Wouldn't it be possible to code the Tor clients to not build circuits using relays in the same /24 or with "similar" names? While that wouldn't fix ALL possible attack scenarios, that could certainly help, and help against accidental (or malicious) misconfigured nodes.
On Tue, 10 Jan 2012 00:28:16 +0100, "Aurel W." aurel.w@gmail.com wrote:
Malicious relays trying to de-anonimize people are not going to use MyFamily for obvious reasons, and also they will not choose an obvious nick sequence like MetallicaFan1, MetallicaFan2,etc So it seems to me this option has only theoretical benefit, but in practice it's naive.
True, but in theory you also have to consider that nodes could get compromised and then it is very likely that a whole family is affected (may be too paranoid for some).
I also wonder if it gets harder to identify a real threat, of a malicious attacker operating many nodes, if there are so many other cases of not-specified families.
The "MetallicaFan1, MetallicaFan2,.." nodes might not be a problem, because no one with a malicious attempt would name nodes like that. But they are an indication, that there might be a bunch of other nodes, without any such strong sings, but which are also operated by one single individual. Because obviously, it's a very common mistake in configuration.
There might be feasible techniques to find suspicious groups of relays, but with all this non specified families, this would be rather pointless.
aurel
aurel
On 9 January 2012 23:39, Javier Bassi javierbassi@gmail.com wrote:
On Mon, Jan 9, 2012 at 7:13 PM, Aurel W. aurel.w@gmail.com wrote:
Shouldn't this be treated more seriously? There are literally over 100 high bandwidth relays, which should specify a family but which don't. If you monitor a client, it is very frequently that circuits are built where two relays are clearly controlled by the same person.
As a first try I mailed to two contact email addresses, but I haven't got any response.
In the end its the same. Relay operators who are willing to place MyFamily in their torrc file are not the ones that are going to try to identify you. Malicious relays trying to de-anonimize people are not going to use MyFamily for obvious reasons, and also they will not choose an obvious nick sequence like MetallicaFan1, MetallicaFan2,etc So it seems to me this option has only theoretical benefit, but in practice it's naive. Or maybe I'm missing something _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays