[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Network diversity [was: Should I warn against Tor?]

On Fri, Jul 19, 2013 at 8:35 AM, Jens Lechtenboerger
<tortalk@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> [For those who are confused about the context of this: I started the
> original thread.  A write-up for my motivation is available at [0].]   I
> Links to my code and a README.txt clarifying necessary prerequisites are
> available at [0].   Best wishes Jens  [0]
> https://blogs.fsfe.org/jens.lechtenboerger/2013/07/19/how-i-select-tor-guard-nodes-under-global-surveillance/

It's _very_ hard to reason about this subject and act safely.

It is common for ISPs to use segments in their network which are
provided by third party providers, even providers who are almost
entirely facilities based will have some holes or redundancy gaps.
Because these are L1 (wave) and L2 (e.g. ethernet transport) they are
utterly invisible from the L3 topology.

You can make some guesses which are probably harmless: a guard that is
across the ocean is much more likely to take you across a compromised
path than one closerâ    but going much further than that may well
decrease your security.

These concerns should be reminding us of the importance of high
latency mix networks... they're the only way to start getting any real
confidence against a global passive observer, and the are mostly a
missing item in our privacy tool toolbelt.
tor-talk mailing list