[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #7066 [Tor]: Guard disablement by path-bias detector must be disabled or removed

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #7066 [Tor]: Guard disablement by path-bias detector must be disabled or removed
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Thu, 18 Oct 2012 00:32:50 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 17 Oct 2012 20:32:58 -0400
In-reply-to: <047.7c4ae0404bb584ff06f028dc983da16f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.7c4ae0404bb584ff06f028dc983da16f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#7066: Guard disablement by path-bias detector must be disabled or removed
------------------------+---------------------------------------------------
 Reporter:  rransom     |          Owner:                    
     Type:  defect      |         Status:  needs_revision    
 Priority:  blocker     |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor         |        Version:                    
 Keywords:  tor-client  |         Parent:                    
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------

Comment(by mikeperry):

 Replying to [comment:4 rransom]:
 > Replying to [comment:2 nickm]:
 > > Please review branch "neuter_pathbias" in my public repository.
 >
 > The changes/ file is wrong -- the problem isn't that pb_disablepct could
 keep clients from building circuits at all (although it would have that
 effect on clients which use bridges); the problem is that pb_disablepct is
 a user-tracing backdoor which can be used to cause clients to cycle
 through all the available Guard nodes as entry nodes.

 Can you explain the attack vector here? Should we disable all of our
 consensus parameter support?

 > Other than that, looks good for 0.2.3.x (I grepped for
 â`path_bias_disabled`â on that branch and didn't find anything else that
 turns it on).  There will be a merge conflict on 0.2.4.x.

 I do not believe this is the right way to disable the guard rotation
 features for 0.2.3.x. Please see my proposal, particularly the last
 section "Implementation Notes: Differences between proposal and current
 source".

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7066#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #7066 [Tor]: Guard disablement by path-bias detector must be disabled or removed
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #7139 [Tor]: Tor involuntarily sets TLS session tickets
Next by Author: Re: [tor-bugs] #7098 [Tor]: Add safe-cookie authentication to Extended ORPort and TransportControlPort
Previous by thread: Re: [tor-bugs] #7066 [Tor]: Guard disablement by path-bias detector must be disabled or removed
Next by thread: Re: [tor-bugs] #7066 [Tor]: Guard disablement by path-bias detector must be disabled or removed
Index(es):
- Author
- Thread