[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Network diversity [was: Should I warn against Tor?]

On Fr, Jul 19 2013, Gregory Maxwell wrote:

> On Fri, Jul 19, 2013 at 8:35 AM, Jens Lechtenboerger
> <tortalk@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
>> [For those who are confused about the context of this: I started the
>> original thread.  A write-up for my motivation is available at [0].]   I
>> Links to my code and a README.txt clarifying necessary prerequisites are
>> available at [0].   Best wishes Jens  [0]
>> https://blogs.fsfe.org/jens.lechtenboerger/2013/07/19/how-i-select-tor-guard-nodes-under-global-surveillance/

I hope that I fixed my âsoft newlineâ problem.  Sorry about that.

> It's _very_ hard to reason about this subject and act safely.
> It is common for ISPs to use segments in their network which are
> provided by third party providers, even providers who are almost
> entirely facilities based will have some holes or redundancy gaps.
> Because these are L1 (wave) and L2 (e.g. ethernet transport) they are
> utterly invisible from the L3 topology.
> You can make some guesses which are probably harmless: a guard that is
> across the ocean is much more likely to take you across a compromised
> path than one closerâ

And that is mostly what Iâm doing.  How do you find guards across
the ocean?  Among the âGermanâ guards, YanLunYiZou actually turned
out to be across the ocean and back.  (I didnât check how many of
those exist.  I picked the first I saw.)

> but going much further than that may well decrease your security.

How, actually?  Iâm aware that what Iâm doing is a departure from
network diversity to obtain anonymity.  Iâm excluding what I
consider unsafe based on my current understanding.  It might be that
in the end Iâll be unable to find anything that does not look unsafe
to me.  I donât know what then.

Best wishes
tor-talk mailing list