[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #2980 [Tor Relay]: feature request: better privacy for node operators
#2980: feature request: better privacy for node operators
----------------------------+-----------------------------------------------
Reporter: tagnaq | Owner:
Type: enhancement | Status: closed
Priority: normal | Milestone:
Component: Tor Relay | Version:
Resolution: wontfix | Keywords:
Parent: | Points:
Actualpoints: |
----------------------------+-----------------------------------------------
Changes (by rransom):
* status: new => closed
* resolution: => wontfix
Comment:
Replying to [comment:4 tagnaq]:
> In the most useful use case of this feature - the Tor relay running on a
notebook of an often traveling person. This feature would make it
impossible to use the tor node fingerprint to track the persons movements.
I fixed #988 in order to make tracking users who try to run a bridge on
their laptop somewhat harder. (That bug was actually filed because a
malicious relay (or someone who can monitor a relay's Internet connection)
could have passively collected bridge identity keys and fingerprints, and
then used the bridges' fingerprints to obtain their descriptors from the
bridge authority, not because of any concern for bridge operators'
location privacy.)
But people who run a public relay need to understand that they are
publishing their IP address, and other information needed for their relay
to function as part of the Tor network, in a widely available, publicly
archived list.
I also think this option would put people at greater risk of
unintentionally running a public relay. I found out that [ticket:2408 I
was inadvertently running an exit node] because I saw my Tor instance's
nickname on a !TorStatus site; if I hadn't recognized it, I could still be
running an ''exit node'', and I would be vulnerable to serious attacks
ranging from DoS (by causing my computer to connect to a
[https://lists.torproject.org/pipermail/tor-talk/2011-March/019840.html
ShadowServer honeypot], and thus leading my ISP to turn off my Internet
connection) to imprisonment (by framing me for a crime).
I'm closing this ticket as âwontfixâ, because there is ''no'' chance that
we would accept this option for public relays -- it provides at most a
tiny benefit to relay operators, at a large cost to the Tor network. If
you are willing to implement some of these features ''for bridge relays
only'', and you can show that your implementation will ''only'' affect
bridges, feel free to post your patches on a new ticket.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2980#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs