[tor-talk] Operating system updates / software installation behind Tor Transparent Proxy

proper at secure-mail.biz proper at secure-mail.biz
Sat Mar 3 08:46:43 UTC 2012


--- Ursprüngliche Nachricht ---
Von: grarpamp <grarpamp at gmail.com>
Datum: 02.03.2012 07:45:20
An: tor-talk at lists.torproject.org
Betreff: Re: [tor-talk] Operating system updates / software installation  behind Tor Transparent Proxy

> On Thu, Mar 1, 2012 at 11:31 PM, Andrew Lewman <andrew at torproject.is>
> wrote:
> > bittorrent trackers are fine, it's the bulk download of GB of
> data 7x24
> > that loads up the network.
>
> Wanted to add a bit here from
> another view.
>
> I see no issue with bulk data transfer, so long as you give
>
> back empty bandwidth equal to your impact on Tor.
>
> If you're using an exit,
> provide an exit/relay at the same bandwidth
> as you use by it, 3x-4x your
> use due to hops.
>
> If you're using an onion, provide 6x-7x what you use in
> return.
>
> If you can't, then yes, you're being a leech upon Tor.

It's lame so or so. The exit node admins will have
to deal with copyright infringement complaints.

> Whether
> it's OS updates, pron, youtube, torrents, it's all
> the same... bandwith and
> circuits. Whether entirely within Tor
> (onion2onion) or via exits. Please
> compensate via giving back
> your impact accordingly and all should be fine.
> If not, yes, Tor
> will fall over and you are to blame. You know what to do,
> do the
> right thing.

Good.

> Any OS worth its salt will do updates via TLS and
> check
> certs, etc. But really, why can you NOT adjust your
> rules and update times
> to do your updates over the clearnet
> directly??? Seriously, does anyone block
> or infect clearnet
> updates for which Tor would truly be needed? I highly
> doubt it.
> And if they do, is Tor any more trusted being overlaid over
> clearnet?
> No. So just use clearnet.

In case of the operating system behind the transparent proxy that is very difficult.
It weakens the isolation of that system. Malware could phone home. We discussed this extensively. [1]

> Yes, I would not trust Windows to not broadcast
> your MAC
> or firmware ID (which is not easily or authoritatively changeable
>
> under win) to their update system, nor your MAC/UUID
> (though lesser so) under
> unix.

No need to trust or distrust. You can know it. A lot phone home is ongoing. I documented it and posted the source. [2]

<snip>

> > I expect that tor the
> protocol and network should punish me for
> > asking to transfer so much
> data.

Yes. (technical details not covered)

[1] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/ClientVM#updatesoverTorshouldnotwasteTorbandwidth
[2] https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxyLeaks#WindowsUpdate

______________________________________________________
powered by Secure-Mail.biz - anonymous
and secure e-mail accounts.



More information about the tor-talk mailing list