Delivery-Date: Mon, 27 Apr 2015 15:57:50 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_MED,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 27C261E0A26
	for <archiver@seul.org>; Mon, 27 Apr 2015 15:57:48 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id EB87231690;
	Mon, 27 Apr 2015 19:57:43 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 2161C30653
 for <tor-talk@lists.torproject.org>; Mon, 27 Apr 2015 19:57:41 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Ilk90Rk624DI for <tor-talk@lists.torproject.org>;
 Mon, 27 Apr 2015 19:57:41 +0000 (UTC)
Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.200])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.hushmail.com", Issuer "smtp.hushmail.com" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id DDA3920E3E
 for <tor-talk@lists.torproject.org>; Mon, 27 Apr 2015 19:57:40 +0000 (UTC)
Received: from smtp3.hushmail.com (localhost [127.0.0.1])
 by smtp3.hushmail.com (Postfix) with SMTP id E6494E0A01
 for <tor-talk@lists.torproject.org>; Mon, 27 Apr 2015 19:57:37 +0000 (UTC)
Received: from smtp.hushmail.com (w7.hushmail.com [65.39.178.32])
 by smtp3.hushmail.com (Postfix) with ESMTP
 for <tor-talk@lists.torproject.org>; Mon, 27 Apr 2015 19:57:37 +0000 (UTC)
Received: by smtp.hushmail.com (Postfix, from userid 99)
 id 9B507412BA; Mon, 27 Apr 2015 19:57:37 +0000 (UTC)
MIME-Version: 1.0
Date: Mon, 27 Apr 2015 15:57:37 -0400
To: tor-talk@lists.torproject.org
From: "l.m" <ter.one.leeboi@hush.com>
In-Reply-To: <553C16A2.8060300@rawbw.com>
References: <20150416215238.37FBBC03DD@smtp.hushmail.com>
 <55315DC9.50802@sophiehassfurther.com>
 <20150424000609.73C53E04DA@smtp.hushmail.com>
 <5539FE14.8040503@sophiehassfurther.com>
 <20150425174822.BA18A40C08@smtp.hushmail.com>
 <20150425182047.CB91F40C09@smtp.hushmail.com> <553C16A2.8060300@rawbw.com> 
Message-Id: <20150427195737.9B507412BA@smtp.hushmail.com>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] TorBirdy seems to connect to the same exit node
	again and again
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi Yuri,

>If this is the concern that request to check.torproject.org might 
>compromise security, this is the clear indication that TorBirdy/TBB 
>aren't adequate for the requirements. Clearly, such people should
switch 
>to VM isolation, and there is no need to ever go to
check.torproject.org 
>from there, and there is no risk even if one does.
>
>Yuri

Good point. It's true, there's no such thing as enough security if the
consequence is high. To be fair though PT-design has come a long way
from the classical bridge. It's not uncommon to attempt to evade
detection by obfuscation of the protocol at the bridge itself. A
properly configured VM would provide a benefit here. What's to stop a
whistleblower from carrying around a custom TBB/TorBirdy instance that
uses unpublished bridges (hosted by some friendly nation)? No more
than carrying around a properly configured VM or live boot of Tails.
I'm just saying *if* a patch were to propose making the 'test proxy'
option more accessible it would (likely) be shot down. The only
reasonably sane way to do so would be to include an actual proxy test
that links to the optional ip check. For consistency, if nothing else.
As long as the proxy test succeeds I can't imagine why the ip check
would be needed except maybe for debugging.

--leeroy
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

