[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Bittorrent

     On Wed, 18 Feb 2009 23:26:26 +0100 slush <slush@xxxxxxxx> wrote:
>>      As has been discussed to death here many times already, there is no
>> way to inspect traffic prior to its exit without destroying the functional
>> protections of tor.
>Disagree. I wrote _port_ oriented QoS, not _content_.  There can be config

     The port number, along with everything else passing through a circuit,
is encrypted between the client and the exit, so there is no way to see what
that port number might be *or even whether a port number is involved*.

>option to prioritize some port (port range) above other. Just because
>somebody want to support HTTP transfer than other, but he dont want to fully
>stop other services (torrents).

     It appears that you do understand neither how tor works nor why it must
work that way to protect anonymity.  Please familiarize yourself with the
documentation available at the tor web site at http://www.torproject.org.
>Simply I imagine that in same style like ExitPolicy. Did you ask others, why
>are they using ExitPolicies? I dont think so. It is part of Tor and nobody

     Every tor relay operator uses an exit policy, whether they use the
ExitPolicy statement(s) in torrc or not.  I don't happen to see that it is my
business, in general, what exit policies are used by other tor operators.

>(as far as I know) is against - because it is free choice of relay operator
>which kind of traffic he will support.
>I know it is "barrelhouse talk". Im just talking it, because dont know, if
>it was debated before. Unfortunately, it is long time ago, when I was able
>to handle C code on sufficient level. So I cannot show any prototype of my
>idea. Maybe it could be done by priorities on transparent proxy behind tor
>exit. But is is ugly hack and non system solution.
>> destroying the functional protections of tor.
>What do you mean by it in discussed situation? I think priorities are not
>against security and anonymity.
     As noted above and in the tor documentation, all information regarding
the user's proxied TCP connections through tor's SOCKS port is encrypted
from that point onward until it reaches an exit relay.  To determine the
destination port number of a proxied connection within the tor network would
require providing a way to decrypt information passing through the circuit.
Such decryption destroys both security and anonymity.

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *