[tor-talk] Thoughts on Tor router hardware
some_guy123 at Safe-mail.net
some_guy123 at Safe-mail.net
Wed Feb 24 20:04:17 UTC 2016
> My conclusions are that running Tor on the router can enhance both
> security and usability.
You are dead wrong on that. (Semi-) transparent proxying is bad for quite a few reasons.
There is a huge number of applications with their own automatic update process that's insecure and vulnerable to man in the middle attacks. They may use non-encrypted connections, don't verify the server certificate (anyone with some valid certificate can impersonate the update server) or use weak/broken cryptography (even Microsoft update was vulnerable at one point). If that traffic runs over Tor, chances of being attacked increase dramatically, since malicious exit nodes can easily perform man in the middle attacks. This has happened in the past, with exit nodes injecting malware into downloads.
Unless you know what you are doing, a lot of your traffic will run over the same circuit (something that TBB tries to avoid) and can potentially be correlated. Some of your traffic will likely contain unique identifiers that can be tied back to you.
More information about the tor-talk
mailing list