I just got aware of this "paper" https://arxiv.org/pdf/1803.05201.pdf
If you seek for "node-Tor" you will find that it is talking about a "user" or an "owner" of a certain node implementing node-Tor, apparently a complete idiot, who incidentally is myself (the author of node-Tor in fact), but the "paper" did not even deem necessary to mention me, neither to include the links to the project, neither to ask me about some review/comments, neither to tell me about this "paper" Quasi everything that is stated in this "paper" regarding node-Tor is false, even funny I contacted Filiol & co (note: not new, we are in contact since years) one year ago to clarify: - why is my node-Tor node in their bridges list? (partial answer: it wrongly registered during years in Tonga... but then it should not be seen as a bridge any longer, it's not a bridge) and then I noticed (which explains why my node wrongly appears in their bridges list and why Filiol & co's method to discover bridges looks not to be 100% correct): - why other nodes can now extend circuits to node-Tor node while it failed to register in the authorities? (I had not checked since a long time and it appeared that my node could not register for some reasons, and then others should not have extended circuits to it), this one is problematic, it should not be possible (or at least it was not working like this before) This node is used only for the Peersm project, it can only extend circuits from the websocket OR interface (ie from the browser js OP) and is forbidden to extend anything from the standard OR port (on purpose, which does not really impact anything for Tor since it is advertising a ridiculous bandwidth then unlikely to be chosen and anyway not as unstable as many Tor nodes, it just answers that it is hibernating in this case), those limitations can of course be removed for other uses of node-Tor than Peersm As wrongly stated in the "paper" it can't act as an exit node because this basic feature is just not implemented (on purpose), and, wrong again, it it used with standard browsers, not the Tor browser (via the ws js OP inside browsers again, as a matter of fact the non ws OR does not work with the standard Tor Browser OP due to unimplemented directory features https://github.com/Ayms/node-Tor/issues/2#issuecomment-66277377, using the Tor browser's specific features is of no use for the Peersm project) I will not elaborate further, the Tor people know about this node (because unlike what the "paper" is stating they did question periodically some aspects and we are in contact since years), quasi everything is wrong and biased in this "paper" regarding node-Tor which renders questionable the entire credibility of the whole thing, I will ask them to remove this part, it is absurd to conclude that the fact that anyone can add a custom node is insecure, of course anybody following the protocol and the rules can node-Tor is not "only fifteen hundred code lines" (how Filiol & co can think that it is doing all what it does with 1500 lines?) but much more (16000 which makes 160000 in C/C++), but somewhere light compared to the Tor code since it is in js (nodejs/browsers), the whole code is not public/open source but could be should someone fund it (before it's potentially lost for everybody, see https://github.com/Ayms/node-Tor/issues/7#issuecomment-399044122 which is very modest compared to the dev effort, despite of many requests I have granted only one free license so far to one project) -- Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions Zcash wallets made simple: https://github.com/Ayms/zcash-wallets Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets Get the torrent dynamic blocklist: http://peersm.com/getblocklist Check the 10 M passwords list: http://peersm.com/findmyass Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org Peersm : http://www.peersm.com torrent-live: https://github.com/Ayms/torrent-live node-Tor : https://www.github.com/Ayms/node-Tor GitHub : https://www.github.com/Ayms -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
