wiki:doc/TransparentProxyLeaks

Abstract

When you are using Tor as a TransparentProxy (see TransparentProxy and Whonix for more information) this will add advantages and disadvantages for your privacy. It's recommend to read the whole article before you start using Tor as a TransparentProxy.

An IsolatingProxy overcomes most, if not all of these issues.

All systems

Identity correlation through circuit sharing

Linux and Windows

Any software which monitors the clipboard is potentially dangerous. Example: download managers and AntiVirus

Some of them support monitoring the clipboard. If you copy a link inside the torified virtual machine the download manager or AntiVirus on the host might scan the link for availability or malware. At this time you are viewing a link over an anonymous and non-anonymous channel at the same time.

Windows

general

There is no list of outgoing connections which Windows will initiate after a default installation. If you found such a list you can delete this part and add the source to the list.

  • What is transmitted after asking the user? (such as Windows Error Reporting)
  • What is transmitted in background without the users explicit knowledge? (such as time synchronization, WGA)
  • Is the transmission encrypted? (for example time synchronization is most likely not and can therefore be sniffed by the exit node)
  • Is the transmission authenticated? (for example time synchronization is most likely not and can therefore be spoofed by the exit node)
  • What else is being send in background? (such as Windows media player automatic codec download, authenticated, safe of manipulation of exit node?)
  • Windows Defender, what is being sent?
  • web search for unknown file types, what is being transmitted?
  • online driver search, what is being transmitted?

Too many open questions.

And here are the lists with answers:

There are also downloadable versions (.doc format) for some of these documents. My impression is that Microsoft URLs change quickly, so it is probably best to search for "Controlling Communication with the Internet" and to download the information locally before the URLs become obsolete.

Windows Media Player

some concerns

Windows Error Reporting

Windows Error Reporting sends contents of your RAM to Microsoft (and possibly their partners?). Is that transmission properly encrypted or can the exit node spy on it?

Windows Update

problem

To download operating system updates is widely recommend in security guidelines, but in this case...

It is honorable if you like to download operating system updates (Windows Update) over non-Tor connection. An ethical reason to do so is that Tor can't handle the load of massive downloading. Another less noble, but still valid reason, is because this takes the whole day.

While setting up a Transparent Proxy it is tempting to download all Windows Updates for the Windows Tor-Workstation over non-Tor, to torify afterwards and in the future to download the few missing updates over Tor. This might be dangerous!

This is what Microsoft admits to log when you do a Windows Update. Windows Update privacy statement

  • Computer make and model
  • Version information for the operating system, browser, and any other Microsoft software for which updates might be available
  • Plug and Play ID numbers of hardware devices
  • Region and language setting
  • Globally Unique Identifier (GUID)
  • Product ID and Product Key
  • BIOS name, revision number, and revision date

If Microsoft were evil, compromised or forced by someone (such as law enforcement)...

  • they log your non-Tor-IP and identify information the first time
  • they log your Tor-IP and identify information the second time
  • then they connect your identify information, your non-Tor-IP and your Tor-IP
  • at this time your Tor-IP is most likely used by a lot of other Tor users, but specially (not exclusively) if you have a fixed IP this limits your anonymity

Windows Update is not safe against MITM''' See Flame virus can hijack PCs by spoofing Windows Update. Exit nodes can potentially MITM!

3rd party software update

Many 3rd party programs in Windows come with their own automatic software updater. Not all of them sign and verify what they download. If you suspect this is the case, disable automatic updating, and download, verify and install manually.

solution

A

Use another operating system.

B

If you do not wish to do that, turn of automatic windows updates. Rather do windows offline updates (google it), there are applications which download all updates for you and let you install them offline on another machine.

Drawbacks: It has not been researched yet if any of those updates itself will send identify information to Microsoft, it happened in past, for example with Windows Genuine Advantage (WGA).

This is not a finished solution.

Antivirus Software

Antivirus Update

Similar to Windows Update. Even the free ones use unique serial numbers. When you update your antivirus software it will also at least transmit the serial number (identify information) and they can also potentially log your IP (Tor or non-Tor) as well.

Check your antivirus software, check it's privacy statement.

Antivirus Software uploads your data for "remote scanning"

This list is unfinished:

  • It has been reported that Eset will upload files and other identify information to the antivirus vendor.
  • Avira has a "proactiv" feature, I haven't checked that, but it seams that it will (yet) only do this with the users consent. As of right now it also uploads only executables, but there are also macro viruses in documents and potential exploits in media files, so what will be uploaded next?
  • Modern KasperskyLab AV products send hashes of the files to Lab's servers. This can be dangerous, there is a rumor of accident when an unrelated person was questioned by FSB (the Lab is closely related to it) because of a piece of malware on a PC having the same hash that had a malware attacked some government organization.
  • A new trend is not to scan locally but to upload all files into a cloud for remote scanning, example: Panda Cloud Antivirus. This might save local CPU, but is very bad for privacy.

Other Antivirus software have not been researched yet. Post your findings and your source.

Linux

This problematic has a lower weight here but this doesn't mean you don't have to be careful.

Most software is free and therefore no serial numbers are needed.

But there is also proprietary software, priceless software and commercial software. Such as non-free antivirus like Antivir for Linux (and many others), they also need serials numbers and then the same leak, like described in the Antivirus section in the Windows section do apply as well.

Last modified 19 months ago Last modified on Mar 7, 2016, 6:11:30 PM