[tor-dev] "Trawling for Tor Hidden Services: Detection, [...]"
matthew.finkel at gmail.com
Sat May 25 17:01:48 UTC 2013
On Fri, May 24, 2013 at 12:32:20AM -0400, Jon Smithe wrote:
> > As for the deanonymization attack, I think it is pretty novel in that it
> > uses a custom traffic signature to make the attack from
> > http://freehaven.net/anonbib/cache/hs-attack06.pdf more reliable, but
> > otherwise that is why we introduced guard nodes.
> The math behind this concept is not overly compelling or I'm just
> dumb, both are probable and neither are mutually exclusive, but if I
> were looking for a state-based backdoor, I'd imagine it to look a bit
> like this (which is not to imply that is the case here by any means).
You make some interesting and valid points, however this is the type of
statement that spreads fud and it doesn't help anyone.
Please see bug #8240  which contains a detailed discussion of this
tl;dr This is being worked on, 0.2.4 addresses many of these problems
and 0.2.5 will continue to make improvments.
Whether or not you were implying this situation was a calculated
decision that resulted in a "state-based backdoor", it is the
insinuation of such a thing that can hurt Tor's reputation.
More information about the tor-dev