----- Forwarded message from Tim Retout <diocles@debian.org> ----- Date: Thu, 10 Oct 2013 23:25:18 +0100 From: Tim Retout <diocles@debian.org> To: freedombox-discuss@lists.alioth.debian.org Subject: Re: [Freedombox-discuss] Tor Message-ID: <1381443918.9831.69.camel@air> X-Mailer: Evolution 3.8.5-2 On Tue, 2013-10-08 at 11:04 +0200, Petter Reinholdtsen wrote:
So to me, it seem like routing all traffic through Tor bring the advantage of making it harder to track your location while changing the set of people that can perform MITM attack on you. It is not like using Tor for everything is introducing some new threat. It is already known that NSA and China rutinely perform MITM attach on non-Tor traffic, and I assume others do as well. So we are left with probability calculations instead to evaluate the threat.
I agree to some extent, but my assessment of the probabilities is still that using Tor unencrypted is going to cause you new and interesting security problems. Privacy and anonymity are different things, and actually I am more worried about privacy first. There's no point using Tor to access a cloud-based email service. I want to focus on getting everyone's data decentralized, and their communications encrypted.
While talking about these topics with a friend, I just got a tip about PORTALofPi, which is a ARch based Raspberry Pi setup to force all traffic over Tor. See <URL: https://github.com/grugq/PORTALofPi/ > for that recipe.
Grugq's writing is very interesting: http://grugq.github.io/ He recommends using a VPN over Tor to avoid monitoring by malicious exit nodes (which of course won't avoid monitoring by the VPN provider): http://grugq.github.io/blog/2013/06/14/you-cant-get-there-from-here/ http://www.slideshare.net/grugq/opsec-for-hackers (NSFW, slide 137 onwards) -- Tim Retout <diocles@debian.org> _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5