Circuits still shared?
Roger Dingledine
arma at mit.edu
Sun Feb 12 09:56:06 UTC 2006
On Sun, Feb 12, 2006 at 04:44:35AM -0500, Roger Dingledine wrote:
> It may be best to first think hard about the tradeoffs of various
> approaches to dividing streams over circuits, since optimizing for your
> anonymity vs somebody else's donated CPU sounds like a pretty tough
> graph to nail down. Let us know when you have some designs and we'll
> start thinking about how to analyze and compare them.
One option is that we've already got a function in the code:
/** Go through the circuitlist; for each circuit that starts at us
* and is dirty, frob its timestamp_dirty so we won't use it for any
* new streams.
*
* This is useful for letting the user change pseudonyms, so new
* streams will not be linkable to old streams.
*/
void
circuit_expire_all_dirty_circs(void)
We could expose this function via the controller interface (maybe
as another signal), and then the controller could have a button to
"change to a new pseudonym." I think this was in the plans at some
point, but it fell off my plate.
This could achieve the goal of not overloading the network. Is it smart
to rely on the human to know when a pseudonym switch is required?
--Roger
More information about the tor-talk
mailing list