Re: Wanted: Brave, hacker, exit node operator

[ADB <firefox-gen@xxxxxxxxxx>]

If my exit node was still at home and not here behind this university 
firewall, then I'd be all over it ;) In leiu of that, I have an 
idea/question. As far as I know, Tor doesn't do any kind of DNS name 
caching when operating as an exit-node. What do  you think of crypted, 
in-RAM DNS look-up caching? The utility of this feature would be 
twofold. First, there would be slightly better performance. Secondly, 
and more importantly, you'd have less DNS look-ups over time, meaning 
that it would be just that much harder for an exit-node sniffer to get 
ideas about usage patterns. This might also have the added bonus of 
relying on the OS's native DNS cache as much, which is assumed to be 
insecure cleartext.

Ciao,
Andrew

Adam Langley wrote:

> It would be cool if someone could test some patches I have for doing
> DNS lookups without fork() workers and using glibc. I'd need:
>  * An exit node operator (because otherwise they don't do DNS lookups)
>  * running Linux
>  * who knows their way around patching CVS trees etc
>
> The patch is at http://www.imperialviolet.org/binary/tor-cvs-eventdns.agl.patch
> and you need to drop the following two files into src/or/:
> http://www.imperialviolet.org/binary/eventdns.c
> http://www.imperialviolet.org/binary/eventdns.h
>
> The patch applies against the CVS tree at the moment. You need to
> rerun autogen.sh afterwards and run ./configure --enable-eventdns.
>
> Run with core limits off and when it crashes email me the bt full
> output from gdb, then switch back to the unpatch binary which you'll
> keep around until I figure out what when wrong ;)
>
> (actually, from using tor-resolve lots it appears to work fine, but
> I'm sure that it still has bugs in).
>
> Also, do email the list if you're testing this patch so there aren't
> too many (if any at all).
>
> Cheers,
>
> AGL
>
>