[or-cvs] r8939: mention that Tor provides anonymity and that anonymity is im (in tor/trunk: . doc/design-paper)

nickm at seul.org nickm at seul.org
Sun Nov 12 22:05:19 UTC 2006 

Author: nickm
Date: 2006-11-12 17:05:18 -0500 (Sun, 12 Nov 2006)
New Revision: 8939

Modified:
   tor/trunk/
   tor/trunk/doc/design-paper/blocking.tex
Log:
 r9299 at totoro:  nickm | 2006-11-12 17:05:09 -0500
 mention that Tor provides anonymity and that anonymity is important.  Heh.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r9299] on 96637b51-b116-0410-a10e-9941ebb49b64

Modified: tor/trunk/doc/design-paper/blocking.tex
===================================================================
--- tor/trunk/doc/design-paper/blocking.tex	2006-11-12 21:56:34 UTC (rev 8938)
+++ tor/trunk/doc/design-paper/blocking.tex	2006-11-12 22:05:18 UTC (rev 8939)
@@ -274,7 +274,8 @@
 The Tor design provides other features as well that are not typically
 present in manual or ad hoc circumvention techniques.
 
-First, the Tor directory authorities automatically aggregate, test,
+First, Tor has a fairly mature way to distribute information about servers.
+Tor directory authorities automatically aggregate, test,
 and publish signed summaries of the available Tor routers. Tor clients
 can fetch these summaries to learn which routers are available and
 which routers are suitable for their needs. Directory information is cached
@@ -283,8 +284,8 @@
 of compromised directory authorities, we use a threshold trust scheme---
 see Section~\ref{subsec:trust-chain} for details.)
 
-Second, Tor clients can be configured to use any directory authorities
-they want. They use the default authorities if no others are specified,
+Second, the list of directory authorities is not hard-wired.
+Clients use the default authorities if no others are specified,
 but it's easy to start a separate (or even overlapping) Tor network just
 by running a different set of authorities and convincing users to prefer
 a modified client. For example, we could launch a distinct Tor network
@@ -345,6 +346,17 @@
 something else: hundreds of thousands of different and often-changing
 addresses that we can leverage for our blocking-resistance design.
 
+Finally and perhaps most importantly, Tor provides anonymity and prevents any
+single server from linking users to their communication partners.  Despite
+initial appearances, {\it distributed-trust anonymity is critical for
+anticensorship efforts}.  If any single server can expose dissident bloggers
+or compile a list of users' behavior, the censors can profitably compromise
+that server's operator applying economic pressure to their employers,
+breaking into their computer, pressuring their family (if they have relatives
+in the censored area), or so on.  Furthermore, in systems where any relay can
+expose its users, the censors can spread suspicion that they are running some
+of the relays and use this belief to chill use of the network.
+
 We discuss and adapt these components further in
 Section~\ref{sec:bridges}. But first we examine the strengths and
 weaknesses of other blocking-resistance approaches, so we can expand

More information about the tor-commits mailing list