[Full-disclosure] Compromise of Tor, anonymizing networks/utilities

Peter Besenbruch prb at lava.net
Sun Dec 9 08:24:19 GMT 2007 

On Saturday 08 December 2007 14:01:28 coderman wrote:

> http://www.freehaven.net/anonbib/
> http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ

Thanks for the links.

> > Having seen good crypto ruined by lousy implementations, I thought it
> > timely to remind ourselves of the lesson that implementation is at least
> > as important as the underlying theory.
>
> this is actually a significant aspect for Tor, given that so many
> applications and services which were never intended to be anonymized
> are now getting sent over the network.  the implementation / side
> channel issue is huge, and one reason i am such a proponent of the
> transparent Tor proxy model where all network traffic is either sent
> through Tor or dropped.

My goals are a little more modest. I browse using TOR, except for SSL links. 
Essentially, I want everything I do encrypted, and it wouldn't hurt to 
anonymize my IP address. I try not to abuse the TOR network with Bittorrent 
downloads. Given the NSA monitoring of the Internet in real time, I would 
just as soon make them work for my browsing habits.

> it is simply too difficult for most people and/or most applications to
> be configured to properly communicate through Tor as a proxy, compared
> to simply routing traffic through a transparent Tor proxy.  there are
> some caveats with this approach, and using multiple VM's is stronger
> than host / anon router vm.  however, the drawbacks are minor compared
> to the risks of vulnerable side channels with an explicit SOCKS or
> application protocol layer proxy...

My only concern would be with the sturdiness of the TOR network itself. I hope 
it expands to the point where all traffic could flow through it, but right 
now, it get pretty bogged down from time to time.

> (i should pimp JanusVM here, but you can also configure for *nix easily)
>
> see http://wiki.noreply.org/noreply/TheOnionRouter/TransparentProxy

The Linux instructions are suitably geeky, but straightforward. I tend to use 
FoxyProxy on Firefox. Right now, I am checking out TorK. I hear its the 
latest and greatest for configuring things easily on Linux. Unfortunately, I 
have to compile it, and the list of requirements is a mile long. ;)

-- 
Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

Full-Disclosure is hosted and sponsored by Secunia.