[tor-talk] corridor, a Tor traffic whitelisting gateway
Rusty Bird
rustybird at openmailbox.org
Fri Feb 6 13:43:04 UTC 2015
Hi Gavin & all,
>> https://github.com/rustybird/corridor/#pitfalls
>>> corridor cannot prevent malware on a client computer from directly
>>> contacting a colluding relay to find out your clearnet IP address.
>
> I don't think this disclaimer is strong enough. With the 'getinfo address'
> command, malware doesn't even need a colluding relay.
I have to admit I was unaware of 'getinfo address'. For sure, the warning
needs an update as soon as GitHub tells me WTF is going on with my account.
These days, my thinking is that the purpose of corridor is not security but:
safety against accidental misconfiguration (especially for developers);
outsourcing :) the potential troubles of open WiFi to exit node ops, who are
are way better equipped to deal with them;
increasing Tor adoption in your neighborhood.
Rusty
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150206/998c42a1/attachment.sig>
More information about the tor-talk
mailing list