[tor-talk] Network diversity [was: Should I warn against Tor?]

Gregory Maxwell gmaxwell at gmail.com
Fri Jul 19 16:33:45 UTC 2013


On Fri, Jul 19, 2013 at 8:35 AM, Jens Lechtenboerger
<tortalk at informationelle-selbstbestimmung-im-internet.de> wrote:
> [For those who are confused about the context of this: I started the
> original thread.  A write-up for my motivation is available at [0].]   I
> Links to my code and a README.txt clarifying necessary prerequisites are
> available at [0].   Best wishes Jens  [0]
> https://blogs.fsfe.org/jens.lechtenboerger/2013/07/19/how-i-select-tor-guard-nodes-under-global-surveillance/

It's _very_ hard to reason about this subject and act safely.

It is common for ISPs to use segments in their network which are
provided by third party providers, even providers who are almost
entirely facilities based will have some holes or redundancy gaps.
Because these are L1 (wave) and L2 (e.g. ethernet transport) they are
utterly invisible from the L3 topology.

You can make some guesses which are probably harmless: a guard that is
across the ocean is much more likely to take you across a compromised
path than one closer—    but going much further than that may well
decrease your security.

These concerns should be reminding us of the importance of high
latency mix networks... they're the only way to start getting any real
confidence against a global passive observer, and the are mostly a
missing item in our privacy tool toolbelt.


More information about the tor-talk mailing list