[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Directory Server



On Mon, Dec 18, 2006 at 07:14:21PM +0800, RMS wrote:
> Hi!
> 
> I was looking through the Tor's overview homepage and I understand for
> Tor to build a path, it must first obtain a list of Tor nodes from a
> directory server. I like to ask how can I trust the directory server
> in the first place? Can my govenment set up such a server and give me
> a list of government owned Tor nodes instead? Surely she can redirect
> all traffic (if the IP address of the Tor's directory server is
> hardcoded into the Tor client) from the Tor's directory server to her
> own server?

Yes, the directory servers are a trust bottleneck. There are currently
only a handful (6, I believe) of trusted authorities whose IP addresses
are hard-coded into the Tor source code. While a well-funded attacker
can create a large amount of Tor nodes, the attacker would also have to
social engineer the developers to become a directory authority.

I think 2 of the directory authorities are run by Roger, one of the lead
Tor developers. If you don't trust him, you probably shouldn't be using
his software ;).

Sorry about the fuzzy numbers, hoped that helps regardless,
Nile


-- 
 .''`. | This Sig Kills Fascists!
: :' : |  http://deadbox.ath.cx
`. `'
  `-

Attachment: signature.asc
Description: Digital signature