[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Re[2]: [rishab@dxm.org: Re: [silk] inside the Great FireWall...]
i think the answer is, don't distribute the top tier addresses at all.
distribute a collection of randomised node ip's amongst a very large
number of widely distributed nodes, not even tor nodes, to avoid the
port blocking problem, get people to run a small webserver application
for this, which fetches a random set of nodes from the network via a a
tor client/server running on the same system. a lot of these nodes will
be running on dynamic ip's which will make the process of blocking them
harder still.
idk, just throwing in some more ideas. it's pretty obvious that tor
needs to get just that little bit more distributed and less centralised
somehow. the use of dynamic ip addresses, and directory services which
only dispense a small amount of the directory from a web server port.
probably the model which gnutella 2 runs on is a good way to do it... in
the end, it may well be neccessary for clients to actually do port scans
of random ip addresses to find connected nodes and once one is found the
joining of the network is not gonna be slow. and hiding it all in a
common port might be a very good idea, for example, 53, or 21 or 22 or
25 or 80 or 443. once a client joins the network it can cache all the
nodes it gets for circuits. decentralising the database by making it so
nodes only know their neigbours would also be a good thing, requesting
circuits would just be a matter of propagating a request for a circuit
to an internet zone, and it propagates outwards until it hits the zone
and back comes the circuit.
On Sun, 18 Dec 2005 10:15:19 -0600, "Arrakistor" <arrakistor@xxxxxxxxx>
said:
> The idea is that the circuit coordination is distributed among three
> layers. The first tier recieves info from the Tor server saying
> "hello, I'm alive. Add me to the ultimate list". The second tier gets
> regional lists from the first tier, so nobody but tier 1 has a global
> view. The third tier is the one that gets a request from the tor user,
> specifying what kind of circuits it wants (fastest, country avoidance,
> specific servers, whatever) which queries the second tier as to which
> might be the best nodes available to the request, to which the third
> tier then calculates the possible circuits, and gives one to the tor
> user at random.
>
> What happens if tier one is compromised? Everyone gets busted, unless
> the Tor program itself has a way to authenticate if the first tier has
> authority and a true identity. And naturally there is internal
> verification of Tier 1, 2, and 3.
>
> ST
>
>
>
> Sunday, December 18, 2005, 9:32:34 AM, you wrote:
>
>
> > What happens if your central coordinator - the one assigning circuits -
> > is compromised?
>
> > -Ben
>
> > Arrakistor wrote:
> >> The Chinese government will eventually try to block Tor. This is why I
> >> think the next design, which is to include a structure for mass
> >> scaling, should not distribute a directory list, but only assign
> >> circuits so the viewers can't get a whole view of the network.
> >>
> >> ST
> >>
> >> Sunday, December 18, 2005, 2:03:12 AM, you wrote:
> >>
> >>
> >>>i don't know which version of tor is on torpark but i know the alpha
> >>>version, the current and the previous to current ones would sometimes
> >>>take several minutes building the circuits... this might be where the
> >>>problem comes from perhaps? i wonder how long it will take for the
> >>>chinese government to figure out that there is now yet another way to
> >>>bypass their great firewall.
> >>
> >>
> >>>On Sun, 18 Dec 2005 01:35:02 -0600, "Arrakistor" <arrakistor@xxxxxxxxx>
> >>>said:
> >>>
> >>>>Yes, it works. I've read the websites that are suggesting the
> >>>>downloads. For most it works, for some, when they first open it
> >>>>firefox times out so they assume it isn't working. However, it then
> >>>>appears to work just fine. I should have this timeout fixed next
> >>>>version.
> >>>>
> >>>>ST
> >>>>
> >>>>
> >>>>Saturday, December 17, 2005, 10:05:43 AM, you wrote:
> >>>>
> >>>>
> >>>>
> >>>>>I'm seeing plenty of Torpark chinese downloads. Do we know that these do
> >>>>>actually work?
> >>>>
> >>>>>----- Forwarded message from Rishab Aiyer Ghosh <rishab@xxxxxxx> -----
> >>>>
> >>>>>From: Rishab Aiyer Ghosh <rishab@xxxxxxx>
> >>>>>Date: Sat, 17 Dec 2005 15:59:52 +0000
> >>>>>To: silklist@xxxxxxxxxxxxxxxx
> >>>>>Subject: Re: [silk] inside the Great FireWall...
> >>>>>User-Agent: Mutt/1.2.5.1i
> >>>>>Reply-To: silklist@xxxxxxxxxxxxxxxx
> >>>>
> >>>>>using torpark [1] i was able to google for "shanwei" which the
> >>>>>IHT says i should not be able to do [2] and download pictures [3].
> >>>>
> >>>>>-rishab
> >>>>>1. well... after a few mins, the tor connection died. now can't
> >>>>>connect to any site with tor. so i can't find the torpark url. but
> >>>>>ssh still works.
> >>>>>2. IHT.com, asia section, "China's tight lid on village
> >>>>>shootings", pg 7. from nytimes. sorry, can't connect now to find
> >>>>>url, have paper in front of me. "until tuesday, web users who
> >>>>>[searched on google for] Shanwei, the city with jurisdiction over
> >>>>>the village where the demonstration was put down, would find a
> >>>>>handful of pages.... after a few screens of information unrelated to
> >>>>>the incident, the browsers of users who persisted froze..."
> >>>>>3. http://english.epochtimes.com/news/5-12-10/35613.html
> >>>>
> >>>>>----- End forwarded message -----
> >>>>
> >>>>
> >>>>
> >>>>--
> >>>>Best regards,
> >>>> Arrakistor mailto:arrakistor@xxxxxxxxx
> >>>>
> >>>
> >>>--
> >>> Glymr Darkmoon
> >>> glymr_darkmoon@xxxxxxx
> >>
> >>
> >>
> >>
> >>
>
>
>
> --
> Best regards,
> Arrakistor mailto:arrakistor@xxxxxxxxx
>
--
Glymr Darkmoon
glymr_darkmoon@xxxxxxx
--
http://www.fastmail.fm - Accessible with your email software
or over the web