[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

RE: The use of malicious botnets to disrupt The Onion Router

> Nice thougt, but on second thought impracticable for various reasons:
> as
> you pointed out, it sacrifices security, which IMO is not up for

On face value it does - but I wonder if we might find ways to compensate for
that. More hops maybe. Before TOR existed I gave thoughts to a file sharing
system which otherwise was similar to TOR but worked on a friend basis. My
idea was for politically oppressed, no one had a complete file, but only
pieces and was anonymous anyways.

> discussion. Also, it would become much harder for new tor nodes to be
> added to the network (I, for example, do not know any other tor
> operators personally) and therefore would also sacrifice potential

There are issues - but I think given the status of TOR and where its headed
now it might be worth some research. People could offer to be introducers,
or allow certain "new" people on at a risk..

> capacities and performance. Plus, we don't really gain any security,

Actually I think we might gain performance in many cases.

> since an "attacker" would only have to gain the trust of one
> established
> operator with one legitimate node to add the imaginary thousands of
> illegitimate others to his trust list and therefore to the web of
> trust.

Adding someone would not add all your friends - but instead your friend
relationship would allow your friend to relay through you - and then on to
your friends.  Your friends would never know who your other friends are.

If someone is bad, you simply boot them and revoke their trust. Since you
are their relay, your friends are now protected because you have booted
them. The idea is that each person would have relay access to all of their
friends, would relay to their friends etc.. After 3-5 hops.. the numbers
could be quite big.