[tor-talk] Tor as a network filter

spencerone at openmailbox.org spencerone at openmailbox.org
Mon Mar 9 12:09:20 UTC 2015 

Hi,

>> SpencerOne:
>> Yes, "..separate identification from routing.”, but isn't Tor
>> filtering my connection to the internet by routing my connection
>> through its network?  Because, if so, I am wondering if it is possible
>> to have that onion routing process do more than just automatically
>> proxy my connection.  I am thinking it could allow me to deny certain
>> connection attempts completely while allowing others.  If applications
>> can make connections to the internet through the Tor network, via
>> Orbot or TorBirdy, for example, how much control can I have over this
>> on a desk/laptop environment?
>> 
>> Where would I look to find information on this?  Is Vidalia or "system
>> Tor" relevant to this?
>> 
> 
> Yuri:
> No, tor doesn't filter anything. The closest definition of what tor is
> would be "routing software". It routes user traffic through the
> anonymization network. There is no degree of control in terms of what 
> is
> and isn't sent beyond the fact of connection.
> 

But what about the before the connection, even preventing the 
connection?  Doesn't Orbot or Tor Browser provide an opportunity to 
manage what is sent?  Can firewall-like control be implemented into 
somethinglike this?

> 
> You need to really read about tor in order to understand it.
> 

I have been, thanks to many kind people on this list taking their time 
to help :)  This is why I am asking questions, to better understand the 
limitations.

> 
> But "filter" concept doesn't describe tor in any way. This is the 
> misunderstanding.
> 

I understand the network as you are describing it.  Regarding "filter" I 
am seeing it from a non-technical user point of view, where it appears 
as if the user's address has been removed and a new one has been 
provided, as they might often receive the message "Your IP address 
appears to be:...".  Given that a filter can be seen as software that 
reformats some stuff, experientially, in this case, the user's identity 
has been reformatted, even if technically it's just being swapped for 
that of the exit's.

But I am more asking if Tor can be used as part of a filter, with some 
sort of application allowing for more control, maybe even of what is 
sent to the entry.  It seems there has been some discussion regarding 
'Tor Router/Firewall', though it's only cited as a bullet in a list. I 
might be misreading, but a Tails document refers to a 'Network Filter'.  
I don't only want to allow or deny network connections, like with Tails, 
but filter out certain things as well, maybe with something smaller like 
a browser or application firewall.

> WhonixQubes:
> Yuri is correct. Tor does not provide an internet filter for 
> applications.
> 

Awesome, but isn't Orbot something like this?  And didn't Vidalia 
provide similar functionality?

> 
> Sounds like you are looking for what is known as an "Application 
> Firewall".
> 

I am, as touched on above, is there any value to combining incoming 
access to the Tor network and outgoing connections from applications as 
a standalone tool?  Vs using Little Snitch or built-in firewalls 
separately from a Tor application like Tor Browser.

Wordlife,
Spencer

More information about the tor-talk mailing list