[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 03 Aug 2011 11:18:40 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 03 Aug 2011 07:18:51 -0400
In-reply-to: <051.1afd53bf80c146ba7c107a1bc0166ef8@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.1afd53bf80c146ba7c107a1bc0166ef8@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#3678: Disallow more than one relay per country in a circuit
-------------------------+--------------------------------------------------
 Reporter:  cypherpunks  |          Owner:                   
     Type:  enhancement  |         Status:  needs_information
 Priority:  major        |      Milestone:                   
Component:  Tor Client   |        Version:                   
 Keywords:               |         Parent:                   
   Points:               |   Actualpoints:                   
-------------------------+--------------------------------------------------
Changes (by rransom):

  * status:  new => needs_information


Comment:

 Replying to [comment:6 ioerror]:
 > It seems to me that it's a reasonable option. I've long advocated that
 this should be a switch to flip, even if we're not sure it's safe to flip
 it by default.

 This switch would change a client's path-selection behaviour in a way that
 both entry nodes and exit nodes might be able to observe.  If this option
 is not turned on by default, it's not safe to turn this option on at all.

 And so far, I have seen several people say that we should add this option,
 but I have not seen anyone propose an actual reason to turn this option
 on.  What attack does this option defend against?

 The !EnforceDistinctSubnets feature was added because of an actual
 incident in which one ISP's customers ran a large portion of the Tor
 network within one /16 (or smaller?) network.  The reason that it's an
 option at all (rather than hard-coded in the Tor source code like Tor's
 refusal to build normal circuits that end at !BadExits or that have two
 hops in the same âfamilyâ) is that developers and researchers who run
 testing Tor networks on a LAN need to be able to turn it off.  It's not
 there just as a pistol for users who think they need âmore anonymityâ to
 shoot themselves in their feet with.

 > I think that it's important to consider that countries should be grouped
 - so if we exclude canada more than once, we should also exclude the USA
 at the same time - they're too close. I think I suggested the name
 "PoliticallyAwareCircuits" or something similar.

 Who do you think should produce and maintain a list of groups of countries
 that are âtoo closeâ?

 Do you think some European countries are âtoo closeâ to the U.S.?  If so,
 how do you think they would react to being labeled as such?

 Should The Tor Project ship an âofficialâ list specifying which countries
 are âtoo closeâ?  If two or more groups publish different lists, and each
 group tells us that theirs is âbetterâ than the others, how should we
 choose which one to ship?

 If we shouldn't ship an âofficialâ list, how will users find a list to use
 with their Tor client?  If different users choose different lists, will
 Tor's anonymity set be partitioned further?

 And last, but not least, ''what attack does this defend against''?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3678#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2930 [Tor Relay]: Overwrite files in stats/ directory rather than appending to them
Next by Author: Re: [tor-bugs] #3643 [Tor Client]: Building Tor on Mac OS X Lion
Previous by thread: Re: [tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit
Next by thread: Re: [tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit
Index(es):
- Author
- Thread