On Fri, 13 Nov 2015 17:37:12 -0500, Michael McConville wrote: > Uwe Werler wrote: > > Hello list, > > > > I'd like to add a Flavor to tor which allows Tor2webMode: > > This seems like a rare enough use-case that it probably isn't worth a > flavor.
I tend to agree. A tor2web proxy is an extremely rare configuration compared to the total number of tor nodes. I am also opposed to the whole model of making .onion sites available through clearnet. Where a hidden service is needed, it is mostly for content that both the content provider and the recipient may get into legal trouble (or worse) in their respective jurisdictions. While tor2web preserves the content provider's anonymity, it exposes the (often naive) end user to uncertain risks. It is protected by no more than simple SSL/TLS, which makes correlation attacks even easier, especially considering the very limited number of .onion sites out there. An attacker can plausibly deduce the site you're looking at just by inspecting the encrypted traffic. Frankly, I don't think it's ethical to provide people with this particular gun to shoot themselves in the foot (i.e. ruin their life). It is a convenience mechanism to access .onion content on the clearnet that is on .onion in the first place *for a darn good reason*. > It also runs the risk that people will think "Tor2web" is what > they need (plausible, based on the name) and thereby deanonymize > themselves. > > > --- net/tor/Makefile.orig Fri Nov 13 05:25:33 2015 > > +++ net/tor/Makefile Fri Nov 13 04:26:09 2015 > > @@ -12,6 +12,9 @@ > > # BSD > > PERMIT_PACKAGE_CDROM= Yes > > > > +PSEUDO_FLAVORS = tor2web > > +FLAVOR ?= > > + > > WANTLIB += c crypto event m pthread ssl z > > > > MASTER_SITES= https://www.torproject.org/dist/ > > @@ -22,6 +25,11 @@ > > # anyway on FRAME_GROWS_DOWN archs. > > CONFIGURE_ARGS= --with-ssl-dir=/usr \ > > --disable-gcc-hardening > > + > > +.if ${FLAVOR:L:Mtor2web} > > +CONFIGURE_ARGS += --enable-tor2web-mode > > +.endif > > + > > CONFIGURE_ENV+=ac_cv_member_struct_ssl_method_st_get_cipher_by_char=no > > > > DB_DIR= /var/tor > > > > ###################### > > > > --- net/tor/pkg/DESCR.orig Fri Nov 13 05:16:53 2015 > > +++ net/tor/pkg/DESCR Fri Nov 13 05:22:06 2015 > > @@ -1,2 +1,6 @@ > > Tor is a connection-based low-latency anonymous communication system that > > protects TCP streams: web browsing, instant messaging, irc, ssh, etc. > > + > > +In Tor2webMode Tor connects to hidden services non-anonymously but faster. > > +It's useful only when running a tor2web Hidden Service web proxy or to > > connect > > +directly to a Hidden Service without the need of client anonymity. > > > > ###################### > > > > Regards Uwe > > > > -- > > > >
