Well, that 1/3 statement is if every circuit were to be compromised. I have noticed that there are some servers on the DoD Information Network (Kind of like how NRC runs freenet nodes). I also noticed some servers at nato c3. (They were blocked by peerguardian while I was trying to connect). I do believe 5 is a good amount, and I'm interested on how to change it.
<br><br>
<div><span class="gmail_quote">On 4/28/06, <b class="gmail_sendername">glymr</b> <<a href="mailto:glymr_darkmoon@ml1.net">glymr_darkmoon@ml1.net</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">-----BEGIN PGP SIGNED MESSAGE-----<br>Hash: RIPEMD160<br><br>Anthony DiPierro wrote:<br>> On 4/27/06, Ringo Kamens <
<a href="mailto:2600denver@gmail.com">2600denver@gmail.com</a>> wrote:<br>>> I don't really see anything wrong with it if you really want to do it. It<br>>> doesn't really increase anonymity, but it sounds good to me. I'm assuming
<br>>> that tor2 sees the ip address of the tor 1 exit node.<br>>><br>><br>> The way I picture it it would basically be equivalent to adding extra<br>> hops. I remember reading this is possible to hack into the standard
<br>> tor software, but I believe it requires a recompile and not just a<br>> config file tweak.<br>><br>> Anyway, it is my understanding that the current default implementation<br>> uses three hops. Now am I correct that that includes the exit node?
<br>> Does it also include the entry node which is generally on the same<br>> computer?<br>this is incorrect, the entry node, middleman node and exit node are<br>separate from the client. if one is running a tor server the entry
<br>node is indeed the same node but remember a tor server is shuffling<br>every other packet from other circuits mixed in with yours, and thus<br>it seems logical that it would improve anonymity<br>> If so, it seems that in the current default implementation only one
<br>> compromised node, the middle node (working with the destination site),<br>> is needed to significantly impact your anonymity. The IP address of<br>> the exit node is generally recorded in web logs along with the time
<br>> and date. So if the middle node records the incoming and outgoing<br>> node IP addresses, that can then be matched up with the web logs. If<br>> someone is using three hops the way I described it above, then the
<br>> incoming IP address would be the address of the tor user, right?<br>> Sure, you'd have a little bit of plausible deniability, as there's no<br>> proof your system was set up this way, but that's it.<br>>
<br>> Now hopefully I'm just wrong about what constitutes three hops (or<br>> that the default setting is three hops). Or maybe I'm missing<br>> something as to why this type of attack isn't possible.<br>><br>
> One thing seems almost certain, adding hops does increase the security<br>> against a compromised node attack.<br>><br>> Anthony<br>a compromised node attack, on average, has to compromise 1/3 of the<br>entire tor network to get somewhere approaching good odds of being
<br>able to identify the endpoints of circuits. possibly 2/3, but i'd say<br>1/3 of nodes being compromised would give usable violation of the<br>system... as you may know, there is something like 300-400 servers in<br>the tor network now, to compromise it they'd have to put up like
<br>150-200 new compromised nodes, or hack and compromise 100-150, either<br>task is not trivial at all.<br>-----BEGIN PGP SIGNATURE-----<br>Version: GnuPG v1.4.3 (MingW32)<br>Comment: Using GnuPG with Mozilla - <a href="http://enigmail.mozdev.org">
http://enigmail.mozdev.org</a><br><br>iD8DBQFEUgFR+KihKRqTxu4RA+URAKC1iSF0Rqfd8MfWvheWJCvRdKI1XwCgn2YO<br>x1xJp+DsGT/Oz9Shq63yr+A=<br>=QTPX<br>-----END PGP SIGNATURE-----<br><br></blockquote></div><br>