[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: 25 tbreg relays in directory

To: Edward Langenback <apostle@xxxxxxxxxxxxxxxxx>, or-talk@xxxxxxxxxxxxx
Subject: Re: 25 tbreg relays in directory
From: Scott Bennett <bennett@xxxxxxxxxx>
Date: Mon, 29 Jun 2009 14:48:21 -0500 (CDT)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 29 Jun 2009 15:48:31 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

     On Mon, 29 Jun 2009 07:47:23 -0500 Edward Langenback
<apostle@xxxxxxxxxxxxxxxxx> wrote:
>Scott Bennett wrote:
>>      On Sun, 28 Jun 2009 20:09:25 +0800 Pei Hanru <peihanru@xxxxxxxxx>
>> wrote:
>>> On 2009-04-27 18:27 CST, Scott Bennett wrote:
>>>>      torstatus currently shows 25 different relays that are all named "tbreq"
>>>> and appear to be in China.  I wonder whether these are due to some benighted
>
>snip
>
>>> I've downloaded the software and tested, the version of Tor in it is
>>> indeed 0.2.1.2-alpha, torrc in it is
>> 
>>      Ouch.  This provides another example in support of having a way for
>> the directory authorities to render insecure versions inoperable/unusable
>> as relays to the rest of the network and only usable as clients to connect
>> to the tor project's web site to download a current version of tor.
>
>How about simply take a page from Freenet?  Each new build of Freenet
>comes with a "lastGoodVersion=" variable that contains the version
>number of the oldest build it's willing to talk to.

     1) Sometimes a security bug is introduced into a particular version,
rather than having been present in tor since the beginning.  When found,
the problem can be fixed in a new release.  That means that the security
bug renders a range of one or more releases dangerous to use, while
versions both older and newer may be okay to use.  Setting only the new
start of a range could, depending upon timing, render the majority of
relays in the tor network unusable for no good reason.

     2) Calling the *first* good version the "lastGoodVersion" strikes me
as a poor idea because of the potential for causing confusion.

     3) The current setup regarding versions enables the directory authorities
to establish the currently recommended versions for use as clients and a
similar set of relay versions.  (At present, an instance of tor that doesn't
find its own version in the relevant list issues a warning message to a log
file that many tor users rarely, if ever, see and thus do not respond to.)
Why would having a statically compiled list that is certain to become obsolete
be a better idea?
>
>Nodes older than that can't connect to the network for anything except
>updating the out of date node.
>
     That is part of what I have been recommending.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

Prev by Author: Re: 25 tbreg relays in directory
Next by Author: Re: 25 tbreg relays in directory
Previous by thread: Re: 25 tbreg relays in directory
Next by thread: Re: 25 tbreg relays in directory
Index(es):
- Author
- Thread