It will never be possible to make a device such as Cloak that will please everybody. Some people want the device as secure as possible and some people prefer it to be more user friendly. Some people want sensible default, others prefer flexibility. Reaching the perfect balance between all these wishes is perhaps our greatest challenge in designing Cloak.
To get more feedback from people who really understand Tor I have basically urged the people on the tor-talk mailing list to provide their opinion, criticism and input. First of all let me use this opportunity to extend my thanks to the crowd on the mailing list. I have gotten a lot of constructive criticism and a lot of ideas – and I have fortunately been able to adapt to most of that criticism.
Some issues that has been raised and which have already been sorted out:
Wi-Fi Client Isolation
Since a device like Cloak is designed for multiple users it is absolutely essential that these users cannot intercept or manipulate each other’s traffic. Fortunately this one was indeed an easy fix on Cloak. The wireless driver for the Atheros chipset that we are using is able to isolate clients from each other if that option is enabled. It is now!
Another concern was that of shared circuits. Different clients connected to a Cloak should never use the same Tor circuit. In this particular case I fortunately did not have to make any changes to the Cloak source. Multiple clients connected to a Cloak device will always use different circuits.
Circuits used for multiple services
One of the greatest concerns with running Tor as a transparent proxy (such as Cloak is doing) is that the same circuit and thereby the same exit node will be used for multiple services. That way a user trying to stay anonymous can be exposed by another service running in the background (that could for example be a Windows Update). This one did require some change to Cloak’s default configuration. It turns out that Tor is – and has been for a while – fully capable of isolating traffic to different servers into different circuits. This feature has been enabled (at a small performance penalty) so now each circuit will be used for one service only and thus multiple service will appear from several exit nodes.
There are still many topics being discussed on the Mailing list, so expect more goodies in the near future. If you are interested in the discussions themselves, do check out the tor-talk mailing list here.