Chad Z. Hower aka Kudzu schrieb:
I don't think from a technical pov the entry point is an issue; all data passing through there is encrypted, so malicious intent would have to meet serious computing power to do damage (except for dropping the packet alltogether) at that point. Also, as you indirectly pointed out by simply not mentioning them, relays are even less an issue. So I guess "uncredited" routers would still be usefull as middlemen.Some of us Tor operators know other Tor operators. As such a (web of) trusted core network would be valuable.Anyone else interested in this? I'm a coder, unfortunately I do not like C (nor C++) so I can't help out much there... How big is the TOR code? The idea would be that your trusted friends would not be your endpoint exit node, just your firstpoint into a TOR network. And your endpoint exit nodes would be friends of your friends friends. (3 levels, or more). While not passing back who your friend's friends are, statistics such as how many friends they have could be passed back to determine how many exit nodes you eventually would have... thus you may choose 3 hops... and see that maybe there are not enough endpoint exit nodes for your taste... so then you could specify more hops.
However, it might actually be worth considering an *optional* feature that would allow tor to only use exit nodes within your web of trust, since exit nodes are the ones who could potentially do "bad things". But I believe it would also be a serious threat to your anonymity (a site that can identify you uniquely over a longer period of time, i.e. your email provider, could log all exit nodes you connect from, and from that draw conclusions to who's in your web of trust, from where it should be only a small step towards your true identity). One would have to choose which threat one prefers.
Is there anyone who could give a (somewhat professional) assessment of how a web-of-trust feature would impact on anonymity? How about tor's overall performance?
Andrew