[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Reducing relays = reducing anonymity ? Tortunnel.

On Wed, May 19, 2010 at 03:21:15PM -0400, Stephen Carpenter wrote:
> On Wed, May 19, 2010 at 1:48 PM, Sebastian Hahn <mail@xxxxxxxxxxxxxxxxx> wrote:
> >> Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the number
> >> of relays ?
> >
> > Yes, unfortunately quite a few people use it.
> > It hurts the network by endangering exit node operators, and
> > by completely ignoring any of the load balancing that happens
> > in normal Tor.
> I agree with most of what you have had to say, though, this gets to
> the heart of why its not just "bad for you" but "abusive to the
> community". However, I am not sure that I understand how this is the
> case.
> Certainly there is a certain amount of sense to the idea that
> tortunnel traffic may use another system that focuses more on speed if
> tortunnel was unavailable. However, an assumption is an assumption and
> I am not sure how much I buy the truth of it.
> Is there an argument for the problem beyond this? What load balancing
> mechanisms is it ignoring? Is this ignorance a symptom of what it
> tries to do, or a symptom of ignorant design (ie just plain ignoring
> network information that it is the client's job to respect?).
> I ask for two reasons. The first is logical accuracy, what its trying
> to do, while bad for user anonymity, doesn't, on its face, seem like a
> real problem for tor exit node runners. The second is that I have
> considered writting a client myself (I have some things that I want to
> play with that is a bit beyond what the current client can do... like
> rendezvous nodes that don't publish in the public directory) and I
> wouldn't want to end up being considered an abuser

If single-hop users of exit nodes become common
it then becomes worthwhile for Tor adversaries to 
seize or compromise or tap traffic going into exit nodes
in order to locate those single-hop users.

I have been using the alpha versions that detect 
anomalous connections from nodes claiming to be tor relays
for several weeks and have seen some (but not majority) activity.
Although tortunnel-like code can be used for detecting bad exits,
i wouldnt be surprised if someone adapted it for p2p botnets spamming etc.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/