[tor-talk] Post Quantum Tor
Seth David Schoen
schoen at eff.org
Tue May 29 16:43:42 UTC 2018
Kevin Burress writes:
> honestly, ideally it would be a lot easier to do things with tor if it
> actually internally followed the unix philosophy and the layers of service
> could be used as a part of the linux system and modular use of the parts. I
> was just looking at BGP routing over tor. I'm not sure how to do that with
> the current implementation over hidden service. I'm having a hard time
> working out how to use it as layer 2 and encapsulate things over the
> network from one hidden service to another.
This is because Tor only provides proxying and exit services at the
transit layer. You can't route arbitrary IP packets over Tor, and
so you can't, for example, ping or traceroute over Tor.
https://www.torproject.org/docs/faq.html.en#TransportIPnotTCP
Hidden services, for their part, don't even identify destinations with
IP addresses, so there's no prospect of using IP routing protocols to
describe routes to them.
There have been projects to try to make a router that would automatically
proxy all TCP traffic to send it through Tor by default. (This would
require writing custom code, not just using existing routing tools, again
because Tor only operates at the TCP layer.) I was excited about this
idea several years ago until the Tor maintainers reminded me that it would
expose lots of linkable traffic from applications that didn't realize
that they were supposed to remove linkable identifiers and behaviors.
For example, browsers that didn't realize they were running over Tor
would continue to send cookies from non-Tor sessions, and they would
continue to be highly fingerprintable.
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the tor-talk
mailing list