Eugen Leitl wrote:
On Tue, Dec 06, 2005 at 08:29:52PM +0700, Jay Listo wrote:
well, not sure if Tor has a mechanism to find out who's operating the
How can you find out who's operating the exit nodes, unless you know the operators personally? The system is designed to tolerate a certain fraction of Mallory operators.
hmm, a couple of weeks ago, i did a traceroute of my packets while running a tor client. It was 'comforting' to know that my isp was courteously operating an exit node...just 1-2 hops away. Well, i just re-started my tor client and the 'problem' went away...i felt like i was playing the lotto with my tor client.
'exit' nodes, and the ability to choose a specific exit node.
IIRC, the client builds the circuits.
what's to stop a group of malloric tor routers from communicating out-of-band with each other and with the mallory exit node as an accomplice? well, users (the humans using the tor client) have absolutely no idea, where those circuits are being switched through. unless, users take the time to trace each http request (each of which go through a different circuit)...and also having to do whois queries on each hop. perhaps a mechanism (maybe a gui console showing each hop, ip and whois query ) for users to monitor the circuits that their tor client has chosen. This will give users awareness (or the option to exercise that) about the confidentiality of their communications.
This way, any govt (or many govts) could put up a bunch of exit nodes
Tapping and traffic analysis upstream of existing nodes are far less instrusive.
What I'm wondering is whether the claimed attack is due to a design fault, or just by throwing resources at it. If it's a design issue, it can be fixed. If it's a brute force approach, it shows how much they're willing to deploy on very little incentive. If it's a canard, they're trying to stall and destabilize.
Knowing which would be useful.