Thus spake grarpamp (grarpamp@xxxxxxxxx): > > [Hidden service personal communication can be] an incredibly awesome > > and powerful tool. I worry deeply we'll lose it before it has a > > chance to develop away from just being used for thoughtcrime. > > My main concern is the node authorities. It's probably easier to take > down seven or so fixed IP's for some sick twist on contributory crime, > than to legislate away a more agile future form. Word. In terms of chill: in the past, harassment like that has always created more nodes, not less. So we've got that going for us, which is nice. Based on that, if this were to happen, I think it would be quietly at the data center level before the operator level. I'm pretty sure we'd hear about it if someone in the relay operator community itself was "leaned on", by anyone. At least I hope a lawyer would hear about it. We know enough of them. But, this is why we have 3-hop distributed trust properties as opposed to allowing one hop exits. This is also why it drives me nuts that path selection can be easily manipulated if node keys are quietly stolen, or worse, stolen through coercion. I don't want to be on the other end of that rubber hose. Fortunately, one major network symptom of that type of attack is excessive circuit failure on the client side. Unfortunately, if the network is super unreliable to begin with, there will be some noise on that signal. (Also, as you know from your path bias warn bug, it turns out there's a damn lot of crazy codepaths in circuit construction. Who knew? I didn't write the original code. I just tried to help modify it to make it slightly safer). -- Mike Perry
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk