On Wed, Jul 30, 2014 at 11:33:05PM +0000, Nusenu wrote: > I raised this question already some time ago [1] but I guess the > discussion there ended with the busy PETS week ;)
Sorry, I must have missed that email. First of all, thanks for your feedback and for putting so much thought into this! > What would be the catch with making these reports and discussion > public? Would it help bad actors? They will eventually find out about > the consensus changes anyway, no? I think we need to distinguish between the report and the discussion. Ultimately, a report that is acted upon *cannot* remain secret. As soon as a relay gets the BadExit flag, the operator can figure out that they got caught. As a result, I believe that the mere fact that a relay was blocked (via BadExit or reject) can be published. There is an ongoing discussion if we should do that. The discussion of observed malicious behaviour, however, can give the attacker a lot of knowledge which they can exploit in order to evade detection in the future. Consider, for example, an HTTPS MitM attack which targets a small number of web sites. If somebody reports only one of these targets, the attacker can spawn a new relay after discovery and simply reduce the set of targeted sites in order to remain under the radar. This seems to be an uphill battle and it's difficult to have full transparency without giving dedicated adversaries a big advantage. Cheers, Philipp -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
