[tor-dev] Internet-wide scanning for bridges

Fabio Pietrosanti (naif) - lists lists at infosecurity.ch
Sat Dec 13 08:40:59 UTC 2014

On 12/13/14 1:33 AM, Vlad Tsyrklevich wrote:
> I've attached a patch to warn bridge operators running with ORPort set
> to 443 or 9001 as a stop-gap measure.

IMHO the real point is that Tor, is not employing the techniques that
used since decades by the COMSEC solutions in the radio-frequency, that
is "frequency hopping".

On the internet we have TCP ports, on the radio-spectrum we have frequency.

Just apply the various, multiple, available, well documented techniques
used to provide additional L1/L2 safety to the radio-frequency
transmission techniques to Tor, et voilà, Tor would acquire important
resiliency properties against massive scanning.

That's just a concept and approach, it would require a bit more of
research, but i'm quite confident that would provide very important
benefit compared to the minor performance issues introduced.

Fabio Pietrosanti (naif)
HERMES - Center for Transparency and Digital Human Rights
http://logioshermes.org - https://globaleaks.org - https://tor2web.org - https://ahmia.fi

More information about the tor-dev mailing list