[Freedombox-discuss] Onion Pi

Subject: [Freedombox-discuss] Onion Pi
From: nick.m.daly@gmail.com (Nick Daly)
Date: Tue, 17 Sep 2013 14:57:12 -0500
Message-id: <[🔎] CAM-YhhAMqxkzTMSFessW1yS7vCjsD+TjNMrQ61+xFf5u5SS3WQ@mail.gmail.com>
In-reply-to: <[🔎] CADc0ge9hy090sp2ciGmygZoe9KXBK87TmrCGq1chYwok7WmsXQ@mail.gmail.com>
References: <CACXcFmn1zsq+RhPbO4=CpRp1pnbhe-i2Wz3f9iUKVqRpmaa9Fw@mail.gmail.com> <[🔎] 2flbo3rh64f.fsf@diskless.uio.no> <[🔎] CADc0ge9hy090sp2ciGmygZoe9KXBK87TmrCGq1chYwok7WmsXQ@mail.gmail.com>

Long story short: this should be configurable, selectively-disableable
by the end-user, or the end-user should be informed of the potential
disadvantages of this connection method.

If your destinations are using SSL (like they should) MITM is less of
an issue.  The lovely HttpsEverywhere Firefox/Iceweasel extension
makes this as simple as possible (and should definitely be installed
on any client device).

The unexpected trouble you might need to worry about is infrastructure
services (like online banking, Paypal, etc.) freaking out because
you're connecting from a known exit node, and assuming that your
account is under attack [0].  Some service providers are good about
this (Google will mark your account as a Tor-using account if you sign
in from a non-exit node IP and then sign in from a known exit-node IP,
without clearing cookies [1]), but /I don't know/ which service
providers are bad about it.

Nick

0: personal communication with primary source.

1: a libtech email from a Google employee that I don't have time to
find right now.  Check the libtech list.

On Tue, Sep 17, 2013 at 11:45 AM, Tim Retout <diocles at debian.org> wrote:
> On 17 Sep 2013 15:32, "Petter Reinholdtsen" <pere at hungry.com> wrote:
>> or by configuring privoxy, dnsmasq and redsocks with iptables to pass
>> all traffic passing through the Freedombox via Tor.
>>
>> Is there some reason not to do this by default?
>
> Hi!
>
> There are some good reasons not to run unencrypted traffic through Tor:
>
> - malicious exit nodes will be studying all unencrypted traffic passing
> through them - badly-secured websites still send session cookies
> unencrypted, for example.
> - the exit node can very easily inject arbitrary Javascript into the web
> page. This is bad. I don't think Javascript-enabled browsers should use Tor.
> (Ditto for Flash/Java.)
>
> For fully encrypted traffic, you still need to be careful of MITM attacks.
> Again this is easy for a malicious exit node. You can think of Tor as
> subjecting yourself to a deliberate MITM. :)
>
> I have heard anecdotal evidence that the above is happening routinely on
> Tor, FWIW.
>
> Tim
>
>
> _______________________________________________
> Freedombox-discuss mailing list
> Freedombox-discuss at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss

Reply to:

Follow-Ups:
- [Freedombox-discuss] Onion Pi
  - From: sandyinchina@gmail.com (Sandy Harris)

References:
- [Freedombox-discuss] Onion Pi
  - From: pere@hungry.com (Petter Reinholdtsen)
- [Freedombox-discuss] Onion Pi
  - From: diocles@debian.org (Tim Retout)

Prev by Date: [Freedombox-discuss] What is Freedombox?
Next by Date: [Freedombox-discuss] Onion Pi
Previous by thread: [Freedombox-discuss] Onion Pi
Next by thread: [Freedombox-discuss] Onion Pi
Index(es):
- Date
- Thread