Compared to the scale of the budget of small research projects run by national intelligence agency sized organizations, you wouldn't have to be very well funded to run a sizeable proportion of all tor exit nodes with some degree of plausible deniability...
500 credit cards 500 unique bililng names/addresses and sets of contact info spread 500 1U servers around the world in as many geographically unique locations as you can find, with every dedicated hosting/colo company... average of $150/mo x 500 = $75,000 On Wed, May 11, 2016 at 5:08 PM, <valdis.kletni...@vt.edu> wrote: > On Wed, 11 May 2016 21:07:21 +0200, Florian Weimer said: > > * Chris Adams: > > > > > First, out of the box, if you use the public pool servers (default > > > config), you'll typically get 4 random (more or less) servers from the > > > pool. There are a bunch, so Joe Random Hacker isn't going to have a > > > high chance of guessing the servers your system is using. > > > > A determined attacker will just run servers in the official pool. > > Such attacks have allegedly been attempted against Tor by certain > very well funded adversaries. > > Thus my statement that if you're seeing that scale attack on your time > sources, the fact that your time source is being attacked is the *least* > of your problems... >
