Anonymity easily thwarted by flooding network with relays?

[John Case]

On Fri, 19 Nov 2010, Theodore Bagwell wrote:

> On Fri, 19 Nov 2010 08:11 -0500, "Paul Syverson"
> <syverson at itd.nrl.navy.mil> wrote:
>> Your reactions are good. It's just that many people have had the
>> same reactions so we've explored this, and nobody in all of the research
>> done has yet produced a viable version of what you suggest.
>
> The nature of the attack outlined in the paper is expensive. The paper
> suggests rapid deployment, collection of data, and undeployment. The
> longer the interloping system runs, the more it costs.


I don't think it sounds expensive at all - I suspect a private individual 
could ramp this up for $10k per month or less.  It's not chump change, but 
it's not exactly at the nation-state level either...

(I am thinking of Amazon EC instances, etc.)


> Perhaps, at a network level, we can detect a sudden massive deployment
> of ORs and mark them as suspicious?
>
> Or, as mentioned earlier, we can assign an OR a level of trust
> commensurate with its age? (Admittedly, this may increase security at
> the expense of delayed benefit of new ORs)


Isn't this problem an obvious "web of trust" application ?  Can't this be 
solved by a pgp-style web of trust ?

I don't like the idea of solving it this way because I rather like running 
my tor node(s) in complete anonymity, so it's not something I necessarily 
want to be involved in ... but theoretically, that would solve it, no ?
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/