[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-relays] Self hosting bridge at home - de-anonymization risk?
s7r
> Why do you think this is a good setup, what do you think it provides in
> addition to the default usage?
I thought this will let you blend in your traffic and hide it from your ISP,
however as you mentioned later this may be not worth the risk (if it's of any
benefit, at all). Also a vanguards guide mentioned that you could reuse tcp
connections of other users:
https://github.com/mikeperry-tor/vanguards/blob/master/README_SECURITY.md#the-best-way-to-run-tor-relays-or-bridges-with-your-service
> If you use a bridge hosted on the same machine, or same LAN, it will
> connect to the Tor network just fine, but every circuit will select hops
> number #2 and #3 (the exit) random. After N circuits, there is a 100%
> probability you might run into a malicious hop #2 or hop #3 or even both
> at the same time, discovering "your entry point" (...) it's something Tor
> tries really really hard to protect you from.
That is brilliant, yes, I thought there would be something implicit in the way
Tor circuits are designed that wouldn't work with this setup. This now makes
perfect sense. That is conclusive to me.
> If you make this bridge public (other Tor users use it too), it provides
> better protection and fingerprinting for hops #2 and #3, but your ISP
> will then know which Tor traffic is yours and which is relayed for other
> Tor users, because it will simply measure the bandwidth in both
> directions (in and out).
You don't think that blending your traffic with other users "at the source
address" (for example by running a middle/entry node) adds at least some layer
of obscurity (protection from ISP)? I am wondering if it wouldn't be an argument
to convince all tor users to also run their own relays to increase protection of
their own anonymity against their ISPs? This blending was hinted at for hidden
services at least in the guide to vanguards I linked above:
https://github.com/mikeperry-tor/vanguards/blob/master/README_SECURITY.md#the-best-way-to-run-tor-relays-or-bridges-with-your-service
> The studies are everywhere, and it's one of the most important attacks
> that were tested. Search why we switched to static Guards (entry points).
Yes, I saw it mentioned a few times that entry nodes don't change as often as
other two hops to minimize chances of getting a malicious one, but I didn't make
the association in my setup, which you made now - thanks again.
> You are better of in using a bridge operated by you but on a different
> network, maybe different geographic area, to make it harder for an
> observer (e.g. to have to watch multiple different places at once).
Yes, that was my conclusion as well and likely not just one bridge but a fleet
of bridges from trusted hosting companies. That's much more work.
> use a bridge that is shared with other users
completely agree
_______________________________________________
tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx