[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Publishing bridge contact information



Hi there,

I don't want to declare it a showstopper outright, but:

> On 8. Feb 2018, at 09:42, Karsten Loesing <karsten@xxxxxxxxxxxxxx> wrote:
> 
> These sound like variants of the first disadvantage listed above. There
> are two additional assumptions in here, though:
> 
> 1) bridge operators use the same or a similar email address as their
> bridge contact information and for mailing list/forum postings or in
> their whois information;
> 
> 2) bridge operators are running their bridges close to the host they're
> using to post to mailing lists/forums or close to the host where they're
> hosting a registered domain.

Neither is required. The only assumptions are that it is possible to enumerate
whois information for the entire v4 internet (which should be the case) and
that it is possible to link the email address provided in the contact line
with the name that's used in whois (which might or might not be easy, in my
case it'd actually be trivial because the name is a part of my email address).

> I can see situations where both assumptions are met. But I think,
> overall, that the likelihood of locating a bridge by connecting contact
> information to mailing list archives, forum postings, or whois
> information makes this attack rather unattractive.
> 
> I'd say let's list this as another possible disadvantage, and let's
> compare them all to the possible advantages at the end.
> 
> Unless you thought of this as a show-stopper, in which case I'd kindly
> ask you to elaborate.
> 
> Thanks for the feedback, Geoff and Sebastian!

Just to summarize how the attack would work, you link the email to anything
containing a real name, you crawl whois for IPs assigned to people with that
name, unless they use some anonymizing technique you get a (small) list of
candidate IP addresses to test.

Cheers
Sebastian

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays