The use of malicious botnets to disrupt The Onion Router

Andrew tor at kleinhirn.org
Sat Feb 2 16:20:26 UTC 2008 

Chad Z. Hower aka Kudzu schrieb:
>> Some of us Tor operators know other Tor operators. As such a (web of)
>> trusted core network would be valuable.
>>     
>
> Anyone else interested in this? I'm a coder, unfortunately I do not like C
> (nor C++) so I can't help out much there... How big is the TOR code?
>
> The idea would be that your trusted friends would not be your endpoint exit
> node, just your firstpoint into a TOR network. And your endpoint exit nodes
> would be friends of your friends friends. (3 levels, or more). While not
> passing back who your friend's friends are, statistics such as how many
> friends they have could be passed back to determine how many exit nodes you
> eventually would have... thus you may choose 3 hops... and see that maybe
> there are not enough endpoint exit nodes for your taste... so then you could
> specify more hops.
>   
I don't think from a technical pov the entry point is an issue; all data 
passing through there is encrypted, so malicious intent would have to 
meet serious computing power to do damage (except for dropping the 
packet alltogether) at that point. Also, as you indirectly pointed out 
by simply not mentioning them, relays are even less an issue. So I guess 
"uncredited" routers would still be usefull as middlemen.

However, it might actually be worth considering an *optional* feature 
that would allow tor to only use exit nodes within your web of trust, 
since exit nodes are the ones who could potentially do "bad things". But 
I believe it would also be a serious threat to your anonymity (a site 
that can identify you uniquely over a longer period of time, i.e. your 
email provider, could log all exit nodes you connect from, and from that 
draw conclusions to who's in your web of trust, from where it should be 
only a small step towards your true identity). One would have to choose 
which threat one prefers.

Is there anyone who could give a (somewhat professional) assessment of 
how a web-of-trust feature would impact on anonymity? How about tor's 
overall performance?

Andrew

More information about the tor-talk mailing list