[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: getting more exit nodes




I just comment on some points as I don't have much time.

Michael Schmidt schrieb:
First, I agree (as posted earlier), that we need a tit-for-tat Tor:
 Everyone who wants to surf with the IP of another peer, needs to
give his IP as well, so that others can surf. [...] So I appreciate
the new tit-for-tat paragdim and development start: everyone who
uses tor, must be with his IP an exit node.
That approach would almost certainly kill Tor. There are plenty of
reasons (technical, legal or social) which either prevent someone from
operating a Tor (exit) relay or make it is least hazardous.
I operate 2 Tor relays on dedicated machines and use Tor as client on
my laptop. I refuse to relay traffic on my laptop. Why? Because I use
my laptop in networks (such as the one at work) where I am simply not
allowed to relay traffic or operate server processes. It could cost my
job. If I visit networks of my friends I also won't be rude enough to
try to relay traffic. If I am dissident in some country with
oppressive government or a whistle-blower then the last thing I want
to do is attracting attention by relaying Tor traffic...
Use you imagination, why forcing people to operate relays is a bad idea.

an now the interesting thing c) Breaking through a firewall:
Breaking through the firewall of a secured net is probably a really
good reason for instant dismissal for many employers, because it may
put the local net at risk.
Especially if it done to serve the employers ressources (network
connectivity) to a third party.

So you see.,. in the end, the firewall breakout is trivial and only
a technical thing.
I completely disagree with that.

The solution to the problem is, that private persons allow private
 persons/friends to surf with his own IP adress, while that IP is
NOT listed in the public!!
Such a 'darknet' approach is certainly interesting, but it has severe
consequences for anonymity. They can be used to map social
relationships by monitoring which nodes communicate with which other
nodes.

So the conclusion is: only the web of trust underlaying
architecture allows to hide serverlists from public view.
Last time I heard something about it, it is not intended to hide the
exit tor servers from the public. Quite the contrary. The Tor project
specifically has the TorDNSEL service:
http://exitlist.torproject.org/
https://tor.eff.org/svn/trunk/doc/contrib/torel-design.txt

Bye,
Dominik