[tor-relays] unflagged BAD EXIT nodes
nusenu
nusenu at openmailbox.org
Sat Jul 4 08:04:05 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
> But bottom line, the Tor Project apparently did nothing with the
> information.
Well, they apparently made (according to phw) an informed decision on
which attacks they should be spending the little available resources.
That is certainly more than doing 'nothing'.
Philipp Winter explained the general situation quite clearly (without
going into the specifics of the reported relays):
> there are not enough people to keep up with all the work. The
> little resources we have we tend to spend on more serious attacks.
> That is not to say that traffic sniffing is harmless, but we are
> forced to prioritise
So if this does not match with ones assumptions and threat model it is
probably good to adjust the threat model towards it.
It is certainly better to always assume the presence of bad exits
because it is impossible to detect them all, all the time, with no
delay (and because even good exits have to route their packets through
the "bad internet" to its final destination.)
I'm _not_ saying that we should forget about the 'badexit' flag
altogether because "we can't get hold of all of them anyway", but now
we know more about the resources of those managing badexit flags and
its implications.
I find it more worrying that we do not "hear" about the 'more serious
attacks' that keep them busy and don't allow them to look into i.e.
'AviatoChortler' (even after a few weeks). That might mean that there
is a constant stream of 'more serious attacks' (without information I
can only guess).
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJVl5N1AAoJEFv7XvVCELh03cIP/jgiCrg+YaUjtUv6GHv4dkA9
PF40d4HIDQ7XBeMTFezHC/m7xFUeF163vG1zE2I5sWKD3UFXEOaAgXF+GMC8YpSs
83P2ewv8Mc5oNHwnyK5J0hjnaksix1b/X+C0GG+YJ8QixBGqZQ+wBHaBpr7DWsrx
bDlcOJB1tyUKl6wRiZWPEGWCJBVMb4CSLzBA3bRVwt6kJXAalC2UQmcmRs+iCj1l
5IUHTbhAl/uc2dLlUx4LeXooZCL6zolHO4u2/dYdzTpOjVVBOx0E6e9EMO3YC25i
5fTaJRWq2V+Va3yfhIQWTQPAkEglbtxfThPidUaKTiWP6j3/70eYSoz5gdM3KwO5
Tm2PCuzgaLRsqd+tqBWnr0EXq5R/TQWsreYpbXwH5SpRUyGg/COELh8wRvYvRiUp
+S/N1S38RwjV1I0cMyZvnDS5AFbqv6Jp9KzqyXFSGlS6mH2iJfDCH3211OjLbcpA
XpqRzLrqTB4UELqbQkldqIS/aYqTxEb5L3PS4ZlzQG0BdGmYj8z1iI4r2BGjgjjD
Zgx7TE2HNkwfgOp/0Lk067FgHcGaGRZMd+kF/KOn7+Yv25Lx9U7dQkd0EYRzT1og
OrIloqAlHJgSLzsWrYZMRK7qVqQ/jyvfv/pXHmXUpqM3rFfozh1p4qjHuFZO9tx5
SknFJ0iiinZ+exe48ttc
=0WMo
-----END PGP SIGNATURE-----
More information about the tor-relays
mailing list