Wouldn't it just be easier to use Tails? On Oct 21, 2016 7:08 AM, "Dan Michaels" <[email protected]> wrote:
> The Tor Project website recommends various security setups for people > running Tor relays. > > Such as, don't run a web browser on the same machine as your Tor relay, > otherwise the browser could get hacked, and then if Tor relays are hacked, > it compromises the entire concept of Tor. > > In the age of FBI mass hacking, the FBI will attempt to hack all Tor > relays, and thus, they can trace traffic throughout the entire proxy chain. > > According to NSA documents, all it takes is "one page load" to infect a > browser, because they re-direct you to a fake website that hosts browser > exploits, known as QUANTUM INSERT. The FBI will use this to take over all > Tor relays that are running web browsers. > > So, I have a suggestion that I would like Tor Project to recommend. > > Tor Project needs to tell people.. use DUMB COMPUTING devices for running > Tor relays. > > If your computer gets hacked, it can be deeply exploited in the firmware, > such as BIOS, GPU, WiFi chip, etc. > > There are devices on the market, such as Raspberry Pi, or similar, which > have NO WRITABLE FIRMWARE. > > This is known as being "stateless". > > It does not "hold state" across reboots. > > All firmware/drivers are stored on the SD card on the Raspberry Pi, and > only loaded in on boot time. No component on the entire Pi holds state. > NONE. There will likely be other similar devices. > > Therefore, it is truly possible to wipe a dumb computing device completely > clean. > > If you try to wipe a regular laptop or desktop, you may have all this > deeply infected firmware, such as BIOS, so you keep getting re-infected > upon startup. > > Some people say, once deeply infected, it's near-impossible to clean it > out, and you should just throw away your entire laptop and start again. > > Everyone running a Tor relay should be told to use a DUMB COMPUTING DEVICE. > > Another advantage is that these devices are often very cheap. Raspberry Pi > is very cheap to buy. Other devices may be even cheaper. > > The instructions should be as follows... > > (1) Wipe your device clean, i.e. wipe clean the SD card which holds the OS > + all firmware/drivers. > > (2) Then, re-install the OS clean, install Tor, and set up the relay. > > (3) Tor should be installed from the command line or from a > previously-downloaded version on USB stick. Do not install Tor using the > web browser, otherwise you could get infected. > > (4) Do not run anything else on the machine, other than the Tor relay. > Using other programs, especially the web browser, could compromise the > entire machine. > > And that's it. > > Tor Project should send out a message telling all people running Tor > relays to follow these instructions. > > Let me know what you think. > > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > >
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
