[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: AN idea of non-public exit-nodes

I'm not sure that the correlation attacks for `bridge exits' are better than those for normal bridges. However, the `exit risk' would likely be more discouraging to such `bridge exits'. However, as a more general question, making the Tor network difficult to completely enumerate might be interesting. Clearly, there are valuable advantages to a hard-to-map network, but can it be done without gross disadvantages?

2009/11/24 Damian Johnson <atagar1@xxxxxxxxx>
Interesting idea, but seems like it could be pretty dangerous. If an attacker was able to figure out the subset of Tor users taking advantage of these special exits and ran one themselves then correlation probably wouldn't be too difficult. In addition, abuse issues makes finding exit operators a lot harder than bridges so you probably wouldn't get the vast number of volunteers needed for the current bridge distribution tactics. -Damian

On Tue, Nov 24, 2009 at 5:05 PM, Ted Smith <teddks@xxxxxxxxx> wrote:
On Tue, 2009-11-24 at 19:49 -0500, Roger Dingledine wrote:
> See especially point #1: "even if we didn't tell clients about the
> list of
> relays directly, somebody could still make a lot of connections
> through
> Tor to a test site and build a list of the addresses they see."
> I guess we could perhaps add support for configuring your own secret
> exit node that your buddy runs for you. But at that point the
> anonymity
> that Tor can provide in that situation gets pretty fuzzy.

It's like a bridge, but for exits. They would probably have to be a lot
less friend-to-friend than bridges, but it might still be doable. I
think this is what the original poster meant, anyways.