On Wed, Sep 23, 2015 at 8:44 AM, tor-dev had:
Guessing that... assuming you can ship and calculate all the relay data / DHT / weights / KEX / circuits / preferences without bogging down your network or cpu...
More relays being exits yields higher maximum possible path diversity. More relays being exits yields higher potential aggregate throughput between the network and clearnet. More exits yields broader more complete location overlay relavent to users (more relays yields more guards), datacenteres, and clearnet services (though there's as yet no attempt to exit near a service unless done manually).
However when subject to global passive adversary tapping lots of the fiber, and you turn up more relays as exits (which are also non-exit relays by nature), you're adding lots more unused bandwidth over the same current consumption, leading to lots of unused quiet portions of the network. Which seems a greater potential for the adversary to "look, user just shot a unique traffic pattern completely through the quiet zone, gotcha". Whereas when the network links are full with clocked traffic (and fill traffic if there would otherwise be slack space) that observation attack is hardly as possible, to relavently impossible.
If true, it seems to me adding more [non] exits should be pegged to some metrics and solicited on need / planning rather than turning up 6000 exits all at once.
tor-relays had talk of individual humans keyparty signing their relays and including that WOT along with other trust and meta metrics in the consensus or other queryable datastore that could be used by the user to select preferred relay sets in whichever sensible or silly ways suited them.
An adversary standing up relays has costs. Adversaries standing their human agents in public, even if their undercover is maintained, has additional costs and risks.
======== In a sense this is like the original 'valid' flag, which you got by mailing me and having me manually approve your relay (and without which you would never be used as the entry or exit point in a circuit). Periodically I wonder if we should go back to a design like that, where users won't pick exit relays that don't have the "socially connected" badge. Then I opt against wanting it, since I worry that we'd lose exactly the kind of diversity we need most, by cutting out the relays whose operators we don't know.
But both sides of that are just guessing. Let's find out! ========
These type of things may be better suited to a system where the users contribute their research and knowledge about the network into the network metadata db, and the users can query it to make their own decisions, follow other users prebuilt selection templates, or stick with the provided defaults.
Instead of WOT, it seems more desirable, and better fit diversity, to have both your best friends and worst enemies on the same circuit. Ergo, minimizing chance of collaboration.
-V On Mon, 26 Oct 2015 at 01:30 grarpamp grarpamp@gmail.com wrote:
On 28 Oct 2015, at 14:31, Virgil Griffith i@virgil.gr wrote:
Instead of WOT, it seems more desirable, and better fit diversity, to have both your best friends and worst enemies on the same circuit. Ergo, minimizing chance of collaboration.
Like Tails' friends, foes, and neutral HTP pools… "any member in a one pool should be unlikely to share logs (or other identifying data), or to agree to send fake time information, with a member from the the other pools" https://tails.boum.org/contribute/design/Time_syncing/#index4h2 https://tails.boum.org/contribute/design/Time_syncing/#index4h2
T
Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP 968F094B
teor at blah dot im OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
Like Tails' friends, foes, and neutral HTP pools… "any member in a one pool should be unlikely to share logs (or other
identifying data),
or to agree to send fake time information, with a member from the the
other pools"
This may be heretical, but I always thought this motivation above is a plausible reason to have more "non-activist" types running Tor relays---we just have too many friends, a few foes would be a welcome addition!
-V
On Wed, Oct 28, 2015 at 1:11 PM Tim Wilson-Brown - teor teor2345@gmail.com wrote: