[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Answer by perfect-privacy.com Re: perfect-privacy.com, Family specifications, etc.

Oops, apologies - didn't realize this had already been answered. (a pox upon thread forking...)

On Thu, May 20, 2010 at 7:03 AM, Damian Johnson <atagar1@xxxxxxxxx> wrote:
The trick is that both parties need to list each other as family for this to work. As per the man page..

"When two servers both declare that they are in the same 'family'..."

The attacker would need to be listed in every other relay's torrc for the attack you described to work. I'm pretty sure listing relays you don't control has no effect. -Damian

On Wed, May 19, 2010 at 11:29 PM, Scott Bennett <bennett@xxxxxxxxxx> wrote:
    On Thu, 20 May 2010 08:23:34 +0200 (CEST) "Sebastian Hahn"
<mail@xxxxxxxxxxxxxxxxx> wrote:
>>      All that would do would be to say to all clients, "Don't include
>> this node in the same circuit as any of the blutmagie nodes."  How would
>> that be an attack?
>I can list all the nodes I don't control...
    What is the limit on line length for such a MyFamily statement?  What
is the limit on descriptor length?  Listing ~1500 nodes sounds like the
sort of thing that wouldn't work very well.
    Also, my other question remains:  what would stop me from listing nodes
that I don't control in a MyFamily statement now?

                                 Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/