[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Holy shit I caught 1

Thus spake Jay Goodman Tamboli (jay@xxxxxxxxxx):

> On 2006.08.27, at 22:44, Mike Perry wrote:
> >If you run soat.pl, you should be running it on a seperate machine
> >than you are using normally (or inside a vmware image or simply
> >another instance of Tor) because of shortened pathlengths, strange
> >exit selection strategy, etc etc etc.
> To clarify, is this warning because we shouldn't try to use the  
> circuits soat.pl builds, or is there some other reason? In other  
> words, would it be ok to run soat.pl as long as we're not using Tor  
> at that time on that machine?

Hrmm. Depends... Using the same Tor client as soat.pl uses is really
bad of course, because for those circuits, pathlen is only 2 and exits
are chosen in a round-robin fashion. Also it will likely confuse
soat.pl as well.

However, in the case where your internet IP is being shared by a
Metatroller/SOAT client, it essentially boils down to how dangerous it
is for entry nodes, over time, to infer that there is an abnormal Tor
client at your IP. 

I'm not sure exactly how damaging this could be. It would seem to me
that so long as your regular, important connections go through a Tor
client NOT running the Metatroller, middle and exit nodes should not
be able to tell you are running Metatroller, and should not be able to
partition/fingerprint you (which I think is the most dangerous
aspect). Maybe Roger/Nick can shed more light on this, though.

Mike Perry
Mad Computer Scientist
fscked.org evil labs