[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How can I trust all my Tor nodes in path

Thus spake Martin Toron (tr_tor1122@xxxxxxxxx):

> Hi.
> I have read in the Tor documentation that the number of Tor routers
> in a path is hard-coded at 3.  And I understand that the path
> changes every 10 minutes (except for active connections).
> As a client not running a server, how am I sure that at least one of
> the nodes in the path can be trusted?
> A little math:  assume there are 200 Tor routers, some of which have
> been compromised and owned by the same attacker.  If the number
> compromised is small, I can be somewhat confident that at least one
> router is trusted.  However, suppose the attacker massed a "global
> attack" on the Tor network:  all at once the attacker introduces
> 10,000 new routers into the network, all of which he has control of.
> Now, when I choose 3 routers for my path, I only have a few that may
> be trusted, which are in the original 200.
> Has this problem been addressed elsewhere?

So I'm guessing you're thinking something like someone heading over to
Amazon's Elastic Computing Cloud and setting up 10,000 tor servers?

I believe tor servers have to be manually approved by tor-ops before
they begin to be used for normal traffic. This used to be the case at
least. Perhaps it has been abandoned due to scaling issues?

Mike Perry
Mad Computer Scientist
fscked.org evil labs