[tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Aug 4 11:21:20 UTC 2011
#3678: Disallow more than one relay per country in a circuit
-------------------------+--------------------------------------------------
Reporter: cypherpunks | Owner:
Type: enhancement | Status: needs_information
Priority: major | Milestone:
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Comment(by cypherpunks):
Replying to [comment:12 cypherpunks]:
> From a sampling of my own circuits. I circuit from the US to Germany to
Sweden crosses the LINX exchange in London 3x.
>
> Here's an actual circuit, right now: tor9, drachentor, morales. US to
Germany to Germany. My traffic passes from Belgium, through LINX to NYC,
to the relay, to NYC to LINX to Germany.
What primarily matters is not whether the circuit crosses an exchange or
AS 3x per circuit, but whether it crosses that AS (IX) between you and
tor9 and again between morales and the final destination. If it does then
you are vulnerable to (at least one) potential attacker on the links
between nodes because it can associate source and destination IP addresses
and perhaps other circuit information. If not, well you might still be at
risk. Research is ongoing (some mentioned in comment 9) about
understanding the risk of collaboration between link-level attackers.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3678#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list