The nodes must reside in commercial data centers
Subject only to Tor's defenses, such as CIDR block restrictions, a node is a node. Going with the USA idea: what if the FBI, in the normal course of business, calls up all their local cable/dsl/fiber/cell providers and has a few lines run to each office and outhouse nationwide. Not enough nodes? Maybe they offer their workers free internet access and give them a secure little 'router'. Or use routing and vpn tricks to buy/borrow enough CIDR safe node IP's from whoever and route them all back to a node farm for easier management.
the resulting possibility of discovering the interception framework employed
Only the node list needs to be classified against FOIA to prevent blockage. Once the tech is figured out to the point that product is producible, the remaining thing is what can be legally done with it all. Warrantless and dragnet tap projects are holding up pretty well so far, right? Certainly targeted actions are no problem.
run untrusted software (including necessarily modified Tor clients), all of which exposes them to hacking risks
No news of Tor daemons being cracked to date, right? Isn't Tor full of nodes running all sorts of untrusted software under less than perfect admin skills? It's pretty unlikely that 'chat room' busts use Common Criteria systems either.
But one could try correlating Tor relays and Tor clients growth graphs since, say, 2000 - if at some point there was a sharp growth in USA-located relays without a corresponding growth in total clients, and if those relays have similar bandwidth / data center quality capabilities, then that could be "The Man".
There is this thread for starters: http://archives.seul.org/or/talk/Jun-2009/msg00253.html I would also look to make sure the timing to a node makes sense with its presumed geolocation. It should never be shorter than possible, nor really much longer either. Perhaps the threat is unlikely, but not impossible. _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE