Ethical Tor
Mirimir
mirimir at riseup.net
Thu Nov 12 04:39:45 PST 2015
On 11/12/2015 03:12 AM, coderman wrote:
> On 11/12/15, Mirimir <mirimir at riseup.net> wrote:
>> ...
>> Yes, it was subtle. But it was also, as I understand it, pointless
>> except as an attack. And it was new behavior, right?
>
> you would not believe the kinds of fucked up clients and relays that
> participate in the Tor network! even the friendly implementations in
> Java or Rust have at times failed in ways that look like an attack.
>
> i don't think people appreciate the scale, complexity, and novelty of
> activity in the Tor ecosystem.
I'm sure that I don't. But maybe it would be better to consider odd
behavior as attacks until confirmed as friendly bugs.
<SNIP>
>>> how would you have spotted it?
>>
>> I'm not technical enough to answer that. But generally, I think that
>> they ought to put more effort into monitoring. Especially for new
>> relays. Look for anything unusual.
>
> this is indeed a challenge!
>
> not just for circuit behavior in general,
> but also bad exit checking (which is usually bad upstream)
> and suspicious cliques of relays.
>
> proposals and patches welcome :)
Maybe the Tor network needs an IDS ;)
> best regards,
>
More information about the cypherpunks
mailing list