by h0ek on 4/12/21, 5:53 AM with 30 comments
by TorDev on 4/12/21, 11:14 AM
Sorry for the uppercase, but transparent proxies are dangerous, *especially* if users are not aware of them.
Applications that are not explicitly designed to use Tor can often leak data or be vulnerable to malicious exit nodes.
Also, this pattern can create false sense of security.
See warnings:
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/Transp...
by traspler on 4/12/21, 8:26 AM
I'm still not sure where such a solution would be a good choice though. Getting access to the broader, uncensored internet is also not as easy as it seems in countries where this applies, e.g. China, as even getting an entry node that works is not easy so this is not a plug'n'play option anymore for that.
by gradschool on 4/12/21, 11:26 AM
by hnjst on 4/12/21, 10:07 PM
> [...] it is strongly advised not to use TorBox if your well-being depends on your anonymity. In such a situation, it is advisable to use Tails [...]
My advice for anyone considering this kind of setup (tunneling blindly a set of clients through tor) would be to 1) make sure they understand the limitations of the approach, especially when clients behave "normally" (a.k.a. actively leaking identifying information) while sharing a circuit and 2) have a look at the considerations that projects like the tor browser or tails are focusing on in order to measure how fragile tor "anonymity" features are.
I feel it's useful to insist on it: DON'T RELY ON THIS KIND OF SETUP FOR CRITICAL OPS.
Besides these warnings, I have a hard time figuring a sensible use case for this (I may lack imagination though). One useful (but unrelated, from what I got from my quick glance on TFA) feature of tor that I enjoy and that is orthogonal to its "anonymity" features is the ease of exposing an onion service (reverse tunnel like) from inside a firewall'd/NAT'd network.
by vmception on 4/12/21, 8:15 AM
I just want the tiny computer router out the box loading this
anybody have that?
by nuker on 4/12/21, 9:41 AM