How can I trust all my Tor nodes in path
Watson Ladd
watsonbladd at gmail.com
Sat Dec 2 22:49:14 UTC 2006
Ringo Kamens wrote:
> Linux is very tor friendly. If you are a linux noob I suggest ubuntu. I
> oppose the idea of a tor police force for several reasons:
> 1. Lie detectors don´t work
> 2. It is no better than the opressive governments tor tries to circumvent
> 3. It would take too much work.
>
> I do appreciate the effort to find a solution. Perhaps there is a way
> that tor clients to calculate a checksum of the server files?
> Ringo Kamens
Nope. At the very best case a VM could run tor halting on every
instruction, and logging the relevant parts of memory. Tor would be
unable to tell. That's why someone came up with Trusted Computing. But
that has enough evil uses to make its implementation a bad idea.
>
>
> On 12/2/06, *Total Privacy* <nosnoops at fastmail.fm
> <mailto:nosnoops at fastmail.fm>> wrote:
>
> "Tim Warren" <tewarren at gmail.com <mailto:tewarren at gmail.com>> said:
> > Maybe you could answer a question for me. Should I NOT login in to
> > a site, such as a bank, when using Tor? Or do I need to make sure
> > it is https:?
> >
> > Appreciate any clarification.
> >
> > Thanks,
>
> I´ll put it this way, if you are registered as your real identity
> on your bank (and not going to hack somebody else´s account), then
> just log in by https directly from your machine/ISP. No need for
> hiding by using Tor.
>
> Then about malicious nodes. Since the Tor is be open source, it
> gotta be decompilable reversing ingengeering to whatever anybody
> want with it, such as example tap out data in between itself or
> log what in is what out to middle node and so on. If not, why not?
>
> A soution could be to set up a private "Tor police force" and let
> everyone that want to be accepted as a part of the system, sign
> a legally deal to let this international Tor police force (how
> about the name TPF or ITPF or TIPF) at any moment without warning
> run in to every Tor computer node/router room and get full access
> to everything in it. Of course the members of such "police force"
> should be hand picked by comprehensive test (lying detectors and
> lot of advanced stuff) to be legitimated. Every aproved Tor node
> runner should then be very happy to be granted vit such visit of
> the Tor International Police Force, because if they not find a
> compromised, modified, malicious Tor software, You´r clean!
>
> BTW, now I´ve also received a maybe fishing from "Hokata Japan Ltd"
> about some business and money transactions. Funny or not, the IP
> was from Italy!
>
> At last, I´m considerating to switch from Windows to Unix (Linux)
> and hope it is user friendly with Tor. Anybody knows about it?
>
> --
> http://www.fastmail.fm <http://www.fastmail.fm> - Does exactly what
> it says on the tin
>
>
--
They who would give up essential Liberty to purchase a little temporary
Safety, deserve neither Liberty or Safety
--Benjamin Franklin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 249 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20061202/75b829d8/attachment.pgp>
More information about the tor-talk
mailing list