Re: What's the benefit of a permanent "EntryGuard"?

[David Rothenberger <daveroth@xxxxxxx>]

On 8/30/2006 7:25 PM, Bestbayer@xxxxxxx wrote:
> My question is, what's the security of having a person you always connect 
> to when you don't know them? What if the person is malicious? Isn't it 
> better to connect to different people, especially if you're not running 
> a server? 

From http://tor.eff.org/tor-manual.html.en:

UseEntryGuards 0|1
    If this option is set to 1, we pick a few long-term entry servers, 
and try to stick with them. This is desirable because constantly 
changing servers increases the odds that an adversary who owns some 
servers will observe a fraction of your paths. (Defaults to 1.)

I suppose it is only a good idea if the EntryGuards are trusted. I 
noticed on http://belegost.mit.edu/tor/status/authority that two of my 
three current EntryGuards are annotated with "Guard", but I don't know 
what that means, exactly.

> As of now, I have an automator script that deletes the "state" file
> in the /users/home/.tor directory each time I log into my computer.

You could just set UseEntryGuards to 0.

--
David Rothenberger                spammer? -> spam@xxxxxxxxxxxxxxxxxxx
GPG/PGP: 0x92D68FD8, DB7C 5146 1AB0 483A 9D27 DFBA FBB9 E328 92D6 8FD8

A good reputation is more valuable than money.
                -- Publilius Syrus