[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How can I trust all my Tor nodes in path



Thus spake Martin Toron (tr_tor1122@xxxxxxxxx):

> Hi.
> 
> I have read in the Tor documentation that the number of Tor routers
> in a path is hard-coded at 3.  And I understand that the path
> changes every 10 minutes (except for active connections).
> 
> As a client not running a server, how am I sure that at least one of
> the nodes in the path can be trusted?
> 
> A little math:  assume there are 200 Tor routers, some of which have
> been compromised and owned by the same attacker.  If the number
> compromised is small, I can be somewhat confident that at least one
> router is trusted.  However, suppose the attacker massed a "global
> attack" on the Tor network:  all at once the attacker introduces
> 10,000 new routers into the network, all of which he has control of.
> Now, when I choose 3 routers for my path, I only have a few that may
> be trusted, which are in the original 200.
> 
> Has this problem been addressed elsewhere?

So I'm guessing you're thinking something like someone heading over to
Amazon's Elastic Computing Cloud and setting up 10,000 tor servers?

I believe tor servers have to be manually approved by tor-ops before
they begin to be used for normal traffic. This used to be the case at
least. Perhaps it has been abandoned due to scaling issues?

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs