search

freifunk / meshkit

Meshkit is a generator for preconfigured images that can be used for freifunk
Other
45 stars 12 forks source link

TOR for Wifi #6

Closed Thorsten-Sick closed 10 years ago

Thorsten-Sick commented 10 years ago

We ran into potential legal issues (German "Störerhaftung" law) that could be fixed by directing the User-traffic (Wifi) traffic through TOR. Additional benefit would be some added privacy for the Users (with security benefits if they are using https).

Currently I am experimenting with the howto here:

https://forum.openwrt.org/viewtopic.php?id=27354

It is a bit of rocket science (oh, firewalls....) that could stop lots of people from using it.

Having that as a simple option in Meshkit would simplify TOR setup a lot and definitely rock. Enabling more people to to roll out Mesh networks because the legal barrier just got levelled.

I opened a similar bug in Luci

booo commented 10 years ago

There is a vpn solution for exactly this usecase:

http://wiki.freifunk.net/Vpn03

The infrastructure is open for all freifunk communities.

cholin commented 10 years ago

The problem with an open tor wifi network could be that people feel safe when say aren't. They should use the official tor browser because of security issues (fingerprints and stuff like that) and when they do they have tor locally anyway. That's the reason for me to not deploy tor networks for Freifunk in Berlin.

If you only want to avoid Störerhaftung you should use a vpn (like @booo mentioned) because tor will be too slow for most of your users.

mmunz commented 10 years ago

I also don't think tor is the solution here. When using tor users should be even more careful what they send over possibly unencrypted connections. You never know who runs your exit node. Also with tor you can just use tcp. Nevertheless, if you really want to have it that way for your builds then i suggest to figure out how you can add this stuff (maybe a script which does the setup in meshwizard style additionally to meshwizard). Its possible for communities to have their own files which are included. it should be possible to add another configuration script (executed by init at first boot). Another way would be to extend meshwizard so you can directly throw in additional scripts it should use when doing the initial config.