Re: Ethical Tor

12 Nov 2015


      On 11/12/2015 03:12 AM, coderman wrote:
...
On 11/12/15, Mirimir  wrote:
...
...
Yes, it was subtle. But it was also, as I understand it, pointless
except as an attack. And it was new behavior, right?
you would not believe the kinds of fucked up clients and relays that
participate in the Tor network! even the friendly implementations in
Java or Rust have at times failed in ways that look like an attack.
i don't think people appreciate the scale, complexity, and novelty of
activity in the Tor ecosystem.
I'm sure that I don't. But maybe it would be better to consider odd
behavior as attacks until confirmed as friendly bugs.

<SNIP>
...
...
...
how would you have spotted it?
I'm not technical enough to answer that. But generally, I think that
they ought to put more effort into monitoring. Especially for new
relays. Look for anything unusual.
this is indeed a challenge!
not just for circuit behavior in general,
  but also bad exit checking (which is usually bad upstream)
    and suspicious cliques of relays.
proposals and patches welcome :)
Maybe the Tor network needs an IDS ;)
...
best regards,