On Wed, Feb 15, 2017, at 01:45 PM, Geoff Down wrote: > > > On Wed, Feb 15, 2017, at 01:32 PM, BVpTuvb AVMV wrote: > > What is preventing an attacker to start up a few mid-nodes and > > enumerating all IPs and substracting those from the list of publicly > > known entry-nodes to get a list of (all) unlisted bridges? > > > > Seems a lot cheaper than dpi and except for a few false positives due to > > bots pinging it should be quite accurate is this an inherent and known > > flaw to the bridge infrastructure that we have to live with or am i > > missing some keypoint? > > -- > Bridges are indistinguishable from clients, of which there are millions. > Plus, IIUC, bridges connect to Guards - to just one guard semi-permanently, like clients do. So your malicious relays, even if they got the Guard flag, would not see all the bridges.
-- http://www.fastmail.com - Access all of your messages and folders wherever you are -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
