[tor-talk] Flash, Linux and Tor

Raviji raviji157 at gmail.com
Fri Oct 12 12:40:37 UTC 2012


On Fri, 12 Oct 2012 11:38:34 +0000
adrelanos <adrelanos at riseup.net> wrote:

> Outlaw:
> > Hi! Let`s say main linux user A is cut off from Internet with iptables,
> > user B starts Tor. If I run TorBrowser by user A, connect it to Tor
> > (which is started by B) with socks and turn on flash plugin, is there
> > any security/anonimity leak in this scheme? Thank you.
> 
> If you ever use or used Flash without Tor, your Tor session can likely
> be linked to your non-Tor session. (Flash Cookies, browser fingerprint,
> fonts, os, kernel, dpi, etc.)
> 
> I believe my project Whonix is currently the safest method to use Flash.
> IP/DNS/location remains safe, but Flash usage will always be only
> pseudonymous rather than anonymous. Linking your sessions will be
> limited to your activity inside the Workstation. Details:

whonix is nice, but heavier on system with virtual box.
Where a system wide tor enforcement is a good alternative.
It is possible with iptables. We might think about a service,
when start do system wide tor enforcement, when stop revert back
the system to normal mode. 

Though I am not successful yet to exclude the lan from this enforcement,
as I need to access some local IP directly. I need some more understanding
with iptables. Can anyone help me with the iptables please ?

Thanks



More information about the tor-talk mailing list