In a recent crypto.is post, Tom Ritter provides a clear explanation of the traffic correlation attack that can be performed if the adversary can see the first and last connections. (I know this is Tor 101, but he has nice diagrams).
If I live in freedom-loving State (B) and want to view information on a website in censorious State (A), I'm presumably safer from attack by State (A) if I can ensure that the entry node I connect to isn't there, but if Tor does its job then it's of no consequence that the middle or exit nodes might be located there. So why is there no ExcludeEntryNodes option? It seems to have been present at some point as there's reference to it in old mirrors of the documentation and on the blog[0], and the helpdesk advised me that it was still there, but I've tried it with both the stable and the alpha TBB bundles and they both keel over on startup with 'failed to parse' errors. Where'd it go? There are two tickets open about this but neither has received comment. [0] https://blog.torproject.org/blog/tor-02225-alpha-out _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
