Setting country code?

[Just A. User]

On Wed, 15 Dec 2010 14:29 +0000, "Runa A. Sandvik"
<runa.sandvik at gmail.com> wrote:
> It is not recommended because it "can mess up your anonymity in ways
> we don't understand". By using only exit relays in, for example,
> Germany you have have less relays to choose from than if you used
> *any* exit relay in the world. This applies to Entry and Exit, as well
> as Exclude.

Just for the record, how can restricting the *entry* nodes set mess
one's anonymity up? E.g. using entry guards is recommended and
considered to be safe. Are there any plausible conjectures on how to
exploit such a restriction?

On the other hand, consider a situation when restricting entry nodes
could be of some use. Suppose an emigrant does not trust her native
country (NC) secret police (SP) and wants to connect to an NC based
web-server anonymously. She does not know which nodes are controlled by
SP (either in NC or abroad), however, every connection to any NC based
node is observable by SP. Thus, using an NC based entry to reach an NC
based server does facilitate end-to-end correlations. So it seems wise
for the emigrant to avoid using NC based entry nodes.

Of course, geoIP techniques are not very reliable and a malicious entry
could be located anywhere. However, if restricting entry nodes allows to
avoid a priori insecure circuits without any significant adverse
effects, it is worth to have EntryNodes option, isn't it?

BTW, the stable version does not support country codes in EntryNodes
(see l.2512 of src/circuitbuild.c). Are there any plans to implement
this feature?

-- 
http://www.fastmail.fm - The way an email service should be

***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/