#16824: Emit a warning message about side channel leaks when using relays as clients -------------------------------------------------+------------------------- Reporter: starlight | Owner: (none) Type: defect | Status: | needs_review Priority: High | Milestone: Tor: | 0.3.5.x-final Component: Core Tor/Tor | Version: Tor: | 0.2.6.10 Severity: Normal | Resolution: Keywords: mike-can, tor-client tor-relay | Actual Points: sidechannel logging easy | Parent ID: | Points: 1 Reviewer: | Sponsor: -------------------------------------------------+-------------------------
Comment (by starlight): Seemed to me a warning would arrive once client activity commenced on a traffic forwarding relay. Had not considered how it would be implemented, whether SocksPort!=0 and ORPort!=NULL would trigger it. Perhaps the message should emit on the first socks connection when ORPort is configured? Or perhaps SockPort=0 should default when ORPort is set and the message arrive when both are asserted? To quote my earlier self: > 2) some consider it a reasonable idea to configure a client > and relay in the same daemon instance with the belief > that this would obfuscate local client traffic to some > degree; but with the implementation as it presently > stands such an idea is false and should be denigrated The idea of the warning is to alert users to potential risk, in consideration of the time and effort that will likely pass before the risk is alleviated. Already quite some time has passed. Mike Perry suggested a warning as an alternative to my original idea that such configurations be discouraged via a new configuration, his reasoning in comment:16 above. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16824#comment:42> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs