Delivery-Date: Mon, 02 Feb 2015 14:06:21 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 333C11E094D
	for <archiver@seul.org>; Mon,  2 Feb 2015 14:06:20 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id BDF5C334EF;
	Mon,  2 Feb 2015 19:06:16 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 39132334EF
 for <tor-talk@lists.torproject.org>; Mon,  2 Feb 2015 19:06:13 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id mk9_NVrkRjVb for <tor-talk@lists.torproject.org>;
 Mon,  2 Feb 2015 19:06:13 +0000 (UTC)
Received: from mail2.eff.org (mail2.eff.org [173.239.79.204])
 (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 1A381334ED
 for <tor-talk@lists.torproject.org>; Mon,  2 Feb 2015 19:06:13 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org;
 s=mail2; 
 h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date;
 bh=7r+T5ubSeIKt1BlI2KAX8Yk3P26kK73PiEBBxV4ZtOE=; 
 b=IXLhYAwiT/9QH9GiWLJqGb8I+0990rrYkSuArNl3pvb9FUYoUfdl3Yb4V2nGIipeuG131lJNEsJkVL2d5GeFgdlonnpu9tz+2QbXqRUC/am38LtGNxR+xrvkte2Ak4hT6OKExtrBfmB4exY4sj2xXXkJ/mia0VSCBXot18v+DGE=;
Received: ; Mon, 02 Feb 2015 11:06:10 -0800
Date: Mon, 2 Feb 2015 11:06:09 -0800
From: Seth David Schoen <schoen@eff.org>
To: tor-talk@lists.torproject.org
Message-ID: <20150202190609.GB26784@mail2.eff.org>
References: <f8e73ec8753a6a3a6112de45f796c3ff@openmailbox.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <f8e73ec8753a6a3a6112de45f796c3ff@openmailbox.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [tor-talk] VPN/TOR Router
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

spencerone@openmailbox.org writes:

> Hey :)
> 
> I have been looking at a physical product by Cryptographi called the
> 'SnoopSafe Encrypted VPN/TOR Router'[0].
> 
> Does this work?  Is this safe?
> 
> [0] http://cryptographi.com/products/snoopsafe

There have been a number of discussions on this mailing list before
about standalone Tor routers.  The usual consensus is that using a
separate router together with regular Internet applications is risky,
because the applications don't know that they shouldn't behave in
certain ways.  For example, the applications might mention your real IP
address in the course of some protocol, or they might send or allow to
be sent a persistent cookie, which might eventually be sent over both a
Torified and a non-Torified connection.

The Tor Browser has had a ton of work put into it

https://www.torproject.org/projects/torbrowser/design/

to try to make sure it works safely with Tor (again, by making all Tor
Browser instances look alike, making sure that they don't allow
long-lived cookies or cookie equivalents, and various other
precautions).  The router running as a separate device can't usefully
apply all of these protections to regular Internet applications "from
the outside", and the applications, again, won't realize that they're
being used in an anonymous way and that they shouldn't send data that
might compromise their user's anonymity.

That's why the Tor Project doesn't currently recommend using Tor with a
web browser other than Tor Browser, and that's something that would
inevitably happen when using one of these standalone routers.

-- 
Seth Schoen  <schoen@eff.org>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

