On 1/9/2013 4:41 AM, Konstantinos Asimakis wrote:
First of all, AFAIK, bridge relays act as entry guards, meaning they *replace* the first step of your tor circuits, they don't extend them to 4 nodes. With that in mind you might be able to do this:

your client -> bridge (obfuscated or not) -> tor node B -> tor node C -> whatever (clearnet / introduction points for your service)

If you host a hidden service, a compromised bridge on the above circuit will make you vulnerable to timing attacks whether you hand-pick trusted nodes for B&C or not.

Also in general when you talk about guard node, you mean a node that you connect directly too for your first hop on a circuit. It doesn't make sense to talk about guard nodes in the middle of the circuit, you don't really care if those are compromised or not since they don't see you IP.

So another idea would be to use Tor through Tor which unfortunately doesn't increase your anonymity much since timing attacks will still work the same way (maybe they will take a little longer to pull off though but your hidden service will be harder to reach too).

That being said you can choose your entry guards with the EntryGuards torrc command and the StrictNodes commands which you can find in the Tor Manual

If you are super paranoid you could add more latency to the connection between you and the hidden service server. For example you could rent a server anonymously in another country to host your hidden service, and only access that server using Tor from a random public WiFi and only for short durations (like just reuploading changed html code) using actually trusted entry nodes. This way even if they manage to find where the hidden service is located they will have to also start a separate attack to find where are you connecting to this server from. And if they find where you do connect from (which will take considerable time probably) you might have even switched to another public WiFi by that time. Also who are "they" in this case? Cause we are talking about an investigation that spans a ton of countries just to find you. I honestly believe this is overkill. If you need that much security then maybe Tor isn't for you.

Cheers.
for our purposes, "they" can remain undefined.

there are plenty of "they"s to pick from, what with illegal NSA wiretapping, various alphabet soup brigades targeting their own citizens, staggeringly escalated mandatory data retention, new anti-piracy techniques and legal precedants that allow various copyright owners to attack their own customers and clients, the list goes on and on.

And that's just the USA. once you include things like publically-admitted cooperative domestic espionage between allied countries, and other foreign powers such as China, Russia, North Korea, and just about every Arab country in existence, there are a multitude of "they"s to be cautious about.

Though, speaking as someone with an anarchist cypherpunk bent, I don't really need an excuse to take whatever precautions are available to me, seeing as any sort of activism or participation in social movements would cause me to be a political target.

The only reason I'm posting here at all is because I do not think I am yet a target valuable enough to actually pursue.

When I say "entry guards" i mean entry guards from the perspective of a tor node acting as a client.

Am i mistaken in believing that a tor bridge relay acts as a client on behalf of the actual tor client behind it?

Or does the short list of bridge relays act as entry guards, and connect to other tor relays as the first hop tor relay?