Raviji: > On Fri, 12 Oct 2012 13:12:53 +0000 > adrelanos <adrela...@riseup.net> wrote: > >> Raviji: >>> On Fri, 12 Oct 2012 11:38:34 +0000 >>> adrelanos <adrela...@riseup.net> wrote: >>> >>>> Outlaw: >>>>> Hi! Let`s say main linux user A is cut off from Internet with iptables, >>>>> user B starts Tor. If I run TorBrowser by user A, connect it to Tor >>>>> (which is started by B) with socks and turn on flash plugin, is there >>>>> any security/anonimity leak in this scheme? Thank you. >>>> >>>> If you ever use or used Flash without Tor, your Tor session can likely >>>> be linked to your non-Tor session. (Flash Cookies, browser fingerprint, >>>> fonts, os, kernel, dpi, etc.) >>>> >>>> I believe my project Whonix is currently the safest method to use Flash. >>>> IP/DNS/location remains safe, but Flash usage will always be only >>>> pseudonymous rather than anonymous. Linking your sessions will be >>>> limited to your activity inside the Workstation. Details: >>> >>> whonix is nice, but heavier on system with virtual box. >> >> Indeed, thats a major drawback. Thought with some tweaking you could >> switch from KDE to Openbox, reduce RAM... Finally lower RAM requirements >> to ~400MB or so. >> >>> Where a system wide tor enforcement is a good alternative. >>> It is possible with iptables. We might think about a service, >>> when start do system wide tor enforcement, when stop revert back >>> the system to normal mode. >>> >>> Though I am not successful yet to exclude the lan from this enforcement, >>> as I need to access some local IP directly. I need some more understanding >>> with iptables. Can anyone help me with the iptables please ? >> >> Did you read my first sentence in my first reply? >> >> "If you ever use or used Flash without Tor, your Tor session can likely >> be linked to your non-Tor session. (Flash Cookies, browser fingerprint, >> fonts, os, kernel, dpi, etc.)" >> > > But can it still pass as the firewall drops all non tor connection ? > > Yes, I agree, it still carry the browser fingerprint, fonts, os, kernel, dpi, > etc.. > and that's why your whonix is nice.
> Can you make it little bit low fat :-) I don't think so. Just updated the FAQ on that topic: https://sourceforge.net/p/whonix/wiki/FAQ/#why-are-the-whonix-images-so-big _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
