Question About TOR

I've heard before that large downloads and/or uploads can cause information leaks or allow for attacks. Can anyone confirm and explain this?

 

I'm not aware of any correlation between download/upload size and information leaks. It might matter if the adversary or snoop has the ability to view traffic from very large areas of the web (NSA for instance). I am assuming that this information is HTTP(S), going thru a properly configured browser, not a torrent or P2P app.

 

Does torrent/p2p matter if it's routed through TOR?

And don't .onion sites use their own protocol? Is it encrypted?

 

The biggest problem with torrent and P2P apps is that they leak identifiable data, often your IP addy. There's no realistic way to make certain that they don't send identifiable data.

 

Right, right, makes sense. Perhaps that's where I'd gotten confused.

 

Just run your sharing app in a VM, with Tor running in the host, or in another VM. Route Tor to an internal network, which the sharing app VM sees as it's only Internet access. All traffic from the sharing app VM either goes through Tor, or gets dropped. For example, torrent clients can find other peers, and can download normally. But they cannot be found by other peers, so they only upload to other peers that have found them.

 

It's not torrenting I'm interested in. Large direct downloads specifically.

 

The Tor project specifically warns against using Tor for torrenting. So, no, there is no way to do it reliably that I am aware of.

 

If you're downloading the files with a properly "Torrified" browser using http(s), you should be fine, save for the lower speed and potential reliability issues. Your speed will be limited by the slowest node in the chain, plus each nodes traffic load. I'm not sure how Tor treats ftp.

 

In that case, there shouldn't be leaks, as long as Tor is set up properly. That is, leaks shouldn't be more likely for large downloads than for small ones. However, download managers might cause leaks, so test first.

Another issue is that large downloads stand out from the crowd, increasing vulnerability to traffic analysis. But you have other problems if you're attracting interest from attackers with such capabilities.

 

Thanks.

Are .onion sites encrypted though? I guess they use the 'TOR' protocol or osm esuch thing and it would be.

 

Yes, traffic never leaves Tor, so it's end-to-end encrypted.

What's the "osm esuch thing"?

 

*some such thing

 

Ah! English

Edit: ... or I see in -http://itsmyweddingafterall.wordpress.com/the-wedding-list/ , which seems SE Asian.

 

If OP is talking about 1-1 direct file sharing, then yes that is possible to do safely with Tor.

What I am talking about is Bittorrent. Because of the way that protocol works, it makes using Tor very risky. Here is the Tor project's take on the whole matter.

Here's a quote:

 

That's true. But you can also do what I said, and force a VM to use Tor as its ONLY Internet connection, so NOTHING can leak (except for malware that calls home later when you might not be using Tor). Traffic that Tor can't handle (UDP basically) just gets dropped.

 

That's what I said in posts 4 and 9.