Hi Yuri, >If this is the concern that request to check.torproject.org might >compromise security, this is the clear indication that TorBirdy/TBB >aren't adequate for the requirements. Clearly, such people should switch >to VM isolation, and there is no need to ever go to check.torproject.org >from there, and there is no risk even if one does. > >Yuri
Good point. It's true, there's no such thing as enough security if the consequence is high. To be fair though PT-design has come a long way from the classical bridge. It's not uncommon to attempt to evade detection by obfuscation of the protocol at the bridge itself. A properly configured VM would provide a benefit here. What's to stop a whistleblower from carrying around a custom TBB/TorBirdy instance that uses unpublished bridges (hosted by some friendly nation)? No more than carrying around a properly configured VM or live boot of Tails. I'm just saying *if* a patch were to propose making the 'test proxy' option more accessible it would (likely) be shot down. The only reasonably sane way to do so would be to include an actual proxy test that links to the optional ip check. For consistency, if nothing else. As long as the proxy test succeeds I can't imagine why the ip check would be needed except maybe for debugging. --leeroy -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
