[tor-bugs] #5684 [Metrics Data Processor]: Should we stop sanitizing nicknames in bridge descriptors?
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Apr 27 05:30:06 UTC 2012
#5684: Should we stop sanitizing nicknames in bridge descriptors?
------------------------------------+---------------------------------------
Reporter: karsten | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Metrics Data Processor | Version:
Keywords: | Parent:
Points: | Actualpoints:
------------------------------------+---------------------------------------
When we started making
[https://metrics.torproject.org/formats.html#bridgedesc sanitized bridge
descriptors] available on the metrics website we replaced all contained
nicknames with "Unnamed". The reason was that "bridge nicknames might
give hints on the location of the bridge if chosen without care; e.g. a
bridge nickname might be very similar to the operators' relay nicknames
which might be located on adjacent IP addresses."
This was an easy decision back then, because we didn't use the nickname
for anything. This has changed with #5629 where we try to count EC2
bridges which all have a similar nickname. So, while we don't have that
information, there'd now be a use for it. Another advantage of having
bridge nicknames would be that they're easier to look up in a status
website like Atlas (which doesn't support searching for bridges yet). We
should re-consider whether it still makes sense to sanitize nicknames in
bridge descriptors or not.
Regarding the reasoning above, couldn't an adversary just scan adjacent IP
addresses of all known relays, not just the ones with similar nicknames?
And are we giving away anything else with the nicknames?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5684>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list