[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Anonymity questions

In addition, I think that the TorFAQ was not too precise about the
"global adversary".  As I wrote in my initial email, if you happen
to contact a server observed by your ISP or if you choose an exit
node observed by your ISP then your ISP "is" a global adversary.

I know this is mentioned in the "wish list" of features, but extending the existing "MyFamily" sort of functionality (to prevent clients from using multiple servers I might happen to run for a path), to be "smart" enough to use one of the public route-servers and ensure that each router in the path is on a unique ASN -- or at least ensure that both the entry and exit aren't on the same one.

A more detailed (and vastly more computationally intense) way to go about it would be to check the AS path list for your circuit to see if, despite the fact that each node is on a seperate AS, that they don't all have one common AS as part of the BGP path (since there are about 5 carriers that transit the bulk of US IP traffic).

How you could do this without downloading a current BGP table to each client and processing it locally, I don't know -- and having run openBGPd on BSD before, I can attest to how much memory/horsepower that requires (current table is several hundred MB).

~Mike.