[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] detecting harmful relays

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] detecting harmful relays
From: Roger Dingledine <arma@xxxxxxx>
Date: Sun, 15 May 2011 18:57:18 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 15 May 2011 18:57:32 -0400
In-reply-to: <4DD03C00.4030305@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4DD03C00.4030305@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Sun, May 15, 2011 at 10:48:00PM +0200, tagnaq wrote:
> "Not reporting version is actively harmful" [1]
> [1] https://trac.torproject.org/projects/tor/ticket/2980
> 

Well, it's harmful in two ways. First is that clients will mistakenly
ask for service from relays that don't know how to provide it, or that
provide it in a buggy fashion. You can look through Tor's code for calls
to tor_version_as_new_as() to see examples. Second is that the developers,
when trying to debug something, will get misled.

> - Is it possible to detect if someone is harming the Tor network in this
> way?

You could in theory scan for wrong versions, e.g. by doing requests to a
relay and seeing how it answers. If there's no interaction that allows
us to distinguish between a relay that has a working feature and one
that doesn't, then is it really a bug? :)

As for relays that don't report *any* version... I think there are
basically none of those.

> - Are you already running such scanners or is there the Exit Scanner only?

We haven't needed to explore this issue much because most relays seem
to be running the code we wrote. I think it falls into the "don't think
about it too much until it happens, since whatever you prepared for
isn't going to be the thing that actually goes wrong" category.

--Roger

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] detecting harmful relays
  - From: tagnaq

Prev by Author: Re: [tor-talk] "drop all vulnerable relays from the consensus"
Next by Author: [tor-talk] Tor 0.2.2.26-beta and 0.2.2.27-beta are out
Previous by thread: [tor-talk] detecting harmful relays
Next by thread: [tor-talk] Fwd: [guardian-dev] Orbot 1.0.5.2 now in the Android Market
Index(es):
- Author
- Thread