Hi,
Nick Mathewson: I should try to clarify!
Awesome!
questions don't seem to apply to proposal 266
They are about the central control of a [somewhat] distributed network, specifically, the execution of clients on behalf of the operator.
So, #264 & #266.
I've tried to split the first version of the proposal into 2.
I understand the proposals as:
prop#264 is for how things _should_ work ; prop#266 is what we do in the absence of client-side support in existing Tor versions.
anybody who doesn't know how to die via prop264 will be killable in whatever way we choose for prop266.
And would recommend the titles [though obviously not as relevant as the contents]:
'How to ensure client death'
'How to kill clients that wont die'
I'm not aware of anything published.
Bummer ):
reasons:
- A non-updated Tor is insecure.
- the bulk of [some older] deployed versions appear to be defunct botnets
- [Depreciated] features
Word.
impact is so large it requires this level of action
Where can this impact be studied?
Given there is no research, there must be a way to visualize the impact.
Windows XP clients still running today, making the internet less secure.
Business clients pay money to keep MS supporting XP systems, though that doesn't weaken the internet as a whole.
every current Tor MAY eventually prove so broken it needs to go away
Word.
It feels like a decision that the operator should make but I kind of see the issue with abandoned clients.
The poison consensus seems fun.
Thanks for taking the time to write, it means a lot (:
Wordlife, Spencer