[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: another reason to keep ExcludeNodes
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: another reason to keep ExcludeNodes
- From: Anon Mus <my.green.lantern@xxxxxxxxxxxxxx>
- Date: Thu, 19 Feb 2009 09:32:07 +0000
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Thu, 19 Feb 2009 04:32:06 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=JnSRH4kmhnLAFeprA1MNx9jap1KHv3Ur5XVJROCRJgU=; b=JYuvoe/U5nLdTEUKHoYgbTxb1yYx3WWru9mrahZ5sShI/HUS4p5qj8DFhcj8bSAAVy 1tlmKNwSj4/9C9eSf0PhE9imcew0kpLcYsRHx74tzsXGz2aDcXRgjs2/LodtMtCzzwIl iOsYY6QhHmtLTmyI7M1IDBpjfaPGEOV0w+moI=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=q8gQqRdNZsx3H2jNjXls9Xms3Qq9ArHPgUFFI8UXiBfdkPOgNiPZ1PY4peeornIKo/ 8TQtGk4se4HfNhA80tfpvgrTGfZIZDE4S2+QWIbzDnFFnCJtv9Xi29GxZoQgeTNSsKUo yb87M65KXqQug+Lw3PjS++zLgo0HsoOMMda1Y=
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 2.0.0.14 (Windows/20080421)
----- Original Message -----
From: "Roger Dingledine" <arma@xxxxxxx <mailto:arma@xxxxxxx>>
To: <or-talk@xxxxxxxxxxxxx <mailto:or-talk@xxxxxxxxxxxxx>>
Sent: Tuesday, February 17, 2009 8:04 PM
Subject: Re: another reason to keep ExcludeNodes
On Tue, Feb 17, 2009 at 08:08:19PM +0100, Lexi Pimenidis wrote:
> > > little bit of investigation it turned out that one particular
relay was
> > > always in a circuit that truncated those files, so I added it to my
> > > ExcludeNodes list. And voila' complete images from then on.
> >
> > Would not it be better if you would report this node so that its
> > problem can be fixed?
>
> This could possibly be used to identify anonymous surfers: imagine
an $evil
> exit node trying to identify somebody surfing on $evil-site1 (which
isn't
> very popular and only a very small subset of people use it). It just
needs
> to modify the output a bit and then wait for somebody to complain
about it.
>
> Chances are, the one complaining might give away enough info to
identify himself..?
Hey, that brings up another possible attack. What if a website keeps
giving out partial pages in response to exit nodes that it doesn't like
(for example because it can't monitor them), to encourage users to
manually mark them as excludeexit, thus making sure that user won't use
those exits for other sites either?
From my experience there are (probably) govnt run sites in the US which
do block a wide range of tor exit nodes. But they permit a few exit
nodes, mainly from the US, to have full access.
So this is done whether or not you use excludeexit.
It wouldn't break anonymity outright, but it would certainly make the
probabilities more complex to reason about.
Rabbit holes within rabbit holes,
--Roger
My experience of excluding nodes (exits or otherwise) is that there are
generally plenty of nodes out there so as to keep you safe. And that in
general terms only a few exit nodes are a problem at the moment.
Therefore I reckon that the ExcludeNodes, etc, options are very useful -
we need them - place a "warning" label on their use if need be.