On 11/11/15, Soul Plane <[email protected]> wrote: > ... > Is this a problem that can't be stopped, these relays that may join the > network in an effort to de-anonymize users?
conflating issues; let's pick apart, can you stop evil relays from ever participating? No. however the design of Tor takes this into account through guard selection, circuit building, consensus decisions, see https://ritter.vg/p/tor-vlatest.pdf can you stop enough evil relays from routinely be selected in circuits such that correlation like this is impossible? Probably! this is where better relay checking techniques (beyond the usual exit checks) could help. Note that troubleshooting for tor-relay community would be advantaged by more robust checks as well. can you stop evil relays from using 0day attacks against users? No; 0day has, does, and will continue to happen. this is why defense in depth is important - you don't know if you might one day fall into a window of vulnerability to the wrong attacker and end up without Tor's privacy protections. > Can anyone still flood the > network with tons of relays? yes, and this is annoying. see LizardSquad attempted Tor DoS. this kind of crap sybil does not affect the anonymity of clients however! > Though the relays that were identified were > removed wouldn't someone persistent just learn from that and differentiate > more? this is the challenge. when an attacker is motivated, patient, well funded, and exercising utmost stealth, it is very difficult to distinguish their behavior from others in the world wide Tor relay community. best regards, -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
