[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Why make bad-relays a closed mailing list?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Why make bad-relays a closed mailing list?
From: Seth David Schoen <schoen@xxxxxxx>
Date: Thu, 31 Jul 2014 13:58:18 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 31 Jul 2014 16:58:32 -0400
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=r/rg7O1nypGNtYBbfGlmU5BcquOwZo0QpCClp7FDoi8=; b=LcZOq/fvsrUBGYcowamJwzJsxZA1555+NFI+r8c8OtJKO4HRlcEISyu34ebPWary5VmoX6wRtHsSXUHUW0lNCtjpXncQtR9SGSX8IyweE9UprXOjmp/qpyAdDGuSohUcWUy2UiZBcSxELf9ScOj9jxbA04QkkFmp6ETABEs+9N0=;
In-reply-to: <20140731203519.GF8819@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <53D980B1.9020009@xxxxxxxxxxxxx> <20140731002741.GB16023@xxxxxxxxx> <53DA9757.2050602@xxxxxxxxxxxxx> <20140731201233.GA23456@xxxxxxxxx> <20140731203519.GF8819@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

Roger Dingledine writes:

> But in this particular case I'm stuck, because the arms race is so
> lopsidedly against us.
> 
> We can scan for whether exit relays handle certain websites poorly,
> but if the list that we scan for is public, then exit relays can mess
> with other websites and know they'll get away with it.

I think the remedy is ultimately HTTPS everywhere.  Then the problem
is reduced to checking whether particular exits try to tamper with the
reliability or capacity of flows to particular sites, or with the public
keys that those sites present.  (And figuring out whether HTTPS and its
implementations are cryptographically sound.)

The arms race of "we don't really have any idea what constitutes correct
behavior for these vast number of sites that we have no relationship
with, but we want to detect when an adversary tampers with anybody's
interactions with them" seems totally untenable, for exactly the reasons
that you've described.  But detecting whether intermediaries are allowing
correctly-authenticated connections to endpoints is almost tenable,
even without relationships with those endpoints.

(I do think that continuing to work on the untenable secret scanning
methods is great, because attackers should know that they may get caught.
It's a valuable area of "impossible" research.)

Yan has just added an "HTTP nowhere" option to HTTPS Everywhere, which
prevents a browser from making any HTTP connections at all.  Right now
that would probably be quite annoying and confusing to Tor Browser users,
but maybe with some progress on various fronts it could become less so.

-- 
Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Philipp Winter

References:
- [tor-talk] Why make bad-relays a closed mailing list?
  - From: Nusenu
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Philipp Winter
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Nusenu
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Philipp Winter
- Re: [tor-talk] Why make bad-relays a closed mailing list?
  - From: Roger Dingledine

Prev by Author: Re: [tor-talk] Spoofing a browser profile to prevent fingerprinting
Next by Author: [tor-talk] how many verify their tbb ?
Previous by thread: Re: [tor-talk] Why make bad-relays a closed mailing list?
Next by thread: Re: [tor-talk] Why make bad-relays a closed mailing list?
Index(es):
- Author
- Thread