Exit Balancing Patch

Roger Dingledine arma at mit.edu
Wed Jul 18 10:14:43 UTC 2007


On Wed, Jul 18, 2007 at 03:07:04AM -0700, Mike Perry wrote:
> > so defending against this kind of thing may be useful now, not just in
> > the future. :)
> 
> The mechanisms are built. All we need is people to scan. If you would
> like, I can show you how to run scans via TorFlow and monitor the
> results. It is hard for me to juggle scanning continuously right now
> by myself, I work a full time job and have 2 Tor projects going :). I
> could use some help.

If you could show us all, I'll add it to your README file. ;)
(Thanks!)

> > does this mean that clipping prevents the attack inside
> > smartlist_choose_by_bandwidth, but the directory servers are still
> > exposed because of the way they compute thresholds, in turn affecting
> > guard / stable selection?
> 
> Yeah, the limit should be split and lowered. 1.5Mbyte/sec does not
> defend against guard selection attacks, as I mentioned above.

To be clear, it's not attacks against new guard selection I'm worried
about -- rather, these attacks let you push users away from their
currently selected guards because they lose faith in them. So once we fix
it, even if there are 50 old guards and a thousand new ones, the users who
liked the old ones before the attack started will still be doing better.

--Roger



More information about the tor-dev mailing list