[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] What is preventing Bridge Enumeration?




On Wed, Feb 15, 2017, at 01:45 PM, Geoff Down wrote:
> 
> 
> On Wed, Feb 15, 2017, at 01:32 PM, BVpTuvb AVMV wrote:
> > What is preventing an attacker to start up a few mid-nodes and
> > enumerating all IPs and substracting those from the list of publicly
> > known entry-nodes to get a list of (all) unlisted bridges?
> > 
> > Seems a lot cheaper than dpi and except for a few false positives due to
> > bots pinging it should be quite accurate is this an inherent and known
> > flaw to the bridge infrastructure that we have to live with or am i
> > missing some keypoint?
> > -- 
> Bridges are indistinguishable from clients, of which there are millions.
> 
Plus, IIUC, bridges connect to Guards - to just one guard
semi-permanently, like clients do. So your malicious relays, even if
they got the Guard flag, would not see all the bridges.

-- 
http://www.fastmail.com - Access all of your messages and folders
                          wherever you are

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk