[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] [tor-talk] Open streams on the fly

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] [tor-talk] Open streams on the fly
From: benjaminlincoln@xxxxxxxxxxx
Date: Mon, 21 Jan 2013 10:45:53 -0500 (EST)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 21 Jan 2013 10:46:04 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=lavabit; d=lavabit.com; b=bgJu8A8hZqNV37q5zdgy2H33CELmy+MQhSB9MErWp0VSWBKGwg47vHUwNvjVs3sXCeEFCGIVPLip+i+fohE4gRAEPOwxAwcADLwUoxcU7uk0ao5G7AfI3MGDYlE6G1vQJRYdl0ogHXUl1c2X+LVCWL3bOFM8pACe3Ecy4qn5TcM=; h=Message-ID:In-Reply-To:References:Date:Subject:From:To:User-Agent:MIME-Version:Content-Type:Content-Transfer-Encoding;
In-reply-to: <CAKDKvuz2-QRRZBVuJdQ3nC0y5d7AT+cmLshTur472ZyYkvuW9A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <6411.82.143.224.56.1358621586.squirrel@xxxxxxxxxxx> <45629.37.130.227.133.1358632959.squirrel@xxxxxxxxxxx> <3882.74.3.165.39.1358633637.squirrel@xxxxxxxxxxx> <30089.198.96.155.3.1358634703.squirrel@xxxxxxxxxxx> <38154.212.84.206.250.1358780168.squirrel@xxxxxxxxxxx> <CAKDKvuz2-QRRZBVuJdQ3nC0y5d7AT+cmLshTur472ZyYkvuW9A@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: SquirrelMail/1.4.13

> On Mon, Jan 21, 2013 at 2:56 PM,  <benjaminlincoln@xxxxxxxxxxx> wrote:
>>>> I see, tor already implements such a flag, ISO_STREAM.
>>
>> I attached a simple formal proposal for this idea. Please discuss.
>
> Proposals go to tor-dev, not tor-talk.
>
> Before you re-send, you should check out the discussion (what there is
> of it) on ticket #7553 at
> https://trac.torproject.org/projects/tor/ticket/7553 .  The major
> concern at the time was the performance impact from a large number of
> users all activating this option.  The discussion on the ticket has
> stalled; it would be nice to reboot the discussion on tor-dev and try
> to bring it to a conclusion.
>
> In particular, if people think *this* is a good way to "maintain
> separate identities" for something like web browsing, that's an
> accidental DOS attack waiting to happen.
>
>
Following Nicks's advice I would like to start a discussion on ticket 7553.

https://trac.torproject.org/projects/tor/ticket/7553

I think this feature should be exposed to the user.

I refrained from writing "implemented" because this feature is already
implemented. Not exposing it to the user will not stop Bad Guy(TM) from
using it because it can easily be enabled by a trivial 2-line patch to
tor.

This will not lead to DOS. Circuits being created is slow for the user. I
doubt anyone will enable this for real-time, interactive communication
like surfing. It hurts anonymity, too. Cypherpunks patch mentions this.

 	895	    **IsolateStream**;;
 	896	        Don't share circuits at all, i.e. isolate each stream to an
individual
 	897	        circuit. (Not suitable for browsing or general use, where it
*will hurt
 	898	        your anonymity* due to the noisy request profile. The
constant creation
 	899	        of new circuits will also be excruciatingly slow for you and
put
 	900	        unnecessary load on the Tor network.)

Most protocols, in particular HTTP(S), explicitly request their
connections to be kept alive. IsolateStream will not have a real effect on
these protocols.

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] [tor-talk] Open streams on the fly
  - From: monet

References:
- Re: [tor-dev] [tor-talk] Open streams on the fly
  - From: benjaminlincoln
- Re: [tor-dev] [tor-talk] Open streams on the fly
  - From: benjaminlincoln

Prev by Author: Re: [tor-dev] [tor-talk] Open streams on the fly
Next by Author: [tor-dev] Orbot: request hidden service from other app
Previous by thread: Re: [tor-dev] [tor-talk] Open streams on the fly
Next by thread: Re: [tor-dev] [tor-talk] Open streams on the fly
Index(es):
- Author
- Thread