private vs. public tor network ... any other options ?

Thu Sep 24 11:24:27 PDT 2009

> On the other hand, I do control a fair amount of infrastructure and
> bandwidth in multiple locations ... so it's very tempting to leverage those
> resources in a way that gives me tor-like anonymity, but without the
> (sometimes terrible) speed and latency.

If you limit yourself to a small set of nodes, you
will definitely compromise your anonymity against a powerful attacker. But
what if you're not worried about a powerful attacker, or serious anonymity?
What if you just want a casual observer to think you're using Tor, and leave
it at that?

> Is there a middle ground ?  Is it possible for me to simultaneously
> contribute network resources to the public Tor network, allowing me to blend
> in like every other Tor user, yet at the same time somehow leveraging the
> specific resources I control to achieve faster speeds for my own use ?

You could run two relays on each node you control. One relay would be part
of the public tor network, and limit the bandwidth to a (large) fraction of
what you have available. One relay would be part of your private tor network
and use the rest of the available bandwidth. You'd have to bootstrap your
tor network from scratch, and set up an authority, and so on. Then you could
run your local tor client on your private network, and have a small set of
fast nodes available to you. A casual observer at either end (you-hop1 or
hop3-internet) would see the traffic from/to a tor node, and assume that it
was truly torified. Depending what you personally think the threat profile
is - and I'd suggest reading some of the research to find out what threats
to consider - you might want to use an entry point or exit node on the
regular network, or do other circuit manipulation.

Note that trying to take advantage of your own resources inevitably limits
your anonymity potential. Customizing your network also means that you won't
benefit as much, or at all, from upgrades to Tor. However, if all you want
is casually anonymous browsing at high speed, this may be useful to you.
Nonetheless, I make no guarantees that the system you set up will be
sufficiently anonymous for you.

----- End forwarded message -----
Eugen* Leitl <a href="">leitl</a>
ICBM: 48.07100, 11.36820
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the cypherpunks-legacy mailing list