[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Better Privacy for Tor Node Operators



----- Original Message ----

> From: tagnaq <tagnaq@xxxxxxxxx>
> To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> Sent: Mon, April 25, 2011 3:44:45 PM
> Subject: Re: [tor-talk] Better Privacy for Tor Node Operators
> 
> On 04/25/2011 03:04 PM, Curious Kid wrote:
> > Is it plausible that a group  of people could be NATed together with a node 
> > operator?
> 
> I would  say most or many nodes that are hosted at home are behind a NAT
> router  together with people. These people do not necessarily know about
> the Tor node  at their public IP address.
> (even though they could easily find  out)

So a site that was able to link users to a pool or residential dynamic IP 
addresses through Tor metrics still would not be certain that multiple accounts 
belong to the same individual.

> > How does limiting node data eliminate the problem of an IP  address 
> > match? 
> 
> If by 'limiting node data' you mean bandwidth  throttling, this has no
> influence on the issue.

I don't mean that. I mean that your feature request blots out details about the 
node, but not the IP address. How will preventing your adversary from knowing 
things like name, Tor version, exit policy and bandwidth help?

> > Isn't this more a  problem of historical data being publicly available 
> > ad-hoc? Where is it  kept? Is there a need or good use for it? (Yes, of 
>course
> > would-be  attackers could maintain their own lists.)
> 
> The Tor server descriptor  archive (metrics.tpo) is very useful to help
> understand and improve the Tor  network.

Can you think of any changes that would make it safer without sacrificing 
anything useful?

> > If one doesn't want to use Tor to visit example.com, maybe a non-blocked 
>one-hop 
>
> >  proxy would work.
> 
> As a Tor user you probably know that one-hop proxies  are weak by design.

I was not proposing that as an anonymity solution. I still don't understand why 
using Tor would not be a solution, but in cases where it's not (such as when 
exits are blocked by the site you need), I don't see much alternative other than 
using free Wi-Fi, an Internet cafe or a friend's house.

> > I don't know how to solve the bigger problem of  IP address 
> > linking without using a remote proxy.
> 
> I made a  feature request. If the use of this feature actually improves
> the situation  of an node operator depends on how many other nodes are
> using it on the same  AS (and other things).
> https://trac.torproject.org/projects/tor/ticket/2980
> 
> _______________________________________________
> tor-talk  mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> 
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk