>> http://hal.inria.fr/inria-00574178/en/ > https://blog.torproject.org/blog/bittorrent-over-tor-isnt-good-idea
Having briefly read these... all the mentioned attacks seem to rely on whatever apps the user is using being tricked into doing things involving the public IP space. Assuming the user's apps are bound to RFC1918 space and residing behind a packet filter that catches all traffic and forwards it to Tor, these attacks appear to be nullified. The only drawback being maybe the apps not working too well due to end to end connectivity issues as a trade off. Sadly, many users bind their apps/hosts to public IP addresses, configure them to use proxies into Tor instead of packet filters, and give them free access to their entire filesystem. Should it be of any suprise that these 'attacks' apply to them? Perhaps rather than 'attack', the phrase 'user error' would be more fitting? _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
