> I still believe it's not a good idea to be routing unencrypted
> traffic through Tor, and you need to be checking the certificates
> for the encrypted traffic. Browser plugins are risky too.
I guess it depend on what the goal is. As far as I can tell, the man
in the middle attack is just as possible for any router and network
point you pass through, so using Tor only shift who can do the attack
while making it harder (not impossible) to figure out where you are
So to me, it seem like routing all traffic through Tor bring the
advantage of making it harder to track your location while changing
the set of people that can perform MITM attack on you. It is not like
using Tor for everything is introducing some new threat. It is
already known that NSA and China rutinely perform MITM attach on
non-Tor traffic, and I assume others do as well. So we are left with
probability calculations instead to evaluate the threat.
While talking about these topics with a friend, I just got a tip
about PORTALofPi, which is a ARch based Raspberry Pi setup to force
all traffic over Tor. See <URL: https://github.com/grugq/PORTALofPi/ >
for that recipe.