[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #10221 [Tor]: Implement BGP malicious route checks before publishing descriptor in consensus

Subject: Re: [tor-bugs] #10221 [Tor]: Implement BGP malicious route checks before publishing descriptor in consensus
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 25 Nov 2013 16:02:49 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 25 Nov 2013 11:02:50 -0500
In-reply-to: <044.7ad9eb8e8d2bd209958951325fc18c05@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.7ad9eb8e8d2bd209958951325fc18c05@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#10221: Implement BGP malicious route checks before publishing descriptor in
consensus
-----------------------------+--------------------------------
     Reporter:  anon         |      Owner:
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:  Tor: unspecified
    Component:  Tor          |    Version:
   Resolution:               |   Keywords:  BGP needs-proposal
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+--------------------------------
Changes (by nickm):

 * keywords:  BGP => BGP needs-proposal
 * milestone:   => Tor: unspecified


Comment:

 Interesting.  Is there an easy-to-use tool to check for route hijacking?

 One worrisome thing here is that you'd need a way to keep this feature
 from turning into a selective DoS tool.  If any Tor node gets kicked out
 of the consensus for having ''any'' (!) route to that node hijacked, then
 we're effectively giving the adversary the ability to kick Tor nodes off
 the network, potentially reshaping the network more to their likelihood.
 Somebody needs to do the math to figure out whether this is somehow an
 improvement or not.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10221#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #10221 [Tor]: Implement BGP malicious route checks before publishing descriptor in consensus
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #10229 [Tor]: feature req: Runtime reconfigure Tor daemon to listen on additional addresses
Next by Author: Re: [tor-bugs] #10192 [Pluggable transport]: websocket-server seems to be (very) slow
Previous by thread: [tor-bugs] #10221 [Tor]: Implement BGP malicious route checks before publishing descriptor in consensus
Next by thread: [tor-bugs] #10222 [Metrics Website]: Implement network wide and router specific views of malicious BGP route events
Index(es):
- Author
- Thread