Re: [tor-talk] Exit node stats collection?

[Gordon Morehouse <gordon@xxxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

mirimir:
[snip]
> Perhaps these 1.8e+6 (standard stats) to 4.0e+6 (beta stats) new
> Tor clients members of a botnet designed, at least in part, to
> securely and redundantly host hidden services. The demise of
> Freedom Hosting may have stimulated some creative thinking.

As Asa mentioned earlier[1], there's no corresponding traffic on
social media.  This is something people (like me) would get yelly
about on Twitter and such.

> Also, if this were a botnet, I would expect it to show up in
> honeypots. Wouldn't its bots be easily detected, through searching
> for Tor connections? Having the vector might be very informative.

Tor connections are easy to find without searching, no?

If the botnet's purpose is to damage Tor, it may be less likely to be
caught with honey, so to speak.  If this is a feature rollout using
Tor for C&C to an existing or rapidly-growing botnet, I'd expect to
hear about it soon from security researchers.

I have a bad feeling that this is aimed at Tor itself, given other
recent developments e.g. in the NSA scandal, plus less recent
developments in nationalist "cyberwarfare."  Just a hunch, though.

[1]
https://lists.torproject.org/pipermail/tor-talk/2013-September/029841.html

Best,
- -Gordon M.
-----BEGIN PGP SIGNATURE-----

iQEcBAEBCgAGBQJSJ+eOAAoJED/jpRoe7/ujQwQIAMDUOE/e5LDQkmpZZF33nxg6
VPSqHVf2bi6h5bpfxz7uG+j3uZuLnakFgdcIwI73KqPsoqU1n+hm7csTYQ8SQDoJ
746m335mCJ6sfjCS1edwa0raHv/5bvBpWViqtAOgfsVrvMvOJGj2rGEuByr+TDkm
E/PL8cpMsGX7O8NvkAt1DZCqHnQa9jmLk9eASjJO2aywbI2K3vwIJO1MK6P6Zu8j
ndba6mnK8INAP02pejaPmvCXvEo+nN1IqscRQYnhhzDGO0J7lA/rUsRmX+33P3eQ
U6PVF38veVxY5Ag8Evl5MC3EiXEMYQhoOSe6ZOaAPCbvh2/H7x+56S5fUAyTlGU=
=Mxm0
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk