[tor-bugs] #7066 [Tor]: Guard disablement by path-bias detector must be disabled or removed
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Oct 18 00:32:50 UTC 2012
#7066: Guard disablement by path-bias detector must be disabled or removed
------------------------+---------------------------------------------------
Reporter: rransom | Owner:
Type: defect | Status: needs_revision
Priority: blocker | Milestone: Tor: 0.2.3.x-final
Component: Tor | Version:
Keywords: tor-client | Parent:
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by mikeperry):
Replying to [comment:4 rransom]:
> Replying to [comment:2 nickm]:
> > Please review branch "neuter_pathbias" in my public repository.
>
> The changes/ file is wrong -- the problem isn't that pb_disablepct could
keep clients from building circuits at all (although it would have that
effect on clients which use bridges); the problem is that pb_disablepct is
a user-tracing backdoor which can be used to cause clients to cycle
through all the available Guard nodes as entry nodes.
Can you explain the attack vector here? Should we disable all of our
consensus parameter support?
> Other than that, looks good for 0.2.3.x (I grepped for
“`path_bias_disabled`” on that branch and didn't find anything else that
turns it on). There will be a merge conflict on 0.2.4.x.
I do not believe this is the right way to disable the guard rotation
features for 0.2.3.x. Please see my proposal, particularly the last
section "Implementation Notes: Differences between proposal and current
source".
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7066#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list