>> I don't think banning GCE, AWS and MS Azure is an efficient method >> to >>> significantly increase the cost of attacks because it is trivial >>> for an attacker to quickly spin up "a large number of disposable >>> machines" at other ISPs as well. > It has other benefits. Those big providers see a huge amount of exit > traffic and can potentially do correlation against that. I disagree on 'huge'. If you worry about i.e. Amazon hosting to much exit bandwidth you have to worry about many other* ASes first, and even then, banning them all completely (exit prob = 0) isn't probably a wise strategy. *) +-----------+---------------------------------+ | exit_prob | AS_name | +-----------+---------------------------------+ | 9.261 | OVH SAS | | 7.629 | Avira B.V. | | 6.239 | SOFTplus Entwicklungen GmbH | | 5.306 | Hetzner Online AG | | 4.013 | UK2 - Ltd | | 3.563 | LeaseWeb B.V. | | 3.316 | Voxility S.R.L. | | 3.171 | Init7 (Switzerland) Ltd. | | 2.454 | NFOrce Entertainment BV | | 2.232 | CYBERDYNE | | 2.174 | Association TETANEUTRAL.NET | | 2.111 | ALISTAR SECURITY SRL | | 2.018 | 31173 Services AB | | 1.852 | PlusServer AG | | 1.831 | root SA | | 1.713 | ONLINE S.A.S. | | 1.703 | QuadraNet, Inc | | 1.475 | ISPpro Internet KG | | 1.441 | Foreningen for digitala fri- oc | | 1.427 | BlazingFast LLC | | 1.377 | rrbone UG (haftungsbeschraenkt) | | 1.288 | IP-EEND BV | | 1.249 | WEDOS Internet, a.s. | | 1.240 | Abovenet Communications, Inc | | 1.181 | The Calyx Institute | | 1.169 | myLoc managed IT AG | | 1.024 | Digicube sas | | 0.871 | Amazon.com, Inc. | << Amazon | 0.817 | Hurricane Electric, Inc. | | 0.799 | University of Michigan | +-----------+---------------------------------+ onionoo data from 2015-09-01 07:00:00
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev