Eben King wrote:
> If you want more privacy/anonymity/security in your online dealings,
> look into Tor at http://tor.eff.org . It's easy to set up, only two
> programs, one of which I already had:
>
> -rwxr-xr-x 1 root root 159776 Oct 10 2005 /usr/sbin/privoxy
> -rwxr-xr-x 1 root root 538624 Dec 15 14:41 /usr/sbin/tor
>
> There's a link there to a video of the designer(?) giving a
> presentation about it at a hacking convention in the Netherlands (I
> think).
>
> I set it up, and while throughput is good once a connection is
> established, each DNS request also goes through the Tor network, and
> is actually executed who-knows-where. I'm setting up a caching DNS
> server as we speak; that should make it snappier.
Realize that any un-encrypted sessions you make through the tor network
are available for whatever node you bounce through to sniff. For, say,
passwords and session credentials.
If I were a bad bad person, I'd probably be running a few tor nodes
sniffing for obvious authentication credentials to hijack accounts. I'm
just saying..
Also, if you are considering running a tor server, realize that you are
allowing people to make socket connections through your server to obtain
or serve potentially illegal content or sources. Legally, you might want
to make sure that classifies you as a common carrier, or be ready to
service subpoenas.
It's not the panacea for everyone. It serves a purpose. Be careful and
make sure you understand what you're getting yourself into.
You really want to be careful how you use it here in the states...
(Patriot act, etc)
Then again, IANAL. So YMMV.
- Ian C. Blenke <ian@blenke.com>
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS). Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:35:51 EDT