[tor-talk] Friendly LAN bridge -- bad idea?

[Lars Luthman]

On Thu, 2015-05-07 at 23:34 +0000, Nathaniel Goodman wrote: 
> Hello,
> 
> Around here all devices and usual guests use tor. This of course
> generates many direct connections to the tor network. 
> 
> We were wondering if there would be any negative (privacy)
> implications from running a private bridge inside the LAN to which all
> the devices around here would then connect instead of making a direct
> connection to the network.

I've thought of using a similar setup on local networks - configuring
the main router to run a private Tor bridge and blocking all other
traffic. The problem with this is that every normal circuit only gets
two hops out on the internet - your private bridge is the first hop, and
then there's a middle hop and an exit on the internet. Also, since the
private bridge would be the guard node and it is on your local network,
the first hops out on the internet would change much more frequently
than if you didn't use the private bridge but connected to guard nodes
out on the internet. Both of these properties may reduce the anonymity
of Tor users on your local network.

These problems would be avoided if

a) Tor treated all bridges as a 'zeroth hop' and built three-hop 
    circuits _after_ the bridge, with the first hop being chosen
    using the normal guard selection algorithm, or

b) There was a special 'local bridge' type which, when used,
    forced the client to build four-hop circuits with the above
    properties.

I don't think there's any way of achieving any of those without
modifying Tor.


--ll
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150508/b087a98a/attachment.sig>