[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Should I warn against Tor?

On Sa, Jul 06 2013, Roger Dingledine wrote:

> One of the unfortunate properties of the Internet is how it's much less
> decentralized than we'd like (and than we used to think). But there are
> still quite a few different places that you need to tap in order to have
> a good chance of beating a Tor circuit. For background, you might like:
> http://freehaven.net/anonbib/#feamster:wpes2004
> http://freehaven.net/anonbib/#DBLP:conf:ccs:EdmanS09

Yes, I like those papers.  Yet, Iâm confused on at least two levels.

First, the current Tor Path Specification [1] selects nodes based on
/16 subnets but does not consider AS paths as in those papers.
DBLP:conf:ccs:EdmanS09 briefly mentions /16 subnets being âlargely
effective, though may not be stringent enough.â  In fact, the more
recent paper on LASTor [2] reports a âfalse-negative rate of 57%
with the default Tor clientâ to detect snooping ASes.

Second, I deliberately considered IXes, not ASes.  From the paper by
Murdoch and ZieliÅski [3]:
âWe suggest that existing models, based on Autonomous System (AS)
diversity, do not properly take account of the fact that while, at
the AS level abstraction, a path may have good administrative domain
diversity, physically it could repeatedly pass through the same
Internet eXchange (IX).â

Although the paper by Murdoch and ZieliÅski is cited in
DBLP:conf:ccs:EdmanS09, I fail to see that they address IXes at all.

Best wishes

[1]  https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=path-spec.txt
[2]  http://www.freehaven.net/anonbib/#oakland2012-lastor
[3]  http://www.freehaven.net/anonbib/#murdoch-pet2007
tor-talk mailing list