[tor-relays] Feedback

Random Tor Node Operator tor at unterderbruecke.de
Fri Feb 26 11:27:07 UTC 2016 

On 26.02.2016 11:54, Tim Wilson-Brown - teor wrote:
> 
>> On 26 Feb 2016, at 11:52, Random Tor Node Operator
>> <tor at unterderbruecke.de <mailto:tor at unterderbruecke.de>> wrote:
>>
>> On 26.02.2016 05:15, torserver at datakanja.de
>> <mailto:torserver at datakanja.de> wrote:
>>>  * Next, i noticed a frequent (daily) behavior of the Tor server
>>>    dropping traffic to around zero. Inspecting this, let me to
>>>    understand, my provider was disconnecting me and reassigning a new
>>>    IP on a daily basis, which took some time to propagate. Even worse:
>>>    It did not propagate on its own, i needed to restart the tor service
>>>    to reinitialise...
>>
>>
>> Instead of a Tor Relay, you can operate a Tor Bridge, perhaps with obfs4.
>> A regularly changing IP address is less of a problem for bridges. It may
>> even be of advantage. Once its IP address gets blacklisted by
>> adversarial actors, you already have a new one.
> 
> But how do users find that new address?
> (For some users, the bridge authority might tell them when provided with
> the bridge's fingerprint, but only if their other bridges work.)

Yes, that's the thing when being within a censored environment. A user
needs to have at least one bridge or other way to find their way into
the Tor network.

Imagine a world where all Tor bridges have a static IP.
After a while, the adversarial actors would have a complete list of all
bridges and successfully block all access to the Tor network. (Except
when a brand new bridge pops up)
Every bridge would only be useful until first detection by the adversary.

But with bridges with dynamic IP, the adversary has to play whack-a-mole
with the bridges and chances are, the user within the censored
environment will have *some* moles (bridges) which haven't been whacked
yet, allowing them access to the Tor network.

So in terms of censorship resistance, bridges with occasionally changing
IP are better for the Tor network than those with static IP.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160226/972bc1d4/attachment.sig>

More information about the tor-relays mailing list