Re: The use of malicious botnets to disrupt The Onion Router

["Paul Ferguson" <fergdawg@xxxxxxxxxxx>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

"Ron Wireman" <ronwireman@xxxxxxxxx> wrote:

>It seems to me, however, that even this gracious act of charity may be no
>match for the types of attacks we may be faced with as we become more
>popular and, as a result, more of a target. The number of users running
>tor nodes pales in comparison to the number of computers that may be in
>any one of the many individual botnets, which are groups of hijacked
>computers controlled in unison by a single entity.  The largest of these
>botnets ever discovered had over 1,000 times the number of nodes that tor
>does.  What happens when one of these botnets are commanded to join tor
>all at once and begin harvesting private data that people naively did not
>encrypt or, worse, replacing all pictures requested with goatse.jpg? 
>These and other malicious acts could easily take place, perhaps even
>perpetrated by a malevolent government entity, and would cause significant
>disruption to our router.  
>

What? You think it hasn't already happened?

It has -- unscrupulous bot masters have already used the Tor network
in attempts to cloak their activities.

The main concern here should be how to prohibit it from happening
in the future, or at least detect it/deal with it -- or else the
entire Tor infrastructure will be threatened from forces larger tha
you can imagine.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFHpBarq1pz9mNUZTMRAlenAJ4/fUnCrODoc1Lnl7LtiSzPsaNqagCg5nsT
Wkm+5TxS977YaWFt5AmE1J8=
=9cnF
-----END PGP SIGNATURE-----


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/