Re: another reason to keep ExcludeNodes

[Roger Dingledine <arma@xxxxxxx>]

On Tue, Feb 17, 2009 at 08:08:19PM +0100, Lexi Pimenidis wrote:
> > > little bit of investigation it turned out that one particular relay was
> > > always in a circuit that truncated those files, so I added it to my
> > > ExcludeNodes list.  And voila' complete images from then on.
> > 
> > Would not it be better if you would report this node so that its
> > problem can be fixed?
> 
> This could possibly be used to identify anonymous surfers: imagine an $evil
> exit node trying to identify somebody surfing on $evil-site1 (which isn't
> very popular and only a very small subset of people use it). It just needs
> to modify the output a bit and then wait for somebody to complain about it.
> 
> Chances are, the one complaining might give away enough info to identify himself..?

Hey, that brings up another possible attack. What if a website keeps
giving out partial pages in response to exit nodes that it doesn't like
(for example because it can't monitor them), to encourage users to
manually mark them as excludeexit, thus making sure that user won't use
those exits for other sites either?

It wouldn't break anonymity outright, but it would certainly make the
probabilities more complex to reason about.

Rabbit holes within rabbit holes,
--Roger