[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hibernation and client use



On Wed, May 11, 2005 at 02:14:00PM -0700, Jim Pick wrote:
> I've got a new node ("jpicktor").  I just installed it a few days ago 
> and I went to the BayFF talk last night.  Quite fun.

Woo. Thanks for the new Tor node. :)

> The hibernation did appear to work, as traffic dried up.  However, it 
> seems that I was also unable to use the node as a client via privoxy and 
> the socks interface.

Right. This is because we do accountingmax based on the number of bytes
coming into the Tor, from any connection type (OR, exit node, socks
connection, ...)

When the limit is reached, we figure you don't want to spend any more
bandwidth.

> I'm wondering if it would be possible to allow client access while 
> hibernating?  Or is there some technical reason that client access must 
> be shut down?

You're right, I bet we could do this. We would close the OR port, and
refuse incoming create requests, but otherwise continue to perform.

Would people prefer this behavior, or do they like it the way it is now?

> I'm going to try limiting the bandwidth next, at least I should be able 
> to preserve client access that way...

As Warren says, the workaround is simple: run a Tor client also, and use
that for your own stuff.

This approach may even be a smarter move anonymity-wise, since we're
currently researching "interference attacks" --- it's possible to measure
traffic *remotely*, without needing to tap or subpoena or compromise or
whatever the server. This happens because servers have finite resources,
and the adversary can send his *own* traffic through the server to
measure where other traffic is going through the node too.

http://freehaven.net/anonbib/#torta05

So this adversary can determine all the nodes in your path, but he still
can't learn about *you*. But if you always use your node as the first
hop in your path, this may not be so good.

There are other arguments in favor of using a fixed entry node (it
improves against other attacks), so this is not a simple topic. Also,
we especially want to investigate this more if we're going to try to get
clients to relay traffic (helps the community, but may impact anonymity
both helpfully and unhelpfully). In any case, just choosing your path
randomly should do for now, until we understand more.

Hope that helps,
--Roger