On Tue, Apr 16, 2013 at 07:35:45PM +0000, adrelanos wrote:
I think that having a web server to handle Tor requests would defeat the purpose of obfuscation because the server's IP address would be public and censors could easily block any connections to it rendering it useless.
It's not so easy if users host their own torified CGIproxies on their own servers. - Ok, how many users are technically able and willing to do that?
We called this remote-proxy access in "Anonymous Connections and Onion Routing" https://www.onion-router.net/Publications.html#JSAC-1998 (Somebody should really put the early onion routing papers on anonbib, almost none of them are there. Copious free time and all that I guess.) It could be useful in some circumstances. I imagine if you wanted to run your own for personal use as suggested, coupling it with some kind of onetime authentication would be especially useful. But I can imagine circumstances where it would be useful for general public use, with the caveat that people will even more poorly understand the risks and protections they have here than they do with a Tor client running locally. Similar issues have been considered for tor2web, which I assume you know about. (If not you should take a look, although the goals are not identical.)
-Paul