Delivery-Date: Fri, 08 May 2015 08:37:17 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 5048C1E02C3
	for <archiver@seul.org>; Fri,  8 May 2015 08:37:15 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id B0FB035133;
	Fri,  8 May 2015 12:37:11 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3685534F4B
 for <tor-talk@lists.torproject.org>; Fri,  8 May 2015 12:37:08 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ZOfaCIuXL1mt for <tor-talk@lists.torproject.org>;
 Fri,  8 May 2015 12:37:08 +0000 (UTC)
Received: from mail-pd0-x230.google.com (mail-pd0-x230.google.com
 [IPv6:2607:f8b0:400e:c02::230])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 003AC34A26
 for <tor-talk@lists.torproject.org>; Fri,  8 May 2015 12:37:07 +0000 (UTC)
Received: by pdbqd1 with SMTP id qd1so80703579pdb.2
 for <tor-talk@lists.torproject.org>; Fri, 08 May 2015 05:37:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=content-type:mime-version:subject:from:in-reply-to:date:message-id
 :references:to;
 bh=lcYZMEd4Fbi28hbytIIMvheijLZvqvxc7eDBY1jsmiQ=;
 b=nD+TO+d3NDV9AtiOFvLseiMuQmOq1EFopXR1j37ULWl6+U9f8LcU2kKZcVv2LO8HD1
 KCaS3+v64fn9LJtkExm4WxtAoeGFGcC8qw2vkoRzWiL4J5YT5jSz2JG4B/uqecpqWpKf
 h/gvCuBPZQSw6r4nBwIaJEYQHKdOD4Od2F5qLEpZ4ifDW3BjT42d3/1AuwlyO0oAY8Kr
 NZjAB0ODKOLbEnCwqbag2/55biq/E+1aWSje0bWQmlmlJagnz1icZbaq7SX/Cg7hrBlQ
 SCJ3aTpKKe6zJ2k9djmRVqYOCnY4LZJ2GsAruW5S+pfeFTVQrCiIHi+Ar5Qeq4BBquOG
 jMWQ==
X-Received: by 10.68.213.135 with SMTP id ns7mr6092519pbc.157.1431088589457;
 Fri, 08 May 2015 05:36:29 -0700 (PDT)
Received: from [192.168.1.10] (14-202-224-251.static.tpgi.com.au.
 [14.202.224.251])
 by mx.google.com with ESMTPSA id ms7sm5157736pdb.11.2015.05.08.05.36.27
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Fri, 08 May 2015 05:36:28 -0700 (PDT)
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
X-Pgp-Agent: GPGMail 2.5b6
From: teor <teor2345@gmail.com>
In-Reply-To: <mailman.19.1431086401.16687.tor-talk@lists.torproject.org>
Date: Fri, 8 May 2015 22:36:20 +1000
Message-Id: <EC929472-00E8-472E-8F83-967578F335D8@gmail.com>
References: <mailman.19.1431086401.16687.tor-talk@lists.torproject.org>
To: tor-talk@lists.torproject.org
X-Mailer: Apple Mail (2.2098)
Subject: Re: [tor-talk] Friendly LAN bridge -- bad idea?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1907448210961538378=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============1907448210961538378==
Content-Type: multipart/signed; boundary="Apple-Mail=_50B8C94D-5395-404C-B34A-4A16F958FA29"; protocol="application/pgp-signature"; micalg=pgp-sha256


--Apple-Mail=_50B8C94D-5395-404C-B34A-4A16F958FA29
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

