Re: How can I set going more one Tor daemons?

2009-08-15 Thread Hannah Schroeter 
Hi!

On Sat, Aug 15, 2009 at 09:09:52PM -0400, Ringo wrote:
>"Cover traffic is only there if the tor instance(s) also run as relay."

>I was talking about clients, not servers just to clarify. If multiple
>Tor instances are running in client mode (or even in one instance, if
>there's a lot of traffic), it becomes harder to do traffic analysis and
>pin one circuit to one user.

>Am I mistaken in that conclusion?

I think you are indeed.

If you run the instances as client only, there's no cover traffic, just
the traffic of the different users.

If you run separate tor instances, their circuits (first hop) are
necessarily on different TCP connections, so their different usage
patterns will show separately.  If you run one tor instance for all
users, they might use the same entry guard together, multiplexing the
different usages onto one TCP connection to the same entry guard.  That
hides the usage patterns by adding them together, IMO.  The second hop
then might split up or not, depending on needs, and even more so the
third hop (from the second to the exit node, where the dependency on the
exit policies comes to play a role).  I don't know/remember whether tor
relays in turn multiplex traffic "received" from different clients
together for the next hop if possible (i.e. different clients using the
same entry guard and the same second hop, mixing/multiplexing that
traffic onto the same TCP connection).  If so that would yield even more
anonymity, but only if the different users use the same second hop at
the same time (and switching over to different circuits at the same
time).

Kind regards,

Hannah.

Re: How can I set going more one Tor daemons?

2009-08-15 Thread Ringo 
"Cover traffic is only there if the tor instance(s) also run as relay."

I was talking about clients, not servers just to clarify. If multiple
Tor instances are running in client mode (or even in one instance, if
there's a lot of traffic), it becomes harder to do traffic analysis and
pin one circuit to one user.

Am I mistaken in that conclusion?

Ringo

Re: How can I set going more one Tor daemons?

2009-08-15 Thread Hannah Schroeter 
Hi!

On Sat, Aug 15, 2009 at 07:05:56PM -0400, Ringo wrote:
>>Running more than one sounds like a loss of some of the anonymity to
>>me, particularly if each user specifies different lists of nodes to be
>>used for various purposes.

[repaired quoting style.]

>If anything, it seems to me like running multiple instances (using
>default settings, nodes, etc.) would gain a user more anonymity as they
>would gain more cover traffic. Thoughts?

Cover traffic is only there if the tor instance(s) also run as relay.
In that case to be fair they should be declared a family. And then, one
could also run *one* tor node for all users with the appropriate
multiple of the allowed bandwidth, which should attract about the same
cover traffic as if you run a tor instance per user with less bandwidth
per instance.

>Ringo

Kind regards,

Hannah.

Re: How can I set going more one Tor daemons?

2009-08-15 Thread Ringo 
"Running more than one sounds like a loss of some of the anonymity to
me, particularly if each user specifies different lists of nodes to be
used for various purposes."

If anything, it seems to me like running multiple instances (using
default settings, nodes, etc.) would gain a user more anonymity as they
would gain more cover traffic. Thoughts?

Ringo

Re: How can I set going more one Tor daemons?

2009-08-15 Thread Scott Bennett 
 On Sat, 15 Aug 2009 16:05:43 -0400 Ringo <2600den...@gmail.com> wrote:
>" I have a laptop with the Debian Lenny AMD64 and I want to start
>several Tor daemons in one moment, each for every  user."
>
>I'm not sure how to do  it for each user,  but basically you have to
>give each tor it's own torrc. So for instance, you can create
>/etc/tor/tor2 /etc/tor/tor3, etc.
>
>In the torrc make sure you change these values:
>
>DataDirectory /only/for/use/by/one/tor/instance
>
>When you launch Tor use "tor -f /torrc/location" so that it uses the
>right config. I remember there were some permissions issues but I think
>you can probably figure it out.
>
 Each instance will also need its own SocksPort and ControlPort.
 Running more than one sounds like a loss of some of the anonymity to
me, particularly if each user specifies different lists of nodes to be used
for various purposes.


  Scott Bennett, Comm. ASMELG, CFIAG
**
* Internet:   bennett at cs.niu.edu  *
**
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."   *
*-- Gov. John Hancock, New York Journal, 28 January 1790 *
**

Re: How can I set going more one Tor daemons?

2009-08-15 Thread Ringo 
" I have a laptop with the Debian Lenny AMD64 and I want to start
several Tor daemons in one moment, each for every  user."

I'm not sure how to do  it for each user,  but basically you have to
give each tor it's own torrc. So for instance, you can create
/etc/tor/tor2 /etc/tor/tor3, etc.

In the torrc make sure you change these values:

DataDirectory /only/for/use/by/one/tor/instance

When you launch Tor use "tor -f /torrc/location" so that it uses the
right config. I remember there were some permissions issues but I think
you can probably figure it out.

Ringo

James Brown wrote:
> Flamsmark wrote:
>> On Sat, Aug 15, 2009 at 12:47, James Brown > > wrote:
>>
>>
>> How can I do it?
>>
>>
>> Why do you need to run several Tor daemons? Wouldn't it make more
>> sense to start one Tor daemon under the default debian-tor user, and
>> let it accept SOCKS requests from localhost connections (possibly with
>> some authentication depending on the setup)?
> I often use several connections with one server from different accounts
> and I don't want that the admin or owner of the server or anybody to be
> able to identify me from one ip-adress.
> Becouse that I want to have possibility to connect with such servers
> through different tor-chains and different exit tor-nodes at the same
> time (from different users).
>

Re: How can I set going more one Tor daemons?

2009-08-15 Thread James Brown 
Flamsmark wrote:
> On Sat, Aug 15, 2009 at 12:47, James Brown  > wrote:
>
> I have a laptop with the Debian Lenny AMD64 and I want to start
> several
> Tor daemons in one moment, each for every  user.
> How can I do it?
>
>
> Why do you need to run several Tor daemons? Wouldn't it make more
> sense to start one Tor daemon under the default debian-tor user, and
> let it accept SOCKS requests from localhost connections (possibly with
> some authentication depending on the setup)?
I often use several connections with one server from different accounts
and I don't want that the admin or owner of the server or anybody to be
able to identify me from one ip-adress.
Becouse that I want to have possibility to connect with such servers
through different tor-chains and different exit tor-nodes at the same
time (from different users).

Re: How can I set going more one Tor daemons?

2009-08-15 Thread Flamsmark 
On Sat, Aug 15, 2009 at 12:47, James Brown  wrote:

> I have a laptop with the Debian Lenny AMD64 and I want to start several
> Tor daemons in one moment, each for every  user.
> How can I do it?
>

Why do you need to run several Tor daemons? Wouldn't it make more sense to
start one Tor daemon under the default debian-tor user, and let it accept
SOCKS requests from localhost connections (possibly with some authentication
depending on the setup)?