[tor-dev] Guard nodes and network down events

Tom Ritter tom at ritter.vg
Thu Aug 14 13:18:03 UTC 2014

On 13 August 2014 07:47, George Kadianakis <desnacked at riseup.net> wrote:
> The fundamental issue here is that Tor does not have a primitive that
> detects whether the network is up or down, since any such primitive
> stands out to a network attacker [3].

I'm not certain this is true.  Windows and Mac OS detect whether or
not there is a Captive Portal/Internet connection.  While one can
argue this is bad practice, piggybacking on a detection mechanism used
by default in widely deployed OS's seems like it would not stand out.

Windows has IsInternetConnected [0] which uses NCSI[1].

I know less about Mac, but there is SCNetowrkReachability [2].
Apparently the (undocumented) way that Apple uses to detect captive
portals is [3].

It's not very clean to emulate a request instead of using an API, if
it came down to it.  But while it may seem dangerous to emulate a
request that can change in an OS patch... the reality of it is that as
long as you pay attention to the patches, you'd be able to deploy a
fix long before a non-negligible portion of people patched anyway.


[0] http://msdn.microsoft.com/en-us/library/windows/desktop/aa366143(v=vs.85).aspx
[1] http://blog.superuser.com/2011/05/16/windows-7-network-awareness/
[2] https://developer.apple.com/library/mac/documentation/SystemConfiguration/Reference/SCNetworkReachabilityRef/Reference/reference.html
[3] http://blog.erratasec.com/2010/09/apples-secret-wispr-request.html#.U-y2KYBdWaQ

More information about the tor-dev mailing list