hilarious 2007 tor security hole
Low-Resource Routing Attacks Against Tor https://www.freehaven.net/anonbib/cache/bauer:wpes2007.pdf you could add "high speed" compromised nodes, simply by lying about them being "high speed". also, notice this https://www.freehaven.net/anonbib/cache/hs-attack06.pdf blatant hole in hidden services design 'found' by scum-master syverson in 2006 - same scum-master who 'designed' tor haha. I'm guessing these scumbags get bonunses by 'paper' written, so they write papers about their shitty 'designs' and then write papers 'attacking' the same garbage they coded. Priceless.
On Wed, Oct 30, 2019 at 01:09:54AM -0300, Punk - Stasi 2.0 wrote:
Low-Resource Routing Attacks Against Tor https://www.freehaven.net/anonbib/cache/bauer:wpes2007.pdf
you could add "high speed" compromised nodes, simply by lying about them being "high speed".
also, notice this
https://www.freehaven.net/anonbib/cache/hs-attack06.pdf
blatant hole in hidden services design 'found' by scum-master syverson in 2006 - same scum-master who 'designed' tor haha. I'm guessing these scumbags get bonunses by 'paper' written, so they write papers about their shitty 'designs' and then write papers 'attacking' the same garbage they coded. Priceless.
Funny. Will you give a shot at summarizing the above attacks, and/or if there is any obvious solution to those attacks in relation to any new overlay network? (The overview and summary of a paper may be sufficient - some papers are long, and can therefore take a long time to read/ absorb, but a good paper should give a good succinct summary anyway...) This work we are doing of considering possible designs for (various layers of) some new overlay network, will hopefully be useful for whomever ends up on a mad codeathon - there's even the possibility this could be me, although if the design ends up good "by consensus" then a Java proof of concept will hopefully be replaced by a C, C++ or Rust (etc) implementation anyway... or, rather than "replaced", complemented might be a better word - multiple implementations working well with one another are a decent proof of "spec/ design conformance". We may even find that the guts of the network scheduling/ link monitoring and management, route negotiation and therefore quite possibly even encryption, end up in user space IP stacks such as SNABB (and in the case of SNABB, most likely therefore implemented in Lua), with perhaps a thin management interface (console at least) in say Java or any language preferred by those interested in coding such things.
participants (2)
-
Punk - Stasi 2.0
-
Zenaan Harkness