[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Many more Tor users in the past week?
On 09/03/2013 03:35 PM, adrelanos wrote:
> New hypothesis:
> This is an attempt to shut down the Tor network once and forever.
>
> Might this be an attack on the Tor network with the goal to make it that
> slow for everyone, that no one will use it anymore? (DDOS)
>
> Doing this using a botnet and only taking up a portion of their
> individual botnet member's bandwidth?
>
> If the botnet owner would force their botnet members to use all of their
> bandwith, the DDOS attack would be more effective in the short run, but
> the owner of the infected computer might notice it much easier and clean
> its computer. Using only a negligible part of their botnet member's
> bandwidth ensures that unwanted connections go unnoticed for a very long
> time, thus making this not a short successful DDOS attack, but an ever
> lasting one.
What are these new presumptive botnet clients doing that degrades Tor
performance?
Is it just that they're building circuits that don't get used?
Or are they (as elrippo noted) DDOSing relays, rather than actually
building circuits?
Or?
> Roger Dingledine:
>> Check out
>> https://metrics.torproject.org/users.html
>
> Even more users. And counting. I think now it's very unlikely that this
> is a natural growth of real users. If that was the case, you could see
> lots of discussion/support questions from those new Tor users or users
> of software which uses Tor.
How does having four times as many users affect the vulnerabilities that
Johnson et al (2013) identified?
>> There's a slight increase (worsening) in the performance measurements:
>> https://metrics.torproject.org/performance.html
>
> Got even worse.
What could those new presumptive botnet clients do in order to improve
anonymity without degrading performance?
I wonder if the presumptive botnet owner might start running some exits
just from self interest. If this were a botnet, slaves inadvertently
running exits would have highly plausible deniability, right?
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk