[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)

To: tor-talk@xxxxxxxxxxxxxxxxxxxx, sh-expires-12-2015@xxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)
From: coderman <coderman@xxxxxxxxx>
Date: Mon, 12 Oct 2015 18:43:41 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 12 Oct 2015 21:43:58 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=6QRQ05BvcnvYypshJ8Cdkwd518n9r+t1rjWFSQAefeA=; b=wonDG7UCX7e85DQzsMV2C7xPahr696I4FroavPF6uqCtW9mcibwbgoCXNyzM7BtQUD RYke9i3FDGV9SIfCDwAt2ksxbMdD8NnxnAkydzemE35o0+ZOozw7+w59RfKymeGDwg7V RczLnd51DKnS5VwwO5oapF3GXGc7UB6t4iec/NaOwOzpfPH+W4+14iNccLRG0kXXMyYv GbZig0IKKdQkqFgljoP/whbOG9hEr2/0QX32VI5BHseTanJ25lMqYizA7VqPcfcEdVmT 7yuk10e4116F4j+da66swWyHRR/UKfOQI511wchO6qkIP8cQWzQqYuhSrxsL51i5etMk VynA==
In-reply-to: <20151013012057.GD2119@xxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <6.2.5.6.2.20151011115307.0711bbc0@xxxxxxxxxxx> <CAD2Ti2-KsGjF5F9REyh2WHJtDfuC+dQoqa4n4fY05wfy0sXv+A@xxxxxxxxxxxxxx> <20151013012057.GD2119@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On 10/12/15, sh-expires-12-2015@xxxxxxxxxxxxxxxx
<sh-expires-12-2015@xxxxxxxxxxxxxxxx> wrote:
> ...
> Tor users aren't entitled to special treatment,

at times it is desirable to avoid the usual "knee-jerk" responses, however.

there is a trick, which is to monitor the consensus. any new relay
identity, or new IP associated with an existing entity.

on event of a new relay or IP, attempt an exit check.

if the exit is not currently in the listed DNSRBL, use it as quickly
as possible as "new-not-yet-blacklisted"

note that there are plenty already using this technique, and you must
race the horde, depending. (the people reading this in some search
engine cache surely spammers looking to maximize their abuse of the
Tor network. ;)

>> the great side effect that such exits are usable to
>> circumvent similar braindead / hating censorship
>> directed at tor users.
>
> Have you ever considered, that people who
> operate hidden services for websites, like to redirect
> people to said hidden services instead of relying
> on exits?

you may like my theory of the whole world going hidden service, soon
enough. since the public internet is all DEF CON wireless, whether you
admit it to yourself or not. *grin*

> Sorry, if that sounds scary, but some relay operators
> I met the this year hat quite a negative relay experience.

i'd like you to tell us more about these negative relay experiences.

i don't doubt them. but i find your misguided understanding of and
pre-occupation with only Tor's detriments interesting.

> I am currently wrapping my head around this, trying
> to figure out if it makes correlation attacks easier
> or MITMing and inserting convert channels between
> arbitrary nodes harder.

this quantified risk analysis at your disposal sounds quite useful.
looking forward to details!

> While we are at it, I consider having the exit ip for
> multihomed nodes in the consensus beneficary. If
> you like to start including additional information into
> the consensus consider the AS too.

you don't understand why this isn't practical. but that's ok.

totally different from AS for OR endpoint.

> The data is available form the RIRs, I am using it with
> a Tor monitor, that isn't libre and I am not sure how the
> RIRs would like to have their services put under load.

you're a considerate and careful Internet citizen, thank you!

> Anyway, I am moving this to tor-talk with the intention
> to discuss, at least, a multihomed flag.

multi-homed flag must die in a fire. don't even consider it!

best regards,
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)
  - From: coderman

References:
- [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)
  - From: sh-expires-12-2015@xxxxxxxxxxxxxxxx

Prev by Author: Re: [tor-talk] Tor
Next by Author: Re: [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)
Previous by thread: [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)
Next by thread: Re: [tor-talk] Mulihomed flag for nodes (from Re: why are some exit IPs missing from Exit IP DB?)
Index(es):
- Author
- Thread