[Tim Retout] > I still believe it's not a good idea to be routing unencrypted > traffic through Tor, and you need to be checking the certificates > for the encrypted traffic. Browser plugins are risky too.
I guess it depend on what the goal is. As far as I can tell, the man in the middle attack is just as possible for any router and network point you pass through, so using Tor only shift who can do the attack while making it harder (not impossible) to figure out where you are located. So to me, it seem like routing all traffic through Tor bring the advantage of making it harder to track your location while changing the set of people that can perform MITM attack on you. It is not like using Tor for everything is introducing some new threat. It is already known that NSA and China rutinely perform MITM attach on non-Tor traffic, and I assume others do as well. So we are left with probability calculations instead to evaluate the threat. While talking about these topics with a friend, I just got a tip about PORTALofPi, which is a ARch based Raspberry Pi setup to force all traffic over Tor. See <URL: https://github.com/grugq/PORTALofPi/ > for that recipe. -- Happy hacking Petter Reinholdtsen _______________________________________________ Freedombox-discuss mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss
