Delivery-Date: Tue, 04 Nov 2014 04:18:44 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLACK autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 340BF1E02FD;
	Tue,  4 Nov 2014 04:18:42 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id AC972316C9;
	Tue,  4 Nov 2014 09:18:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 4B938316C0
 for <tor-talk@lists.torproject.org>; Tue,  4 Nov 2014 09:18:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id mINvWi_gsKSg for <tor-talk@lists.torproject.org>;
 Tue,  4 Nov 2014 09:18:33 +0000 (UTC)
Received: from s2.netcompartner.com (s2.netcompartner.com [80.86.85.53])
 by eugeni.torproject.org (Postfix) with ESMTP id 0A9A631305
 for <tor-talk@lists.torproject.org>; Tue,  4 Nov 2014 09:18:32 +0000 (UTC)
Received: from ncpws04.localnet (ncpws04.netcompartner.com
 [IPv6:2001:470:ec48:0:e2cb:4eff:fe3e:11c6])
 by s2.netcompartner.com (Postfix) with ESMTPSA id BE1D5C0608
 for <tor-talk@lists.torproject.org>; Tue,  4 Nov 2014 10:18:29 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
 d=reclaim-your-privacy.com; s=2014; t=1415092710;
 bh=EPCyua5JFKknemeLLt1/tLsP46NRYfC/EXBP64iJYHM=;
 h=From:To:Subject:Date:In-Reply-To:References:From;
 b=VVB09EnFH/UHRS1qZH90PW5DPqQp8PuQuYqtpyFc3UwlTme+SY14UPURFoPrr4FCo
 a5WmgCdwDlUznB0wyd3CDJNdzAkFYhz8Vlte1eKLy240ZKbbNN3uFyvfbhBoDcIKE5
 4lq9iO8BF5itpT75hDlJvWOTkzO1pNku31cPdI1yrZ9Zz5fevdpzM4zGeHpXWpVEmb
 lAf7xhTYzt/WU2Fuwf5BI70OUSZ3aej6qViQRAYq+4QvbYkWEbFuqQ7GSqyqBjD/HZ
 pBb2p9l2JvRrL8U+8idqqyfST09qXq2G96EFRnGpp6xTrIMjuzBQ+v9AF+G6N6b9J4
 KnF9gT4gOpi+g==
From: Lars Boegild Thomsen <lth@reclaim-your-privacy.com>
To: tor-talk@lists.torproject.org
Date: Tue, 04 Nov 2014 17:18:25 +0800
Message-ID: <8068577.tjcONYyxl8@ncpws04>
Organization: Reclaim Your Privacy
User-Agent: KMail/4.14.1 (Linux/3.16-3-amd64; KDE/4.14.1; x86_64; ; )
In-Reply-To: <20141104062609.GA5655@grml>
References: <7488606.2oxgLGVBPl@ncpws04> <2878899.URSiSnZ9PG@ncpws04>
 <20141104062609.GA5655@grml>
MIME-Version: 1.0
Subject: Re: [tor-talk] Cloak Tor Router
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Tuesday 04 November 2014 07:26:09 michi1@michaelblizek.twilightparadox.com wrote:
> This would require IsolateDestAddr. This might have a serious impact on
> performance and load (I cannot tell you how much).

I have now enabled IsolateDestAddr and I think that will remain enabled.  It's too important to sacrifice for performance.  Performance took a small hit but not too bad (primarily wait time before page load while circuit gets established).

So - status from tor-talk discussion so far:

1. Wi-Fi clients are isolated from each other - no way to do sniffing, arp spoofing etc.

2. Both IsolateClientAddr and IsolateDestAddr are enabled - no more shared circuits.

Major one with no clear consensus is how best to do updates.

-- 
Lars Boegild Thomsen
https://reclaim-your-privacy.com
Jabber/XMPP: lth@reclaim-your-privacy.com
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

