[tor-talk] Automatic vulnerability scanning of Tor Network?

[Chris]

> All of these ideas about removing allegedly ‘insecure’ or
> ‘vulnerable’
> relays from the network ignore the fact that someone who wants to
> compromise Tor relays and use them to attack Tor users will just make
> the relays appear to not be vulnerable, so that they can stay in the
> network.  I'm amazed at how many people want us to remove relays which
> have definitely not been compromised from the Tor network.

To be clear I didn't suggest this. It doesn't sound like a bad idea
although the question is what good if any would it do? Having some
compromised nodes is already assumed.

I think the concern is that if a significant number of relays can be
easily compromised then there is a reason to do this. It would be
'hardening' the network.

It doesn't matter if some relays are taken over and appear to be
not-vulnerable. The fewer that can be taken over reduces the risk of
encountering multiple compromised nodes in any given path. There are other
ways to achieve this. Setting up many many nodes for instance.