[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Holy shit I caught 1



On Sun, Aug 27, 2006 at 06:41:03PM -0700, Andrew Del Vecchio wrote:
> This is a disturbing development have you an idea for a patch?

Before we start clamoring for patches, perhaps we should consider what
we have here.  It seems unlikely that '1' is a malicious Tor node, and
more likely that '1' has a malicious upstream ISP (perhaps influenced or
controlled by the government of China).

Tor is useful as an anonymity tool, but here we see that it can also be
used as a "Perspective Access Network", allowing us to view the world as
if we were connected to the Internet somewhere else.  In this case, we
can observe that a certain part of the Internet is "misbehaving",
specifically the ISP of '1'.

I think that there is significant value to allowing this use of Tor to
continue.  While we may not want random Tor users to have a chance of
automatically using '1' to connect to SSL-enabled resources, the ability
to determine who the "bad" ISPs are is remarkable.  Perhaps we can even
escalate this case to the appropriate authorities or media.

Geoff

More on Perspective Access Networks:
http://afs.eecs.harvard.edu/~goodell/blossom/

Attachment: signature.asc
Description: Digital signature