> Date: Fri, 08 May 2015 09:23:19 +0200
> From: Lars Luthman <mail@larsluthman.net>
>=20
> On Thu, 2015-05-07 at 23:34 +0000, Nathaniel Goodman wrote:
>> Hello,
>>=20
>> Around here all devices and usual guests use tor. This of course
>> generates many direct connections to the tor network.
>>=20
>> We were wondering if there would be any negative (privacy)
>> implications from running a private bridge inside the LAN to which =
all
>> the devices around here would then connect instead of making a direct
>> connection to the network.
>=20
> I've thought of using a similar setup on local networks - configuring
> the main router to run a private Tor bridge and blocking all other
> traffic. The problem with this is that every normal circuit only gets
> two hops out on the internet - your private bridge is the first hop, =
and
> then there's a middle hop and an exit on the internet. Also, since the
> private bridge would be the guard node and it is on your local =
network,
> the first hops out on the internet would change much more frequently
> than if you didn't use the private bridge but connected to guard nodes
> out on the internet. Both of these properties may reduce the anonymity
> of Tor users on your local network.
>=20
> These problems would be avoided if
>=20
> a) Tor treated all bridges as a 'zeroth hop' and built three-hop
>    circuits _after_ the bridge, with the first hop being chosen
>    using the normal guard selection algorithm, or
>=20
> b) There was a special 'local bridge' type which, when used,
>    forced the client to build four-hop circuits with the above
>    properties.
>=20
> I don't think there's any way of achieving any of those without
> modifying Tor.

The standard way of achieving this is to have multiple Tor browsers =
configured to connect via SOCKS to a shared Tor client on the LAN. This =
client has one set of connections, descriptors and caches, and 1-3 =
guards. This saves bandwidth and connections.

However, there is a small risk of increased linkability via timing =
attacks on a shared hidden service cache - one user gets a hidden =
service faster if another user has recently used it.
See https://trac.torproject.org/projects/tor/ticket/15938

There is also the risk of non-encrypted SOCKS connections being observed =
on your LAN. However, any unencrypted connections could be observed =
between the Tor exit and website anyway.

There may be other security implications of a shared Tor client. =
However, in my understanding, the loss of a guard node with a shared Tor =
bridge has known serious security implications.

Also, the increase in outgoing connections from a local bridge could =
very likely make your issue with the number of outgoing connections =
worse, not better. This depends on the number of Tor users you have - a =
bridge could make a connection to each of up to 5000 relays - do you =
have 1000 users using Tor simultaneously?

teor

teor2345 at gmail dot com
pgp 0xABFED1AC
https://gist.github.com/teor2345/d033b8ce0a99adbc89c5

teor at blah dot im
OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7


--Apple-Mail=_50B8C94D-5395-404C-B34A-4A16F958FA29
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.27

iQIcBAEBCAAGBQJVTK3IAAoJEAA+T02r/tGsZ5cQAIohp40ytgEf8MGWesDKxnTX
t2MdK0MWC146Sse9wtPgbYs/ztGgg9sVOcww9HlYb/CrgSOa6TgdfH/tOnnxYwhh
tizLcwZm7bwn2/sC76B9fBTvx/nzQz50bX07VF/QBKEtamSDcu0KLBdfjskbBHqS
8PWK9gUkLw/uHIbx001xdbGEeF2SCzGZb00zrms6aQqa7eXUNoBS4kzXa3HEefDY
WCZHjrC1Q8EM2WP/GrqK5YCEXpKMnM7AQsPz8YQE3LQLEvsJ/zsryR2qKnVqSGO1
AJo7oCt7+1OXNCRbzE8Ov8KTVMtKy4sYqVVTB13in+QQvLaGRrf08MSJJIczAf64
V9YFNThcTW3KxvNflVwtvGQENZawUWZraZUJlKwM9TY70q6h+/RT7FOyhI9PbBlK
8pBHkh8HhW4ENkPOtdcQXuye9c7EHGrCE9iQ4yMjoNlLB+9D+p5gG4RH/QERVuyf
jChaaN4JpYDOA/2wgTETrjIXHTVT7VFHDDhONfCbrOjT2jh8xL5wmtkGlwQdkgRb
+wj/+NgVfPY5WIyWIe0bfIFCLCQpO0Mp9GZlL+y8QY7gzwdCca0pFkiIfMPGUARc
UwascvJmGxTa7cs1pp1NFnc8bFrs3LVpNyFT+Rp0Gc7ECi4NjGe4AiFoSb39DVj/
kvIUjv77PNX+ZZOc8jrw
=6iOd
-----END PGP SIGNATURE-----

--Apple-Mail=_50B8C94D-5395-404C-B34A-4A16F958FA29--

--===============1907448210961538378==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============1907448210961538378==--

