[tor-relays] not specified families
Tor Relays at brwyatt.net
tor at brwyatt.net
Tue Jan 10 01:21:20 UTC 2012
Wouldn't it be possible to code the Tor clients to not build circuits
using relays in the same /24 or with "similar" names? While that wouldn't
fix ALL possible attack scenarios, that could certainly help, and help
against accidental (or malicious) misconfigured nodes.
On Tue, 10 Jan 2012 00:28:16 +0100, "Aurel W." <aurel.w at gmail.com> wrote:
>> Malicious relays trying to de-anonimize people are not going to use
>> MyFamily for obvious reasons, and also they will not choose an obvious
>> nick sequence like MetallicaFan1, MetallicaFan2,etc
>> So it seems to me this option has only theoretical benefit, but in
>> practice it's naive.
> True, but in theory you also have to consider that nodes could get
> compromised and then it is very likely that a whole family is affected
> (may be too paranoid for some).
>
> I also wonder if it gets harder to identify a real threat, of a
> malicious attacker operating many nodes, if there are so many other
> cases of not-specified families.
>
> The "MetallicaFan1, MetallicaFan2,.." nodes might not be a problem,
> because no one with a malicious attempt would name nodes like that.
> But they are an indication, that there might be a bunch of other
> nodes, without any such strong sings, but which are also operated by
> one single individual. Because obviously, it's a very common mistake
> in configuration.
>
> There might be feasible techniques to find suspicious groups of
> relays, but with all this non specified families, this would be rather
> pointless.
>
> aurel
>
> aurel
>
> On 9 January 2012 23:39, Javier Bassi <javierbassi at gmail.com> wrote:
>> On Mon, Jan 9, 2012 at 7:13 PM, Aurel W. <aurel.w at gmail.com> wrote:
>>> Shouldn't this be treated more seriously? There are literally over 100
>>> high bandwidth relays, which should specify a family but which don't.
>>> If you monitor a client, it is very frequently that circuits are built
>>> where two relays are clearly controlled by the same person.
>>>
>>> As a first try I mailed to two contact email addresses, but I haven't
>>> got any response.
>>
>> In the end its the same. Relay operators who are willing to place
>> MyFamily in their torrc file are not the ones that are going to try to
>> identify you.
>> Malicious relays trying to de-anonimize people are not going to use
>> MyFamily for obvious reasons, and also they will not choose an obvious
>> nick sequence like MetallicaFan1, MetallicaFan2,etc
>> So it seems to me this option has only theoretical benefit, but in
>> practice it's naive.
>> Or maybe I'm missing something
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
More information about the tor-relays
mailing list