[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #11469 [Tor]: Exit not using one hop circuit to Directory Server
#11469: Exit not using one hop circuit to Directory Server
-------------------------+--------------------------------------------
Reporter: bburley | Owner: nickm
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: one-hop directory 024-backport
Actual Points: | Parent ID:
Points: |
-------------------------+--------------------------------------------
Comment (by bburley):
Replying to [comment:17 nickm]:
> It looks like the bug here, which was in Tor since 0.2.4.3-alpha,
already magnified part b by a lot and we didn't notice. Does that mean we
should change our reasoning here?
I agree with you Nick. I think the reasoning behind not encrypting
communications with the directories may be outdated. With cheaper, faster
everything, and the growth of the infrastructure, conserving resources may
not be as valid of a point in a "cost vs. security" situation.
On the security-side of the discussion, when someone decides to somewhat
expose themselves by contributing to the Tor infrastructure, if something
can be done to reasonably limit that exposure, it should be done. Taking
steps to operate in bridge mode and other attempts to look "normal" can be
blown away by communicating in the clear with the directories. I believe,
in my test environment, that I could enumerate my infrastructure by
looking at the unencrypted directory traffic. I'll will look closer, but
believe this is the case.
Thanks to all in this discussion.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11469#comment:18>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs