[tor-talk] Review request: TorVM implementation in Qubes OS
adrelanos
adrelanos at riseup.net
Mon Oct 15 18:22:52 UTC 2012
Hi,
I am only commenting by reading the Readme:
https://github.com/abeluck/qubes-addons/blob/master/qubes-tor/README.md
First of all, I find this most interesting!
> Non-comphrensive list of identifiers TorVM does not protect:
> Time zone
Could that be improved by editing /etc/localtime?
> User names and real name
What will be the operating system user name?
> Name+version of any client (e.g. IRC leaks name+version through CTCP)
CTCP can also leak your local time (and therefore including timezone).
> For these reasons TorVM ships with two open SOCKS5 ports that provide
Tor access with different stream isolation settings:
On which IP are they listening?
> Each AppVM will use a separate tor circuit (IsolateClientAddr)
Qubes OS takes care of assigning each AppVM their own local LAN IP?
> Each destination address will use a separate circuit (IsolateDestAdr)
I am not sure, this is a good idea to have as default for any easily
installable "Tor Distro Like" project.
Filesharing traffic already add a lot load the the Tor network. If these
users create a new circuit for each IP they connect to, this might
seriously harm the Tor network.
> For performance reasons less strict alternatives are provided, but
must be explicitly configured.
I am in no position to suggest to disable it, but I guess if the Tor
core members were reading this, they wouldn't like the idea. If they are
not interested in this thread and therefore not reading this, I
recommend to create an extra thread whether it's acceptable to enable
IsolateDestAdr or IsolateDestPort by default for TransPort in a "Tor
Distro Like" project by default for everyone.
> Future Work Integrate Vidalia
Good. Will any settings changed in Vidalia be persistent?
> Future Work Create Tor Browser packages w/out bundled tor
Amazing.
> Future Work Use local DNS cache to speedup queries (pdnsd)
That could make users more fingerprintable.
> Future Work Support arbitrary DNS queries
That could make users more fingerprintable.
What is it needed for anyway? Which things do not work without arbitrary
DNS queries?
> Future Work Configure bridge/relay/exit node
Good.
> Future Work Normalize TorVM fingerprint
I have no imagination what that could mean. Please elaborate.
> Future Work Optionally route TorVM traffic through Tor
What is the motivation behind it?
> Future Work Fix Tor's openssl complaint
Please elaborate, one link is enough.
Cheers,
adrelanos
More information about the tor-talk
mailing list