Eugen Leitl wrote:
On Fri, Dec 15, 2006 at 06:43:55AM -0500, Tyler Durden wrote:
OK, more dumb questions about hiding a Tor node.
Not dumb at all, it's just the Tor designers went for a public approach. However, as persecution seems to have started tightening thumbscrews on Tor operators, a slide into illegality (and a redesign towards more resilience) might be soon required. Of course, that's the whole idea behind harassing Tor operators -- move them into a dark niche, where they will be insigificant as providers of anonymity for the masses.
The criminals already have their zombie networks, and with even some superficial mixing finding a head in a global 100 kNode cloud is practically impossible. And I very much doubt anyone is seriously looking at all. Now anything that might disrupt installation of the Panopticon is another matter entirely. It's pretty obvious that a Second Great Depression is at the doors, and the democracy is failing, so I'm guessing the powers that be are preparing to intercept and quash the Internet as a grassroot signalling layer for protesters (something like in France, only not just immigrants, and on a vastly larger scale).
Even though the current list of Tor node IP addresses is basically public, I'm not 100% convinced it woul have to be.
The client builds the circuit, so it has to know the entire list of the nodes. The Tor server doesn't have any say in that matter, and that's actually good because you can operate a Tor network with a high fraction of Mallory nodes more or less safely.
Well, exit and entry nodes perhaps have to be public, but what about nodes inside the cloud? OK, anything sent to one of those nodes by an edge node has to use a unencrypted IP address on the packet header, right? BUT, the same machines that house the Tor nodes could (and probably do, right?) house other services as well...a packet sent to the Tor node has to be sent to the right socket and layer 4 service. Right? And THAT can be encrypted, and probably already is by Tor nodes. (Now remember I'm not a datacom guy...)
If the list of interior Tor nodes is encrypted and only machine-readable by other Tor nodes, AND if we have a few additional services residing on the
I would be very surprised to learn that no TLAs are running nodes, or at least tap nodes (when you run a colo, you don't have a lot of control about physical security, so you have no idea whether there's a rootkit after it comes up after a yet another "outage").
same machines as the Tor nodess, then a packet sent to a machine housing a Tor node may or may not actually be going to a Tor node.
A much better idea is to make Tor a payload for a worm vector. I would be very surprised if spammers wouldn't start building their private Tor networks on zombies for control traffic, should persecution begin in earnest. These IRC bots and channels are awfully public, and a couple of trampolines is not sufficient number of indirection layers by far.
If the operators of that machine are also unaware of the precise service-bundle existing on the machine (not unreasonable as long as someone is paying them for the consumed bandwidth) AND if packets destined for that machine can reasonably be said to be accessing a non-TOR service AND if the IP address list of interior TOR nodes is encrypted, is the Tor node now disguised? Seems to me it would be difficult for some authorities to track down the location of some Tor nodes.
The best Tor node operator is the one who doesn't even know he's one. A network of million zombies where two new arise for one stricken down is effectively unkillable.
Btw, there's a Tor package for OpenWRT -- I have not verified it's working as adverized however -- the hardware *is* a bit tight. It would a perfect disposable node, meshable, and with no wires to trace.
Or am I missing something? Like I said, I'm no datacom guy, but hiding a Tor node deosn't seem impossible to me.
You'd need a redesign where servers with only partical network knowledge can randomly redirect packets, while still unable to gnaw off all the onion layers. Topologically, routing in random high-N spaces is not difficult. However, the network better be of considerable size. Enter the worm.
No, enter the "make a buck". The former approach will clog the Internet, the latter will make it thrive. Cheers, ---Venkat.