[tor-talk] Network diversity [was: Should I warn against Tor?]
Jens Lechtenboerger
tortalk at informationelle-selbstbestimmung-im-internet.de
Fri Jul 19 17:03:33 UTC 2013
On Fr, Jul 19 2013, Gregory Maxwell wrote:
> On Fri, Jul 19, 2013 at 8:35 AM, Jens Lechtenboerger
> <tortalk at informationelle-selbstbestimmung-im-internet.de> wrote:
>> [For those who are confused about the context of this: I started the
>> original thread. A write-up for my motivation is available at [0].] I
>> Links to my code and a README.txt clarifying necessary prerequisites are
>> available at [0]. Best wishes Jens [0]
>> https://blogs.fsfe.org/jens.lechtenboerger/2013/07/19/how-i-select-tor-guard-nodes-under-global-surveillance/
I hope that I fixed my “soft newline” problem. Sorry about that.
> It's _very_ hard to reason about this subject and act safely.
>
> It is common for ISPs to use segments in their network which are
> provided by third party providers, even providers who are almost
> entirely facilities based will have some holes or redundancy gaps.
> Because these are L1 (wave) and L2 (e.g. ethernet transport) they are
> utterly invisible from the L3 topology.
>
> You can make some guesses which are probably harmless: a guard that is
> across the ocean is much more likely to take you across a compromised
> path than one closer—
And that is mostly what I’m doing. How do you find guards across
the ocean? Among the “German” guards, YanLunYiZou actually turned
out to be across the ocean and back. (I didn’t check how many of
those exist. I picked the first I saw.)
> but going much further than that may well decrease your security.
How, actually? I’m aware that what I’m doing is a departure from
network diversity to obtain anonymity. I’m excluding what I
consider unsafe based on my current understanding. It might be that
in the end I’ll be unable to find anything that does not look unsafe
to me. I don’t know what then.
Best wishes
Jens
More information about the tor-talk
mailing list