[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Better Privacy for Tor Node Operators

Hi John,

On 04/28/2011 07:12 AM, John Case wrote:
> Running a Tor node is an all or nothing proposition - either you accept
> fully the ramifications of a personal identifier (no matter how flawed
> it is) being tied to this subversive activity FOR ALL TIME, or you don't.

thanks for your comment, you are making an important point here:
awareness. Is the Tor node operator aware about the side effects of
running a relay? Does the tor node operator know what implications
running a relay has?

The biggest problem here (IMHO) is that this issue (easier traceability)
affects also people that do not run a relay (people that probably do not
even know about Tor) - they are affected simply because they are at the
same Internet uplink as a Tor node.

With this thread (and other things that will take a bit longer) I'm
trying to improve the situation and awareness, and that is where I
disagree with you:

> But the middle ground is off limits - you do not run Tor from a
> personally attached Internet connection and then:
> b) come up with lame workarounds in a misguided attempt to somehow
> otpimize this situation.

If I understand you correctly you are saying that there is no way to
improve the situation. I think there is a way to make it harder to
connect an internet uplink to a person and I would like to hear what you
think about it:

Imagine 50 nodes (or 20 or 10). All share the following:
- nickname (empty)
- contact (empty)
- tor version
- OS string (empty)
- approximate internet uplink bandwidth
- ORPort
- DirPort
- exitpolicy
- key material is renewed before a new descriptor is published

in addition:
- the ISP forces IP renew at a certain interval (this is not imagination)

I think such a feature would make it harder to connect a person to his
internet uplink. What about you?
I'm not saying it will fix the problem but it would improve the
situation in my opinion.

(Unfortunately this feature request was denied.)

What makes me sad is that it is not even aknowledged that this might be
an issue at all[1].

best regards,

[1] https://lists.torproject.org/pipermail/tor-talk/2011-April/020203.html

tor-talk mailing list