[tor-talk] State of bad relays (March 2017)

Ivan Markin twim at riseup.net
Sat Mar 4 13:02:14 UTC 2017


On Sat, Mar 04, 2017 at 11:38:07AM +0100, Fabio Pietrosanti (naif) - lists wrote:
> Imho those should likely be splitted in other two different categories
> of Bad exist nodes:
> 
> a-1. passively sniffing
> a-2. actively manipulating client traffic
> 
> I feel that we would need to implement a bit more detection methods in
> trying to identify those who does passive sniffing, but does not
> actively manipulate client traffic.
> 
> It's more difficult, it could lead to false positive without "evidences"
> but with "highly reasonable suspects" and that could be a specific
> branch of detection patterns and counter-espionage techniques to be put
> in places for that specific purposes.
> 
> Then the problem is "what to do when there's suspect that someone is
> passively sniffing" but there's no scientifically proven evidences?

The threat model of exit nodes is that they *do capture all of the traffic*.
I don't see the point of looking for some evidence that they do that.
You can only detect whether they exploiting gathered data or not; you
cannot differentiate on the internet who's doing bad stuff - whether
it's relay or any upstream provider. What relays never should do is
to intrefere with user's traffic in any way (BadExit).

Just educate the users about the threat models and use e2e encryption.

--
Ivan Markin


More information about the tor-talk mailing list