[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: The use of malicious botnets to disrupt The Onion Router
Chad Z. Hower aka Kudzu wrote:
Nice thougt, but on second thought impracticable for various reasons: as
you pointed out, it sacrifices security, which IMO is not up for
discussion. Also, it would become much harder for new tor nodes to be
added to the network (I, for example, do not know any other tor
operators personally) and therefore would also sacrifice potential
capacities and performance. Plus, we don't really gain any security,
since an "attacker" would only have to gain the trust of one established
operator with one legitimate node to add the imaginary thousands of
illegitimate others to his trust list and therefore to the web of trust.
A manually administered . . . centralized list? Because, call me crazy,
but a centralized list of "authorized routers" has some very, very
obvious flaws in it, both technical and security-related.
Maybe a trust model? Ie like Facebook.. I trust my friends.. they trust
their friends... Removes some anon a bit ... but if you have 3 levels as I
believe TOR does should provide some reasonable level of anonymity and maybe
what is sacrificed could be recompensated by other means.
Just my thoughts...