Anonymity questions
Michael Holstein
michael.holstein at csuohio.edu
Thu Feb 23 21:25:30 UTC 2006
> In addition, I think that the TorFAQ was not too precise about the
> "global adversary". As I wrote in my initial email, if you happen
> to contact a server observed by your ISP or if you choose an exit
> node observed by your ISP then your ISP "is" a global adversary.
I know this is mentioned in the "wish list" of features, but extending
the existing "MyFamily" sort of functionality (to prevent clients from
using multiple servers I might happen to run for a path), to be "smart"
enough to use one of the public route-servers and ensure that each
router in the path is on a unique ASN -- or at least ensure that both
the entry and exit aren't on the same one.
A more detailed (and vastly more computationally intense) way to go
about it would be to check the AS path list for your circuit to see if,
despite the fact that each node is on a seperate AS, that they don't all
have one common AS as part of the BGP path (since there are about 5
carriers that transit the bulk of US IP traffic).
How you could do this without downloading a current BGP table to each
client and processing it locally, I don't know -- and having run
openBGPd on BSD before, I can attest to how much memory/horsepower that
requires (current table is several hundred MB).
~Mike.
More information about the tor-talk
mailing list