Ethical Tor

Mirimir mirimir at
Thu Nov 12 04:39:45 PST 2015

On 11/12/2015 03:12 AM, coderman wrote:
> On 11/12/15, Mirimir <mirimir at> wrote:
>> ...
>> Yes, it was subtle. But it was also, as I understand it, pointless
>> except as an attack. And it was new behavior, right?
> you would not believe the kinds of fucked up clients and relays that
> participate in the Tor network! even the friendly implementations in
> Java or Rust have at times failed in ways that look like an attack.
> i don't think people appreciate the scale, complexity, and novelty of
> activity in the Tor ecosystem.

I'm sure that I don't. But maybe it would be better to consider odd
behavior as attacks until confirmed as friendly bugs.


>>> how would you have spotted it?
>> I'm not technical enough to answer that. But generally, I think that
>> they ought to put more effort into monitoring. Especially for new
>> relays. Look for anything unusual.
> this is indeed a challenge!
> not just for circuit behavior in general,
>   but also bad exit checking (which is usually bad upstream)
>     and suspicious cliques of relays.
> proposals and patches welcome :)

Maybe the Tor network needs an IDS ;)

> best regards,

More information about the cypherpunks mailing list