TR Forums

I came up with an idea: Ad blocking Onion Pi. The "problem" is I'm getting a little worried by the attacks from advertisements (Yahoo (Europe) and NSA) and just how accurate the ads are these days. So, I thought I'd try the idea of an Onion Pi with the proxy feature of the ad-block project and using NoSript add on for Firefox to make web surfing a little safer for my family and me. But I'm not sure the two ideas are 100% compatible. Thoughts?

Oh, and don't worry, TR would be white-listed

EDIT BY MOD - Captain Ned - Discussions are OK, links on how to violate Forum Rule 12

I think the issue with using Tor and adblocking if you're worried about the NSA and viruses from ad networks is that as soon as you whitelist a site you want to support (like TR) you negate pretty much all the protections you've put in place. If you accept ads from ad networks on any sites then you expose yourself to infected ads, all ad networks are going to end up serving dodgy ads from time to time. If you ever accept an ad then you'll likely have some kind of tracking cookie that the NSA can potentially track through tor.

If you want to use tor in an NSA resistant way then you have to turn off javascript completely and clear all cookies between visiting different sites.

That's my admittedly shaky understanding. I'm sure doing what you propose would make things more difficult for ad networks and the NSA but I wouldn't like to say by how much, at least for the NSA.

You can accept, transfer, avoid, or mitigate risk (to an acceptable level). And I'm not THAT parinoid. I'm mostly just looking for an idea for a capstone project that isn't just a waste of time. Truthfully, it's the bandwidth and annoying adds that take over my screen (won't say the site) that I'm trying to get rid of. However, that's not exactly a good, defensible reason for an IT security emphasis project. But this project can mitigate quite a few threats to an "acceptable" level.

Use Lynx via a remote shell.

Squid can be setup to filter things out. It, however, needs RAM and fast disk IO to really work well.

You could setup an IDS using Snort, and use Metasploit to create traffic. Alternately, you could look into ways to mitigate a DOS attack. There are a lot performance testing tools to generate loads for website testing.

You could research how application design influences the creation of insecure code and vulnerabilities. This dovetails off of the secure coding research paper I did. This could be more of a computer science topic rather then an IT security topic though.

Flatland, I understand what you're talking about, but I think it's far more detailed than what this place is looking for. As it was explained to me, I need to define a problem, a solution, and defend why it's the best solution.

The technical implmentation for the site I cannot link (my bad) uses "a solution" and what appears to be a blacklist aquired through another site. I don't know if that is the best solution but it does works without needing proxy server resources. Using the "soultion" it replaces the blacklisted site with a 1x1 image using another bit of software. I'm pretty sure it SHOULD work with the Onion Pi, but I'm nto familiar with the Onion Pi or TOR. That's really my issue. I understand the theory but only using assuming things are set up the way I think they are. I mean, the "solution" should be able to be tacked onto the config of the Onion Pi, but I'm not 100% sure.

I'm trying not to propose an idea in a technical paper and find out the implmentation isn't possible and have to start all over.

You could take the onion pi and add an ad blocking proxy on the front (i.e. client side, before it hits the TOR part).