On 02/28/2011 03:30 PM, Robert Ransom wrote: > On Mon, 28 Feb 2011 15:02:40 -0500 > thecarp <[email protected]> wrote: > >> After the whole discussion about "gatereloaded" and "badexits" I was >> thinking a bit about the discussion and wondering if there is a way to >> add a bit more protection to people who are, well, newbs. As one article >> pointed out: >> >> "many who use Tor mistakenly believe it is an end-to-end encryption >> tool. As a result, they aren't taking the precautions they need to take >> to protect their web activity. " >> >> This is a similar, but not exactly the same problem. Clearly blocking >> all port 80 would be pretty harmful to a lot of use. However, for >> protocols like pop3 or imap, the case for allowing them is clearly not >> as strong, though, the case for banning them completely or requiring >> exit nodes to carry both is... pretty dubious (especially given that >> some people will run things on non-standard ports anyway). > Connections to the plaintext POP3 and IMAP ports may be secured using > the STARTTLS command.
I always forget about STARTTLS You are absolutely right of course, and that applies to other protocols as well. >> So here is my thought, what do people think of a configuration item in >> tor, setup to be "on" by default, which blocks attempts to go to certain >> ports at the proxy level, but allows users to turn this "protection" off >> if they wish to? Maybe make the list of blocked ports configurable. > This enables attacks against users' anonymity -- for example, a web > page at <http://evil-site.example.com:80/> could include > <http://evil-site.example.com:110/foo.png> as an inline image to > distinguish users who have configured their Tor client to allow > connections to port 110 from those who have not. > The only hole I would shoot in that is that, as I mentioned, polipo is already blocking access to many ports by default, and so this sort of attack is already possible for some of those ports. Actually that makes a good case for not running anything on ports that polipo blocks by default, since any change there could be detected so easily. I never thought of that. Good anonymity really is a much harder problem than it would seem. It really is amazing the number of ways it can fail.... and in such simple ways. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
