[tor-talk] Tor compromised?
Robert Ransom
rransom.8774 at gmail.com
Fri Oct 14 17:54:03 UTC 2011
On 2011-10-14, torvlnt33r at fastmail.fm <torvlnt33r at fastmail.fm> wrote:
> A guess is that there might be a link between the bridges
> enumeration attack mentioned in that article and the recent spike
> in bridge use, for which one of the hypotheses was a botnet
> (https://lists.torproject.org/pipermail/tor-talk/2011-September/0
> 21347.html).
>
> Creating many circuits through the bridges is a way to make them
> visible to a large proportion of relays, including potentially
> malicious ones.
You can only create many circuits through a bridge if you already know
its TCP address.
> A possible countermeasure might be something similar to the
> "Entry Guards" mechanism for circuits that go though bridges.
We plan to make bridges direct their clients' circuits through their
entry guards. See
https://svn.torproject.org/svn/projects/misc/rransom/2011/dev-meeting-photos-2011-07-25-01/orig/100_2373.jpg
for the few notes we have online from when we discussed bridge
concealment at the Tor developer meeting this summer.
Robert Ransom
More information about the tor-talk
mailing list