[tor-talk] Did the FBI Pay a University to Attack Tor Users?

coderman coderman at gmail.com
Thu Nov 12 10:24:36 UTC 2015


On 11/11/15, Soul Plane <soulplane11 at gmail.com> wrote:
> ...
> Is this a problem that can't be stopped, these relays that may join the
> network in an effort to de-anonymize users?

conflating issues; let's pick apart,

can you stop evil relays from ever participating?
 No. however the design of Tor takes this into account through guard
selection, circuit building, consensus decisions, see
https://ritter.vg/p/tor-vlatest.pdf

can you stop enough evil relays from routinely be selected in circuits
such that correlation like this is impossible?
 Probably! this is where better relay checking techniques (beyond the
usual exit checks) could help. Note that troubleshooting for tor-relay
community would be advantaged by more robust checks as well.

can you stop evil relays from using 0day attacks against users?
 No; 0day has, does, and will continue to happen. this is why defense
in depth is important - you don't know if you might one day fall into
a window of vulnerability to the wrong attacker and end up without
Tor's privacy protections.



> Can anyone still flood the
> network with tons of relays?

yes, and this is annoying.
 see LizardSquad attempted Tor DoS.

this kind of crap sybil does not affect the anonymity of clients however!



> Though the relays that were identified were
> removed wouldn't someone persistent just learn from that and differentiate
> more?

this is the challenge. when an attacker is motivated, patient, well
funded, and exercising utmost stealth, it is very difficult to
distinguish their behavior from others in the world wide Tor relay
community.


best regards,


More information about the tor-talk mailing list