[tor-talk] Should I warn against Tor?
tortalk at informationelle-selbstbestimmung-im-internet.de
Sun Jul 7 10:04:31 UTC 2013
On Sa, Jul 06 2013, Roger Dingledine wrote:
> One of the unfortunate properties of the Internet is how it's much less
> decentralized than we'd like (and than we used to think). But there are
> still quite a few different places that you need to tap in order to have
> a good chance of beating a Tor circuit. For background, you might like:
Yes, I like those papers. Yet, I’m confused on at least two levels.
First, the current Tor Path Specification  selects nodes based on
/16 subnets but does not consider AS paths as in those papers.
DBLP:conf:ccs:EdmanS09 briefly mentions /16 subnets being “largely
effective, though may not be stringent enough.” In fact, the more
recent paper on LASTor  reports a “false-negative rate of 57%
with the default Tor client” to detect snooping ASes.
Second, I deliberately considered IXes, not ASes. From the paper by
Murdoch and Zieliński :
“We suggest that existing models, based on Autonomous System (AS)
diversity, do not properly take account of the fact that while, at
the AS level abstraction, a path may have good administrative domain
diversity, physically it could repeatedly pass through the same
Internet eXchange (IX).”
Although the paper by Murdoch and Zieliński is cited in
DBLP:conf:ccs:EdmanS09, I fail to see that they address IXes at all.
More information about the tor-talk