[tor-talk] VPN/TOR Router

[Dave Warren]

On 2015-02-02 11:06, Seth David Schoen wrote:
> spencerone at openmailbox.org writes:
>
>> Hey :)
>>
>> I have been looking at a physical product by Cryptographi called the
>> 'SnoopSafe Encrypted VPN/TOR Router'[0].
>>
>> Does this work?  Is this safe?
>>
>> [0] http://cryptographi.com/products/snoopsafe
> There have been a number of discussions on this mailing list before
> about standalone Tor routers.  The usual consensus is that using a
> separate router together with regular Internet applications is risky,
> because the applications don't know that they shouldn't behave in
> certain ways.  For example, the applications might mention your real IP
> address in the course of some protocol, or they might send or allow to
> be sent a persistent cookie, which might eventually be sent over both a
> Torified and a non-Torified connection.

It occurs to me that such a computer wouldn't *know* your real IP to 
share, it would only see it's local IP, and the only IP it would learn 
as an external IP is that of the Tor exit node.

However, the other anonymity related concerns would definitely apply. 
Things like browser identification, cookies and other data that are used 
within Tor and outside of Tor and similar would be huge problems. If 
your goal is to be anonymous, this is obviously a major problem, but not 
everyone needs anonymity, sometimes it's desirable and sufficient to 
encrypt and protect your traffic from the first hop. In this type of 
environment, implementing Tor at the network level would have a number 
of advantages, including reducing the odds of certain types of leakage 
while still allowing many/most applications to function without further 
configuration.

While I wouldn't necessarily suggest using Tor at the router level for 
all users, for at least some use cases, it probably makes a lot of sense 
to consider this as an option.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren