-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Rusty,
this is an interesting concept. Do you know Whonix [0]? (Full disclosure: I am a maintainer of Whonix.) It is an Isolating Proxy [1] with an additional Transparent Proxy [2] (Anonymizing Middlebox), which can be optionally disabled. Rusty Bird: > # corridor, a Tor traffic whitelisting gateway > > There are several transparently torifying gateways. They suffer > from the same problems: > > - It's tricky to isolate circuits and issue NEWNYM signals, > especially if multiple client computers are involved. - Any garbage > software can pump identifiers into "anonymous" circuits, and get > itself exploited by malicious exit nodes. - Trust is centralized to > the gateway, which is bad enough when used by one person, and just > inappropriate when shared with strangers. > > **corridor takes a different approach. It allows only connections > to Tor relays to pass through (no clearnet leaks!), but client > computers are themselves responsible for torifying their own > traffic.** What's the threat model here? As I understand, it's ensuring stream isolation for one workstation while another workstation is compromised. Please correct me, if I am wrong. In comparison, Whonix's threat model is that applications running on the workstation are not to be trusted. Even malware on the workstation with root rights shouldn't be able to find out the user's real external IP address. With corridor, the workstations are allowed to contact any Tor relay, right? The problem is, anyone, including adversaries can run Tor relays. Since the corridor gateway will allow the workstation to connect to any Tor relay, an adversary "only" needs to set up it's own Tor relay and once an application on the workstation (such as the browser) is compromised, can find out the client's real external IP address. I am wondering if the advantages of corridor and Whonix can be combined. Without running Tor over Tor, which is recommended against. [3] Cheers, Patrick [0] https://www.whonix.org [1] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IsolatingProxy [2] https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy [3] https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO#ToroverTor -----BEGIN PGP SIGNATURE----- iQJ8BAEBCgBmBQJS/jOOXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2RTk3OUIyOEE2RjM3QzQzQkUzMEFGQTFD QjhENTBCQjc3QkIzQzQ4AAoJEMuNULt3uzxIc+YQAIVRTyaIontkr3CTsF45EKXY 32NcfVcA0U2TuTu6cHekrp4qE2Bou91biurzOCudsniExF4WEcezwoXzfr5NMI2V 6ZPhAKoo2Xb2cCiY2f/itdhcMc3JximclhM7g34ABqmeIMbN1bCK+zjN6/sj0jZB FMqyBIQuMCLQ3aaVlcu8HxhfAgZCV8brnC0QIHpq6uTo3VGRkCu9OjMtSM6h/hgN Y8t+jPKaRu6iP7nFz77BaxxDureACnUZeyAW8CNd1zUnDBA2b19YWSisJyXmjsIa GDcQu4gFo4F9jvcQIsovp1uCs5wnIRTANyg1aS221AK3uHJIbQgz1zNOlvBPwNYb jrby2ZWGFqOVzTlxBwaTi3EYpjSFYEWijtSkb0aF+Qv1xsB4+3AYdKDfjbT2MEbS bII4Y9lHcsTjvFmVkqMBz6AbjTc0tUshiVEBqnUnYIrA36iH+sDL20iexnwLynP+ 2F4iFSG+7TgvfqV2ap2f73+hOcMeLJ4P7vi0bD+C/SIF8XmXSW9Y6P6u1g1e2Jkj IW0XZ8ovA+kYDyj6yLU2n68LvcrnP3mzVivw6kYRYxIC+CIWt2hIdPidYT1KNbC5 yYK9tElYnHpDCFWMmXeU3/N5qkq02YfW5TwZ1iikQDcP2eeWfWFHN4IUMWepchiT qHgbQMZChkxZYgOkq4Ut =jNc8 -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
