Delivery-Date: Wed, 24 Feb 2016 13:22:17 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 3117B1E0683;
	Wed, 24 Feb 2016 13:22:15 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 5BA2939935;
	Wed, 24 Feb 2016 18:22:08 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 2B42D3985A
 for <tor-talk@lists.torproject.org>; Wed, 24 Feb 2016 18:22:05 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id nkIiPvZMASbY for <tor-talk@lists.torproject.org>;
 Wed, 24 Feb 2016 18:22:05 +0000 (UTC)
Received: from paulo.mayfirst.org (paulo.mayfirst.org [209.234.253.240])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 1230039854
 for <tor-talk@lists.torproject.org>; Wed, 24 Feb 2016 18:22:04 +0000 (UTC)
Received: from paulo.mayfirst.org (unknown [127.0.0.1])
 by paulo.mayfirst.org (Postfix) with ESMTP id 51B283F39
 for <tor-talk@lists.torproject.org>; Wed, 24 Feb 2016 13:22:02 -0500 (EST)
Received: from [127.0.0.1] (localhost [127.0.0.1]) (Authenticated sender:
 nathanfreitas@paulo.mayfirst.org) with ESMTPSA id 3E8C03F21
Received: from compute5.internal (compute5.nyi.internal [10.202.2.45])
 by mailauth.nyi.internal (Postfix) with ESMTP id 04CE226514
 for <tor-talk@lists.torproject.org>; Wed, 24 Feb 2016 13:22:01 -0500 (EST)
Received: from web1 ([10.202.2.211])
 by compute5.internal (MEProxy); Wed, 24 Feb 2016 13:22:02 -0500
Received: by web1.nyi.internal (Postfix, from userid 99)
 id D62A0AE58E1; Wed, 24 Feb 2016 13:22:01 -0500 (EST)
Message-Id: <1456338121.2287981.530801714.266A9484@webmail.messagingengine.com>
X-Sasl-Enc: V5CPUSaxEHnStkAt6UjyFXhVGzz0MaAGJ1EQx7qoPGjK 1456338121
From: Nathan Freitas <nathan@freitas.net>
To: tor-talk@lists.torproject.org
MIME-Version: 1.0
X-Mailer: MessagingEngine.com Webmail Interface - ajax-aeec9b65
Date: Wed, 24 Feb 2016 13:22:01 -0500
In-Reply-To: <512753.b3711c75f4c5ec43a1b5ba6bf66a087e4ae39eb0@popretr.messagingengine.com>
References: <512753.b3711c75f4c5ec43a1b5ba6bf66a087e4ae39eb0@popretr.messagingengine.com>
 <1456260413.11002.18.camel@pentium.freedom.box>
X-Virus-Scanned: ClamAV using ClamSMTP
Subject: Re: [tor-talk] Thoughts on Tor router hardware
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Tue, Feb 23, 2016, at 03:46 PM, Rob van der Hoeven wrote:
> My conclusions are that running Tor on the router can enhance both
> security and usability. It further opens new possibilities for expanding
> the Tor-network and can provide a stable source of income for the
> Tor-project.
> Wrote an article about this on my blog:
> https://hoevenstein.nl/thoughts-on-tor-router-hardware

Thanks for the sober, thoughtful post. There are definitely advantages
to the hardware-isolated TorSocks mode for sure, which I think have been
lost with some of the poor implementations out there and focus on the
Transparent proxy type setup.

These kind of trade offs are also something we struggle with on Android
with Orbot, and we are looking at configuration choices like these to
both help the novice user get connected, without unintentionally leaking
data.

+n
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

