[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: How can I trust all my Tor nodes in path
Thus spake Martin Toron (tr_tor1122@xxxxxxxxx):
> Hi.
>
> I have read in the Tor documentation that the number of Tor routers
> in a path is hard-coded at 3. And I understand that the path
> changes every 10 minutes (except for active connections).
>
> As a client not running a server, how am I sure that at least one of
> the nodes in the path can be trusted?
>
> A little math: assume there are 200 Tor routers, some of which have
> been compromised and owned by the same attacker. If the number
> compromised is small, I can be somewhat confident that at least one
> router is trusted. However, suppose the attacker massed a "global
> attack" on the Tor network: all at once the attacker introduces
> 10,000 new routers into the network, all of which he has control of.
> Now, when I choose 3 routers for my path, I only have a few that may
> be trusted, which are in the original 200.
>
> Has this problem been addressed elsewhere?
So I'm guessing you're thinking something like someone heading over to
Amazon's Elastic Computing Cloud and setting up 10,000 tor servers?
I believe tor servers have to be manually approved by tor-ops before
they begin to be used for normal traffic. This used to be the case at
least. Perhaps it has been abandoned due to scaling issues?
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs