[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Bad Exit Node Control

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Bad Exit Node Control
From: Roc Admin <onionroutor@xxxxxxxxx>
Date: Fri, 29 Mar 2013 22:44:12 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 29 Mar 2013 22:44:26 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to :content-type; bh=tw5ssCVO/kfiscF19CFH5ykuUDPU38vRQsR+bZ6KOZg=; b=N8sVWgQvUANfQ78lDoutkUfi9h9RfMTiSmlbdmG4s5UnzTR+2kI2aCIDXsTPIsChvc oeIttXDON7xB+CcanzEuT0zw1Y/PLh/pSp4znkm4ofFXX0yGTa5KSTdvJ45aqxrHghQ8 qlW846MwiYYXT8VT+Yq87u3dS9QzVduymTqWqIUpNkLebKhiSHV2z7bAntCNWgfEO/5X cmTA4gfTaBcxJyXVp0s+HL7b+64o+5LHT4ebTF/7L2WKap/6b1+ICcMsltnY9dtCWeWz Gv88ioeg82VJ3liQAqTjZQ4H9OijnkkUX0U57VB7HLuzKE7mVEg8BAJaLpIDFyITmUI9 aDjg==
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

I'm working on an updated version of SnakesOnATor (SOAT) that was used
to monitor the Tor network for bad exit nodes. This is a similar
function to InspectTor hosted on a .onion site but that page owner has
not been reachable and has not reached out to other Tor folk.

The main problem with InspecTor is that he/she is recommending that
because a bad exit node has been detected, users should change their
Tor configs to never use those nodes. This would eventually negatively
affect a user's anonymity as they would create a network fingerprint
unlike any others.

But this is, AFAIK, going to be the same problem that SOAT or any
future solution would have. Namely, that there is no official
mechanism to kick off a bad exit. If I understand correctly, this was
a manual process in the past that entailed emailing the op and
eventually kicking them off?

I'm looking for feedback on the above statements. Maybe I'm missing
something or do not know about the underlyings of the process.

If I do understand it correctly, I wonder if a solution is necessary
that integrates monitoring and removing bad exit nodes and malicious
activity, If we agree that users should not change their routes, then
routes should be changed on a global level to remove bad exits by an
authoritative party. Such a solution would be a challenge to say the
least because what stops a bad Op from spinning up a new node. Maybe
this is the reason we haven't done this in the past.


ROCAdmin
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Bad Exit Node Control
  - From: Aaron
- Re: [tor-talk] Bad Exit Node Control
  - From: Damian Johnson

Prev by Author: Re: [tor-talk] Tor Browser Question - Not saving settings
Next by Author: Re: [tor-talk] Bad Exit Node Control
Previous by thread: [tor-talk] Odd behavior when running Tor from encrypted thumb drive
Next by thread: Re: [tor-talk] Bad Exit Node Control
Index(es):
- Author
- Thread