[tor-talk] TorBirdy seems to connect to the same exit node again and again
l.m
ter.one.leeboi at hush.com
Mon Apr 27 19:57:37 UTC 2015
Hi Yuri,
>If this is the concern that request to check.torproject.org might
>compromise security, this is the clear indication that TorBirdy/TBB
>aren't adequate for the requirements. Clearly, such people should
switch
>to VM isolation, and there is no need to ever go to
check.torproject.org
>from there, and there is no risk even if one does.
>
>Yuri
Good point. It's true, there's no such thing as enough security if the
consequence is high. To be fair though PT-design has come a long way
from the classical bridge. It's not uncommon to attempt to evade
detection by obfuscation of the protocol at the bridge itself. A
properly configured VM would provide a benefit here. What's to stop a
whistleblower from carrying around a custom TBB/TorBirdy instance that
uses unpublished bridges (hosted by some friendly nation)? No more
than carrying around a properly configured VM or live boot of Tails.
I'm just saying *if* a patch were to propose making the 'test proxy'
option more accessible it would (likely) be shot down. The only
reasonably sane way to do so would be to include an actual proxy test
that links to the optional ip check. For consistency, if nothing else.
As long as the proxy test succeeds I can't imagine why the ip check
would be needed except maybe for debugging.
--leeroy
More information about the tor-talk
mailing list