[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Meeting Snowden in Princeton
I dislike the notion of the central directory auth, while not a SINGLE
point of failure, relying on someone else to know who to trust, is great
until you discover that the trust was underserved.
Operational security also seems to be glossed over to laypersons, which is
why I use to a solar powered computers running tor, that I network with a
private VPN server that I have running in germany.
On Tue, May 5, 2015 at 4:49 AM, str4d <str4d@xxxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> W. Greenhouse wrote:
> > Some degree of centralization of the directory is, for now, the
> > only way to prevent an attacker from owning everything simply by
> > dumping a lot of bandwidth onto the network (what Lizard Squad
> > attempted to do). Networks like i2p and bitcoin are to a greater
> > extent vulnerable to that than Tor is,
>
> As with everything, it's a question of balance. Tor errs on the side
> of centralization, which enables it to easily detect bandwidth dumping
> and block arbitrary routers with quick turnaround, but that is a lot
> of power in the hands of a (trusted) few. It also does nothing against
> e.g. carefully-planned slow Sybil attacks.
>
> > because i2p and bitcoin didn't even consider resistance to network
> > sibyls as part of their design.
> >
>
> The original I2P devs *did* consider Sybil resistance while designing
> the network, and did include scope in the network architecture for
> e.g. HashCash-like mechanisms, but ultimately decided to take the
> decentralized route, and designed the network on the assumption that
> no router is trusted. As for detecting and inhibiting Sybil attacks:
> it is still possible to detect bandwidth dumping (one example I recall
> was a research group starting up a bunch of routers), and we do have
> the ability to block routers, but only via router upgrades. So yes, it
> is certainly more difficult right now to impede Sybils on I2P. But
> there is more focus on making the attacks that Sybil enables harder to
> carry out (because a Sybil on its own is not an attack), as well as
> general network growth to make obtaining a large enough network
> fraction more difficult (we estimate there are currently around 25,000
> I2P routers).
>
> str4d
> -----BEGIN PGP SIGNATURE-----
>
> iQIcBAEBCgAGBQJVSK4iAAoJEBO17ljAn7Pgz1AP/1FkitJsLNDZzB3q8+xNRb2Q
> qS669IdXkin1oFPr/LeZ6zlic2N7cqgVtYhTkVKaq03w9f4P52EqCgN7ZzNUCShK
> xvx2bM/EN/fhNm1xHdTLMQRXvD2X3cpHPoc7MVPyl8fhUNe09Xivdm2NwusMso7y
> LQmkAJXoBf6uHVVyCZDvLYXuMBiXpSMlpbFWqOJJEyTDbbC1Wo6JScxFShJ0Dd3S
> Htz01LjdMLy9TcDhsiy4kZrRev+It2sARe6cUyEHYhJRt1elraVveW4VhdthlAS2
> VK78XWvlMKRZDEuRVK7Gm0chkLK4gtDgEXnsEwr7EAwXkyb2VBHuyMVo7ISpH7sT
> 2eRTMmlBINXqV8I5AeIRXc3SPQRg7gqmx7vyw+khAnjgtjWWuEKWiBHrxZ/jLDVR
> rcr06+CXLuYthae038QL6qUHCP5LUu6uXGXxBeAJ4Fr/Ig8+SiMda+Ctv2a/hBmd
> kSklCnpeh4/gFo8VUZlyMLF+PEK8d5EtEDBHLIGITQAqQSZb03xpv7KIDeJ4D/uc
> vIP5f25dCguaMxzNO0gpk3ikeZDo2zkt/PRd6VUh2cYUU1K4SL0jYpDBajX3/OKG
> b2/CoOz+pSDVgvYDjupyQ0vFDgtvUckOPfxR48v+bhcH5v9HFUo4iezSX5zNZhd0
> eItO8jzcv887nVAAGcAG
> =E7Pe
> -----END PGP SIGNATURE-----
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk