North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Tor and network security/administration
On 6/21/06, Lionel Elie Mamane <firstname.lastname@example.org> wrote:
> Here's where your misunderstanding is evident. The filtering proxy > is not at the Tor exit node; it's at the *entry*. If the proxy is not at the Tor exit node, how can the tor network enforce the addition of the "this connection went through tor" HTTP header that Kevin Day was asking for?
And Tor users will desire to do this ... why? I have been referring to the proxying behavior *currently in use* on Tor and likely to be developed further in the near future. It is highly *unlikely* that Tor will add such a header by default, so there's little point in thinking that such a so-called "solution" might actually come to light. Note that nowhere have I implied that Tor HTTP requests would look like anything but regular HTTP requests, and in fact, that's exactly the point of Tor's design. I am NOT using this thread to comment on the appropriateness of that behavior (I have mixed personal opinions on that), but rather, to point out what its *users* want, which is what is likely to be implemented. Hence my earlier comment about addressing social vulnerabilities via solely technological methods.
if you rely on a program sitting on the user's computer adding that header, then malevolent users can not add this header,
And non-malevolent users who simply wish to avoid marketeers' statistical data tracking. There's more than one use for the technology, y'know.
so Kevin Day's purpose is not served.
If the point of the technology is to add a degree of anonymity, you can be pretty sure that a marker expressly designed to state the message "Hi, I'm anonymous!" will never be a standard feature of said technology. That's a pretty obvious non-starter. -- -- Todd Vierling <email@example.com> <firstname.lastname@example.org> <email@example.com>