getting more exit nodes
robert at roberthogan.net
Sun Apr 20 20:02:47 UTC 2008
On Sunday 20 April 2008 12:32:19 Alexander Bernauer wrote:
> The CCC local group Rheintal  is currently working on a solution to
> get much more Tor exit nodes which we think is a major problem of Tor.
> The basic idea is to develop a browser plugin which while active turns
> the computer into both an Tor client and a Tor exit node. The target
> group is a Windows XP or Vista user with almost no technical skills but
> fear of pop-ups asking strange things. We are experienced in providing
> and promoting security software to them  and we beliefe that this
> solution will be accepted and widely used.
> To get the software done I would like to discuss the technical aspects
> The bigest problem we see are those personal firewalls which prevent
> running a normal Tor server. Therefore this machine needs to open a
> client connection. That's why we call it a client-exit node.
> So we need some servers for the client-exit nodes. This nodes we call
> pseudo-exit nodes. The reason for this is that Alice selects this node
> as exit node for its circuit but the traffic gets routed to the
> client-exit node. So the pseudo-exit node doesn't appear in the server
This is an interesting idea - I submitted a proposal with broadly similar aims a
little while ago. Though the approach was completely different.
I suggest you write the idea up using the proposal format and post it to or-dev.
That process will help you consider the security/anonymity implications of what
you're suggesting. It will also reveal if there are any tricky implementation
issues that need working out.
A couple that occur to me:
- Client traffic is being routed through an exit node that was not explicitly
chosen by the client. Does this have any unintended consequences for anonymity?
- Should pseudo-exits mark themselves as vanilla exits, or as something else?
- What exit policy should they advertise?
- How do the client-exits authenticate themselves to the pseudo-exit? Do they
upload descriptors to the authorities?
> This means that every Tor node can become a pseudo-exit node without any
> additional law enforcement risks. Given that all Tor nodes are
> pseudo-exit nodes a client-exit node would select a Tor node at random
> and connect to it. As soon as a pseudo-exit node has at least one
> connection to a client-exit node it registers itself at the directory
> server as a normal exit node. From now on everything goes the normal way
> except that the pseudo exit nodes passes the traffic which would
> normally go out of the Tor network to the client-exit node.
> This is the basic idea. I'm sure there are technical aspects we missed
> or assumptions which are wrong. So I would appreciate if you could point
> us on them.
> We tried hard to find a solution which would not require patching
> existing Tor nodes. But we didn't find any. Maybe we do in this
>  http://ulm.ccc.de/Rheintal
>  http://www.dingens.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: This is a digitally signed message part.
More information about the tor-talk