[tor-bugs] #4771 [BridgeDB]: bridgedb should make clearer in its logs which addresses it knows are from bulk-exitlist
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Mar 30 02:44:52 UTC 2015
#4771: bridgedb should make clearer in its logs which addresses it knows are from
bulk-exitlist
--------------------------+--------------------------------------------
Reporter: arma | Owner: isis
Type: defect | Status: needs_review
Priority: minor | Milestone:
Component: BridgeDB | Version:
Resolution: | Keywords: isis2015Q1Q2, isisExB, isisExC
Actual Points: | Parent ID:
Points: |
--------------------------+--------------------------------------------
Comment (by isis):
Replying to an email from Robert Ransom:
> Replying to
[https://trac.torproject.org/projects/tor/ticket/4771#comment:14 isis]:
> > * Should we still be grouping clients by `/24`s? What adversary is
that effective against? I realise that it isn't very difficult to get a
class C subnet, but it isn't very difficult to get addresses in different
`/24`s. Should we make the groups bigger, i.e. group clients by which
`/16` they are coming from?
>
> I thought it was /16, or at least intended to be /16, once, but I was
probably confusing BridgeDB with Tor's implicit IP-based ‘families’ (i.e.
no two relays in the same /16 will be chosen for the circuit).
Do you think it should be changed to /16? Truncating to /24 just seems
like it would stop someone at Noisebridge from getting multiple sets of
lines (Noisebridge has a /24). I don't really see what that accomplishes.
I thought that the NSA has a bunch of /8s? And China has even crazier,
they can just spoof the IP of *anything* in China.
I kind of think we should be grouping clients according to what country
they are coming from… that is at least marginally difficult to change.
>
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4771#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list