On Sunday 27 April 2008 21:57:34 F. Fox wrote: > Alexander Bernauer wrote: > > On Wed, Apr 23, 2008 at 07:51:51AM -0700, Martin Fick wrote: > >> I really don't understand why pseudo-exit node > >> anonymity is so important? > > > > The short answer: > > Admins who run a Tor node which is for good reasons not an exit node > > should be able to run at least a pseudo-exit node without additional > > personal risk. > > (snip) > > This is why I've got reject *.* - I feel that the level of risk is just > too much for me, given the current state of things. > > That being said... I just don't understand this pseudo-exit thing, and > could really use a clear set of documents (or better yet, something with > diagrams), so I can get my brain around it. > > Basically: > > 1.) How can someone be an exit, without letting arbitrary users "take > on" the identity of their IP? > > As soon as someone does that (as is with normal exits), they're open to > crapstorms from anything bad anyone does... and I just don't understand > how that can be avoided. > > 2.) If a pseudo-exit doesn't "loan out" its IP, it must be hiding it > somehow - most likely through another proxy. How on Earth can that be an > exit? > > Sorry, but I've just been confused from the beginning. Let's say I'm a client-exit and you're a pseudo-exit. This is how it works: 1. I boot up tor and start using it as a client. I also connect to your middleman and tell you that you can send anything you get my way. 2. You advertise yourself as a pseudo-exit in addition to being a middleman. 3. Other Tor clients select their client paths as normal and sometimes select your middleman as their exit. 4. When you receive such client traffic you immediately forward it to me. 5. I take it from you and forward the traffic to the real internet, as though it's coming from me. I route everything I get back to you. So this means: 1. I'm not a real exit and neither are you. 2. I'm your only gateway out of the Tor network. 3. Given that the connection between us is encrypted, nothing is leaving your box in the clear as it would if you were a real exit. 4. The relationship between the traffic that passes between us and what I pass on to the real internet would be fairly trivial to establish. 5. You are definitely not the garbage-in, garbage-out middleman you once were, since you can actually see what you're passing on to me. Thiis would be the red-light for most confirmed middlemen. 6. I'm not quite sure what I am, and I'm not sure I'd like to be me by default - especially since by definition under this scheme I'm a home user who is not even a listed tor node. I would not be happy if I was using Tor to post anonymously to a forum for a sensitive disease only to find my computer was requesting rather more sensitive pictures of "ladies' ankles" (in Nick's immortal phrase) without my knowledge .
Description: This is a digitally signed message part.