Changes between Version 4 and Version 5 of doc/TorBOX/Dev/ArchivedDiscussion/OPTIONALFEATURE

Aug 16, 2012, 10:29:30 PM (7 years ago)



  • doc/TorBOX/Dev/ArchivedDiscussion/OPTIONALFEATURE

    v4 v5  
    471471 * (proper) Most of this ticket is done. I'll move it to closed tickets. This ticket is quite big, too big for my preference. The only thing, which is not done yet, is researching how to add PPTP VPN's to Tor-Workstation and to research if there are any free PPTP providers, which do not block UDP. We could list them, to enable people to have this alternative method for tunneling UDP over Tor and/or to use other anonymzing networks over Tor. A new ticket can be created for that.
     473== [OPTIONAL FEATURE] [0.2] Stream isolation workaround removed [DONE] ==
     474 * (anonymous) I don't find anything in the linked mail regarding this specific issue.
     475 * (adrelanos) Oh sorry, it was the wrong link. [ tor-talk Tor's stream isolation features defaults] is the correct one. Second to last paragraph.
     476 * (anonymous) IsolateDestPort obviously doesn't work for web browsing - those other cases were it could make sense we are using the SOCKS port isolation. However, according to the email the only problem with IsolateDestAddr is performance (which was mentioned in the old comment). It's a perfectly valid workaround if security is the only objective. The decision to remove it - even if just optional - is arguable, but was for the wrong reason.
     477 * (adrelanos) Different SocksPort are isolated anyway. I see, security depends on application / protocol. For example POP on different ports were isolated, even if they were not configured to use different SocksPorts. We can add it again if do not advertise it as workaround for isolate by sockauth (Tor Browser tab isolation).
     478 * (adrelanos) Added again.
     479 * (anonymous) "Unfortunately it can not be used as a workaround for bug #3455" IsolateDestAddr is a workaround for that, it only works too well (not just tab isolation but address isolation for every 3rd party content). If you were to only visit sane sites (this one; correctly configured https in general, most .onion) there is no 3rd party content and it works just as well as referer based isolation. That's how I understand it at least.
     480 * (adrelanos) #3455 also theoretically (assume remaining fingerprinting and linking bugs are closed or not exploited) support multiple identities on the same IP (of course makes only sense for high visitor sites). It would only provide a false sense of security. Sometimes different URLs point to the same server and the user sees only the domain name and assumes they are separated. If we want to recommend that, we should explicitly ask tpo if its going to work as expected.
     481 * (anonymous) I don't want to recommend those features, they are purely optional. What's missing is a comment to add IsolateDestAddr to the TBB SOCKSPort.
     482 * (adrelanos) I don't see what's missing. It's already noted, not to expect security from using it with TBB SocksPort.
     483 * (anonymous) That's were I disagree, I don't see how it doesn't provide security. In some ways it provides better security, more than needed for sure but not a false sense of security. Both strategies, referrer based and IP based, have their peculiarities. I too prefer the more performance oriented solution, but right now that's not a choice to make.
     484 * (adrelanos) Feel free to document that. Btw: I would do it myself. I am happy if I can help with anything, with the easier tasks, since I can't hold up with your speed developing nice new things like debootstrap. I can't do it myself, since I am not sure I understand it correctly.