Delivery-Date: Fri, 07 Nov 2014 13:46:38 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 5D2841E0AFB;
	Fri,  7 Nov 2014 13:46:36 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 87A68318F9;
	Fri,  7 Nov 2014 18:46:32 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id E6A54318EB
 for <tor-talk@lists.torproject.org>; Fri,  7 Nov 2014 18:46:28 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Scq5x8Tz1eXB for <tor-talk@lists.torproject.org>;
 Fri,  7 Nov 2014 18:46:28 +0000 (UTC)
Received: from mail-wg0-x22b.google.com (mail-wg0-x22b.google.com
 [IPv6:2a00:1450:400c:c00::22b])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 91152318B6
 for <tor-talk@lists.torproject.org>; Fri,  7 Nov 2014 18:46:28 +0000 (UTC)
Received: by mail-wg0-f43.google.com with SMTP id y10so4501773wgg.2
 for <tor-talk@lists.torproject.org>; Fri, 07 Nov 2014 10:46:25 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:user-agent:mime-version:to:subject:references
 :in-reply-to:content-type:content-transfer-encoding;
 bh=ULO6MTaJb6Gl4k8RLSM1tanM/1N6S0AlOymB29uSQJg=;
 b=HOOr+GnYubnCOM3J1mBKplzrZ2Cd0vuQ6k1RyBkr0RUa8udv4oA/h3H20UGh9hsyEY
 11hxTbN+oIrDrcB+Hjzqw0J0lBOH3IuWutF0P3WsWey8ilJNptzJR3zeweaNhlhWVMlQ
 8Ij4Vk+LIuRRBa0uugDneAMzjYAOpuj4CiopWI+mPzY1AxssedYxbL6MCkFX1m3RnfGu
 v2qejSDhLfoJ2jF5i4eUPjOWgSBPwYhcZOUt8LIq9Ggilwl7+LGeep6f4iI5pT6g4u0M
 VOzpHya4dPApkhJEAe0hVYuCB+s/WfRPgdKfF6oidKM7YzlPxIO8zNKgA2f9KFPNWzLn
 V9iQ==
X-Received: by 10.194.134.198 with SMTP id pm6mr15463895wjb.136.1415385985670; 
 Fri, 07 Nov 2014 10:46:25 -0800 (PST)
Received: from [192.168.1.11] (ANice-652-1-324-82.w86-193.abo.wanadoo.fr.
 [86.193.107.82])
 by mx.google.com with ESMTPSA id ji10sm3030885wid.7.2014.11.07.10.46.24
 for <tor-talk@lists.torproject.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Fri, 07 Nov 2014 10:46:24 -0800 (PST)
Message-ID: <545D1380.7010902@gmail.com>
Date: Fri, 07 Nov 2014 19:46:24 +0100
From: Aymeric Vitte <vitteaymeric@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3;
 rv:24.0) Gecko/20100101 Thunderbird/24.6.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <7488606.2oxgLGVBPl@ncpws04> <8791008.gPgc6LIrom@ncpws04>
 <CAJVRA1THJ5urkXWVe7UgKVy5gA=1a6yQ4F1_=1v3m4Yu-pgxJw@mail.gmail.com>
 <3413830.AxW13VOK2Y@ncpws04> <545CF363.7020201@gmail.com>
 <545CFEFD.8050103@gnu.org> <545D0A53.5010405@gmail.com>
 <545D0E76.1040609@gmail.com>
In-Reply-To: <545D0E76.1040609@gmail.com>
Subject: Re: [tor-talk] Cloak Tor Router
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="iso-8859-1"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


Le 07/11/2014 19:24, Aymeric Vitte a =E9crit :
>
> Le 07/11/2014 19:07, Aymeric Vitte a =E9crit :
>>
>> Le 07/11/2014 18:18, hellekin a =E9crit :
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA512
>>>
>>> On 11/07/2014 01:29 PM, Aymeric Vitte wrote:
>>>> >
>>>> >- force ssl through Tor, non ssl outside
>>>> >
>>> *** Is that what you meant?  Can you explain why?
>>
>> Yes but again we are not talking about strong anonymity here (unless =

>> for a browsing use with the Tor browser and the proxy set to the =

>> box), question of usability again by people not familiar with this =

>> (but I forgot to mention the http nowhere option, and if users set it =

>> then will they understand that all non ssl traffic is blocked?), some =

>> thoughts are:
>>
>> - for a normal user is it better to have the non ssl traffic mitmed =

>> by the exit nodes or should it go outside?
>> - torrent traffic goes automatically outside
>> - non ssl websockets (like Peersm's where we have ssl (+Tor) over ws =

>> and not the contrary) do not go through Tor, so again you are not =

>> using Tor over Tor
>>
> and:
>
> - if some devices or apps (like browsers) are sending dubious stuff =

> outside, it's likely to be ssl one (like [1]) so you can not know what =

> it is, I have not checked yet what my Chromecast is doing, it's in the =

> TODO list
>
> [1] =

> https://s3.amazonaws.com/ksr/assets/000/690/973/f9a25528976205dff93e60fc4=
0dfa91f_large.jpg?1371808994
>

This makes me think too that project [1] [2] could resurrect with a =

Cloak, the Cloak would replace the servers used to intercept itself. =

Quickly explained the principles are that the browser is intercepting =

itself with the complicity of servers, it then changes the URLs (sent =

and received in the page) to a fake domain and navigates on the fake =

domain via the Tor network, nobody can know outside of the browsers what =

are the real domains, even for ssl (the server name is the fake domain).

[1] https://www.youtube.com/watch?v=3DQOP4NHvJAGM
[2] http://www.ianonym.com

-- =

Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms

-- =

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

