[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] safety of exit nodes

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] safety of exit nodes
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 1 Jul 2013 21:44:42 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 01 Jul 2013 21:44:58 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=9I43sj7pyW6AWXXAfpsz2SOW4oPGH+hA0OPaatW2ON4=; b=t7jHJtWxEuk7uHHZg0U1q85yZC3/YE/KPMwF1UMCURH9uJ0DTN6F9lV1aXiTxEKKw1 JBu/jjOrEMgAn72QEfrL1TH5bvADjhRqGeHC1LFNhyDyx29QZIMTM6vKQ3USLn5AUEPF m8Iv3uuB8vAbHxsZ9+FuryC6HePrMbPZnVZqwDrSSDWO+xpWHCUi7oDTHrb7XH2Paz0b dH+7G007IewGMIUUKV8Khoh9mEsBWYUfULxm1mTr2vpE8QQb3Pfk01Zm1wWBmQGb8she CIuOwOt5+gVes3Sel3zUkpQOBULacNG4J8cMB0T1RhVBHoDYgCdZTzuVuwB6qQIYWKg/ mr6A==
In-reply-to: <0ddaef2a819000ad5a4b7531cca01db7@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <0ddaef2a819000ad5a4b7531cca01db7@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

> I have a concern regarding exit nodes in Tor. In my mind it is possible for
> an attacker to run a malicious exit server that gathers information at the
> exit point. Of course, this does not compromise anonymity per se, but it
> still can reveal sensitive data to malicious people. I think the JonDonym
> project handles this question better. To run a JonDonym exit server you need
> to be certified. Thus it is much harder to run a malicious JonDonym exit
> server. Why donÂt you offer better protection against malicious exit
> servers? I think safety of exit nodes is a serious concern.

What are you certifying? Against what? Monitored, protected and enforced
by what? Here is $1,000,000 and/or a baseball bat... you wouldn't mind
typing a few keystrokes for me or turning your head for a moment would
you now? Ahh, yes, thank you Mr. Exit, and a splendid friendship it is.

If you are concerned you may sample some exits, endeavour to review
their bona fides and then use one that meets your liking. You may even
form a project to wikify such reviews.

You should now understand why the Tor project cannot and will not
make such certifications, and why you should not trust JD's either.

[Off to recruit/deploy 10 more 'certified' employees/servers]
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] safety of exit nodes
  - From: anonymous . coward

Prev by Author: Re: [tor-talk] hidden service documentation
Next by Author: [tor-talk] Measuring network
Previous by thread: [tor-talk] safety of exit nodes
Next by thread: Re: [tor-talk] safety of exit nodes
Index(es):
- Author
- Thread