On 9 Dec 2017, at 13:24, x9p <t...@x9p.org> wrote: >> By "private guards" do you mean "bridges"? >> That would be a very bad idea: it would make the bridge and its onion >> services stand out within minutes or hours on the network, because >> each circuit gets a different middle node, and the nodes would not >> be evenly distributed. > > Sorry, I meant EntryNodes > >> If you block a guards on an onion service, it will look different, but >> that >> might be unnoticeable for a few months. (More precisely, it's safe in >> proportion the guard rotation period, divided by the number of related >> onion services blocking those guards, divided by the consensus weight >> fraction of blocked guards. We don't expect that people will do this >> calculation themselves, which is why we say "don't do that".) > > Would it be a better approach than firewall blocking, setting > "ExcludeNodes + StrictNodes" with the offending/suspicious fingerprints?
No, this is much worse: it blocks these nodes for guard, middle, intro, and rend points. That's even more detectable than blocking middle nodes after a bridge. If you must block, only block a few guards, and only short-term. This is a hard area to get right - reducing the threat of node subsets needs more research. T _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
