On Tue, Apr 16, 2013 at 10:49:38PM -0400, Paul Syverson wrote:
On Wed, Apr 17, 2013 at 12:46:17AM +0000, Matthew Finkel wrote:
- Who do you trust? With this remote-proxy, it really depends on what
you're looking to gain from using the Tor network. Are you looking for a censorship circumvention tool? Then you probably don't want to use a remote-proxy node run by the censorer or any of it's allies. If you're looking to remain anonymous...well, anonymous with respect to whom, I suppose?
Actually, if you could log in remotely to an interface that isn't obviously a gateway to Tor and the proxy/bridge there was one that you ran yourself or otherwise trusted, this could be an easy way to make sure your transport didn't look like it was talking a Tor protocol (because it wouldn't be talking Tor protocol). That's just off the top of my head, but the point is that there could be scenarios where this could support circumvention as well as anonymity.
I agree, but then the problem of having these nodes available to those who need them becomes an issue. One benefit about Bridges is that they are available to anyone who can send an email or visit a website or knows someone running one. For journalists and such, I suppose it's possible their local IT folk may be willing to setup a remote-proxy system for them but what about the little guy? Maybe another system similar to the one currently used to distribute Bridges could be used to partially solve the key distribution problem, but it doesn't completely solve the trust problem (but then again I'm not sure it can be solved short of the scenario you suggested). I think I have one vague idea related to the second hop in the circuit not actually relaying the webpage to the remote-proxy but to another remote-proxy and sending a redirect to the original and maybe with some JavaScript crypto to give people the warm fuzzies, but this hasn't exactly been thought through :). There's also a ticket for a PT that looks like a HTTP(S) server (IIRC), which may help with this?
Mahesh, what are your thoughts about how this would be implemented? (Just curious :) )
- Matt