[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Uptime Sanity Checking

On 3/8/07, Roger Dingledine <arma@xxxxxxx> wrote:
... Right now we're vulnerable to the situation where
an attacker signs up 1000 servers with uptimes of 2 years

question: how are nodes accepted into the verified directories currently?

i know the process is constrained and vetted somewhat, but no details
seem to be documented anywhere.  (that is, it takes X days for Tor ops
to notice your notification and process accordingly (assuming your
request/node appear legitimate))

uptime anomalies should be instantly detectable to an observer
watching the network grow.  discerning honest node contributors from
covert maliciousness is much more difficult though...