[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: "Practical onion hacking: finding the real address of Tor clients"

Thus spake Chris (millions.of.stones@xxxxxxxxx):

> Can the tor directory provider run a script every now and again that
> checks the content of a site/image retrieved from outside of tor and
> though each exit node and then look into any discrepancies.  I know
> anyone can try this and make a better test but this will eventualy
> have to be done and acted upon by a trusted party.

We're working on it. I'm running a multi-purpose scanner right now
(see Snakes On A Tor threads in the archives), but results still have
to be sifted through manually, no automatic directory integration yet.
It's not easy to do this automated and be right all the time,
especially in the face of changing content and dropped
connections/truncation. Probably will end up having the script email a
human/humans with results that they can verify.

Mike Perry
Mad Computer Scientist
fscked.org evil labs