[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Better Privacy for Tor Node Operators
----- Original Message ----
> From: tagnaq <tagnaq@xxxxxxxxx>
> To: tor-talk@xxxxxxxxxxxxxxxxxxxx
> Sent: Mon, April 25, 2011 3:44:45 PM
> Subject: Re: [tor-talk] Better Privacy for Tor Node Operators
> On 04/25/2011 03:04 PM, Curious Kid wrote:
> > Is it plausible that a group of people could be NATed together with a node
> > operator?
> I would say most or many nodes that are hosted at home are behind a NAT
> router together with people. These people do not necessarily know about
> the Tor node at their public IP address.
> (even though they could easily find out)
So a site that was able to link users to a pool or residential dynamic IP
addresses through Tor metrics still would not be certain that multiple accounts
belong to the same individual.
> > How does limiting node data eliminate the problem of an IP address
> > match?
> If by 'limiting node data' you mean bandwidth throttling, this has no
> influence on the issue.
I don't mean that. I mean that your feature request blots out details about the
node, but not the IP address. How will preventing your adversary from knowing
things like name, Tor version, exit policy and bandwidth help?
> > Isn't this more a problem of historical data being publicly available
> > ad-hoc? Where is it kept? Is there a need or good use for it? (Yes, of
> > would-be attackers could maintain their own lists.)
> The Tor server descriptor archive (metrics.tpo) is very useful to help
> understand and improve the Tor network.
Can you think of any changes that would make it safer without sacrificing
> > If one doesn't want to use Tor to visit example.com, maybe a non-blocked
> > proxy would work.
> As a Tor user you probably know that one-hop proxies are weak by design.
I was not proposing that as an anonymity solution. I still don't understand why
using Tor would not be a solution, but in cases where it's not (such as when
exits are blocked by the site you need), I don't see much alternative other than
using free Wi-Fi, an Internet cafe or a friend's house.
> > I don't know how to solve the bigger problem of IP address
> > linking without using a remote proxy.
> I made a feature request. If the use of this feature actually improves
> the situation of an node operator depends on how many other nodes are
> using it on the same AS (and other things).
> tor-talk mailing list
tor-talk mailing list