Re: Are There Any Web Based Remailers Left?
- From: Sheik Yurbhuti <sheikyurbhuti@xxxxxxxxxxx>
- Date: 2 Jun 2006 16:26:26 -0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
"nemo_outis" <abc@xxxxxxx> wrote:
Borked Pseudo Mailed <nobody@xxxxxxxxxxxxxxxxx> wrote in
news:3ceac0810393d77c16859a199acca7c5@xxxxxxxxxxxxxxxxx:
nemo_outis wrote:
Incidentally, for those who care to emulate my practice, you
change the forward-socks4a line in Privoxy to read:
forward-socks4a \ 127.0.0.1:9050 someanonymoushttpproxy.com:80 (or
whatever its name/port combo is)
This is an absolutely HORRIBLE thing to do to your anonymity.
Privoxy was never designed as an anonymity tool, and this is a
perfect example of a feature that proves that.
Privoxy is not asked to be an anonymity tool. No, Privoxy just does
what it has always done: stripping headers and such going out, and
filtering stuff coming in. Privoxy is used here to provide a
convenient mechanism for adding an *additional* proxy at the far end
of the Tor chain.
The poster brings up a valid issue in my opinion, although I don't
know if I'd call it "HORRIBLE". ;) The Tor software is specifically
designed to generate mutable chains, including exit nodes, as one of
its defenses against traffic analysis. By consistently appearing to be
coming from some third party location you effectively circumvent part of
what Tor is designed to do.
It's also important to remember that Tor selects entry nodes from a
smal pool of trusted nodes as far as the end user is is concerned. This
might also negatively impact the security of your chain in a serious
way if you don't allow yourself to be seen as "mobile" from the
perspective of anyone watching the network.
It's not only "security through obscurity", but Tor is already known
to be relatively weak in the traffic analysis department.
Tor's main purpose is making traffic analysis difficult; if it can't
do that - as you seem to think - then the Tor folks had better give
up and turn to knitting as a hobby.
Tor's main purpoase is to break the path between users and their
activity. It does this in a number of ways, one of them being adding a
level of difficulty to any traffic analysis attempt. But traffic
analysis is still Tor's Achillie's heel, if it has one at all.
To the contrary, while not perfect, and while constantly being
improved, Tor provides very strong protection against traffic
I'd say that quite the opposite is true, and the developers agree if
you read their list or IRC chat. Tor is specifically heading in a
direction that sacrifices small amounts of technical security in favor
of usability. The change to a pool of trusted entry nodes is one
example. It improved reliability and speed considerably, but was still
recognized as a "justified" sacrifice of a small amount of security.
analysis for real- time internetting. Arguably, it's the best thing
currently out there. (And, yes, I have read Tor's disclaimer.)
I wouldn't even say arguably. I'd go all the way and call it the best
available real time anonymous tool without question. :)
By
channeling all your exit traffic through a central focal point you
reduce an attacker's work load exponentially. No longer would they
have to collate traffic entering at X points with traffic exiting a
Y points, they need only examine the entry nodes.
The global passive adversary - which can watch all Tor entry and exit
nodes - is already one of the presumed main threats to Tor. My
method introduces no additional weakness regarding such an adversary.
Everything you do to remove diversity from your overall connection adds
weakness. Whether or not it's significant weakness is debatable, and
often times subjective, but you can't flatly state that it's not adding
weakness because it does.
[...]
If all you have is a hammer every problem looks like a nail. Unlike
you, however, most folks have the wit to know it is another tool in
the toolbox, not the whole toolbox.
Well, you *did* claim that you used this particular hammer without
deviation. I believe your word was... "never", was it not? :)
The relay proxy in Privoxy can be disabled or changed as frequently
as desired - every minute or so if one wants (one may have a list of
How? By editing a config file? I seriously doubt most people would be
prudent enough to keep up with this, especially when Tor will replicate
it automatically. It's best to let the software do the job it's
designed to do I'd say, and reserve your method for special occasions
like the denied access problems you brought up.
-----BEGIN PGP SIGNATURE-----
iD8DBQFEfxZsno5iexlRIBERA3n4AJ9TP1UQol8qaPnyyOoYHhZdT+wVkQCgpHRF
Z9ydfE+QbENXAmky4xn5pdg=
=xuCo
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.eu.org
for abuse and hashcash info.
.
- Follow-Ups:
- Re: Are There Any Web Based Remailers Left?
- From: nemo_outis
- Re: Are There Any Web Based Remailers Left?
- From: Stephen K . Gielda
- Re: Are There Any Web Based Remailers Left?
- References:
- Re: Are There Any Web Based Remailers Left?
- From: nemo_outis
- Re: Are There Any Web Based Remailers Left?
- From: Borked Pseudo Mailed
- Re: Are There Any Web Based Remailers Left?
- From: nemo_outis
- Re: Are There Any Web Based Remailers Left?
- Prev by Date: Re: BitCrypt is now donation-ware
- Next by Date: Re: Are There Any Web Based Remailers Left?
- Previous by thread: Re: Are There Any Web Based Remailers Left?
- Next by thread: Re: Are There Any Web Based Remailers Left?
- Index(es):
Relevant Pages
|
|
