and some solid
> network/unix foundation,

it appears anonymous contributors have edited https://titanpad.com/l2Wog5Hhk5

which would be useful to integrate back into a Tor wiki page like
https://trac.torproject.org/projects/tor/wiki/doc/Torouter including
any feedback you, or any other contributors, may have to provide.

the main points are provided by arma and mike in these threads:
  mike: https://lists.torproject.org/pipermail/tor-relays/2014-October/005541.html
  arma: https://lists.torproject.org/pipermail/tor-relays/2014-October/005544.html

I was thinking something like:

- Many people keep wanting to build a magic anonymity box. And it's
really appealing to not have to change your behavior or your
application settings, and just magically get anonymity, so I can
understand why the idea keeps popping up.

- Unfortunately, if you just route all your traffic through Tor,
you're only solving half the problem: all the application-level issues
remain. First this is a problem when you use your Chrome over Tor and
then wonder how websites are able to recognize you anyway (remember
all the protections that Tor Browser adds over vanilla Firefox). And
second, as you say in your post here, it's a problem because of all the
chatter that comes from background applications, update attempts, printer
notifications, and so on that most systems do by default these days.

- To be fair, some expert users may still get a benefit from Torifying
their traffic. For example, if they've already set up a firewall to
block everything they don't want talking, and now they want to use
an application that's hard to configure a proxy for. Or if they have
thought deeply about their threat model and they don't want a lot of
the anonymity properties that Tor aims to offer. But that user is very
far from the target audience for these magic anonymity boxes.

- The best design we've been able to come up with is one that forces you
to be using Tor on your side, and only allows your traffic through if it's
coming from Tor. Making it use a proxy, or maybe even better a Tor bridge,
that's running on the router seems a fine way to do this limiting. And we
could also imagine running a captive portal website on the router that
intercepts outgoing port 80 requests and teaches you what you need to
do to use this network connection safely. Perhaps it has a local copy
of Tor Browser for you (but how does the user know it's the real Tor
Browser?), or perhaps it lets you reach https://www.torproject.org/
so you can fetch it yourself.

- This approach sure isn't as usable as the magic anonymity box. What a
great research area! But be aware that people have been thinking about
this issue for several years now, and don't get fooled by solutions
that brush all the above details under the rug....

best regards,

More information about the tor-talk mailing list