Delivery-Date: Fri, 08 May 2015 22:21:43 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D08641E0CE8
	for <archiver@seul.org>; Fri,  8 May 2015 22:21:41 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0D7A734B5F;
	Sat,  9 May 2015 02:21:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id DDD4F353E7
 for <tor-talk@lists.torproject.org>; Sat,  9 May 2015 02:21:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id AQ_v1bB9y3E9 for <tor-talk@lists.torproject.org>;
 Sat,  9 May 2015 02:21:33 +0000 (UTC)
Received: from mail-lb0-x235.google.com (mail-lb0-x235.google.com
 [IPv6:2a00:1450:4010:c04::235])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 8386834B5F
 for <tor-talk@lists.torproject.org>; Sat,  9 May 2015 02:21:33 +0000 (UTC)
Received: by lbbqq2 with SMTP id qq2so64098544lbb.3
 for <tor-talk@lists.torproject.org>; Fri, 08 May 2015 19:21:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=55btgK7BtTv9q5/zx9px+shnCpGk+8iyTq15d71x/TA=;
 b=uiRt2Fl3dQI3ZRLgSJpeTAsAAFIAsyTagKhwEdKVK+deA60tI8z5H3wZTGFBX95Yp1
 xCy4E/X+G3hcYK064zhULgBHBKkYEeShd7l1uwgI21wUwa3CJd51IJ24IDzS1daLQDRt
 k+YMa6SYHpXZ4LJjqFGik7n62Xlz7w1wxQu0sBq6Yov5OMVtTVQauSnLkkxH7Yf/Tkpe
 LwUJqIC3+RKrPP5Nuch6F+t1YOzwowILkumb6gHn1it/YgZD5xHTFXAYCmRsM87whbfo
 AKAS/ahiTFOGSQcsobVl18mw+TmJ31924d4pc/pqG+pWMiMBZTArs/Py6Uu1W8nyesOp
 F8pw==
MIME-Version: 1.0
X-Received: by 10.112.56.42 with SMTP id x10mr575646lbp.123.1431138090293;
 Fri, 08 May 2015 19:21:30 -0700 (PDT)
Received: by 10.25.90.65 with HTTP; Fri, 8 May 2015 19:21:29 -0700 (PDT)
In-Reply-To: <20150508192603.25EE5A2C9B@smtp.hushmail.com>
References: <mailman.19.1431086401.16687.tor-talk@lists.torproject.org>
 <EC929472-00E8-472E-8F83-967578F335D8@gmail.com>
 <20150508192603.25EE5A2C9B@smtp.hushmail.com>
Date: Fri, 8 May 2015 19:21:29 -0700
Message-ID: <CAJVRA1Ss+eBQO8BxcaVCy+SnZLX6SNbHYAtKF66S2XsweeFRqg@mail.gmail.com>
From: coderman <coderman@gmail.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Friendly LAN bridge -- bad idea?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 5/8/15, l.m <ter.one.leeboi@hush.com> wrote:
>> There may be other security implications of a shared Tor client.
>
> Such as
>
> 1. All users that share a tor client also share a threat model. The
> tor configuration is shared. This may not be an ideal property.
> 2. If one user of the shared tor client breaks the process--it's
> broken for all others. Which is to say a bug, exploit, failure will
> affect all users simultaneously.

there are also stream isolation concerns, see options
 IsolateClientAddr, IsolateSOCKSAuth, IsolateClientProtocol,
IsolateDestPort, IsolateDestAddr, etc.

better to have each client run their own Tor, and a router / gateway
which can tell Tor Launcher a specific bridge or PT for Tor network
access.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

