On 08.10.17 21:23, Igor Mitrofanov wrote:
you seem to be more concerned with minimizing the number of hosts involved in a DNS lookup, and you (correctly) believe that running a recursive resolver yourself, as opposed to delegating it, decreases that number.
Yes, that's what I have been trying to communicate; I hope I was not too long-winded. Keeping the number of involved servers as low as possible is important for Tor nodes, and I'm happy to live with the small extra cost of running a caching resolver on my nodes to achieve this goal.
Unfortunately both individuals and ISPs seem to recommend using Google's infamous 8.8.x.x servers, for convenience if for no other reason. If I can avoid it, I will personally not use servers located in Mountain View (that's where GeoIP tells me these machines are) or elsewhere in the US, where the hoster might be willing or even required to keep logs of DNS lookups that can be correlated to my hosts simply by the originating IP addresses.
I assume, however, that most of these ISPs have no technical capability or business incentives to be engaged in Tor traffic correlation.
Quite. I choose ISPs in countries that, to the best of my knowledge, have laws that would make it difficult and time-consuming for the NSA, GCHQ or other intelligence services to get access to logs by legal means.
I am making an assumption that Tor relays sending DNS requests to a large and diverse number of destinations can make practical DNS-assisted traffic correlation prohibitively expensive.
That's what I hope, and I am trying to do my part to increase that cost.
-Ralph