Hi Gregory, response below quote: > > Since this attack vector has been discussed, I started making some > > measurements on how effective it is to connect to Bitcoin using Tor, > > and I found that the number of connections dropping to near-zero is > > a situation which occurs rather frequently, which suggests that there > > is still room to improve on the DoS handling. > > I'm confused by this, I run quite a few nodes exclusively on tor and > chart their connectivity and have seen no such connection dropping > behaviour. > > Can you tell me more about how you measured this? >
When you say "running exclusively on Tor", what do you mean exactly? Do you also connect or allow connections through hidden services? I made outbound connections through Tor exit points the only way to connect to Bitcoin, and increased the number of allowed outbound connection in order to get more meaningful values. Lately, I could see unusual behaviour at: * 2014-11-28 13:14 UTC * 2014-11-25 07:32 UTC * 2014-11-24 13:06 UTC Anything I should look into? > [As an aside I agree that there are lots of things to improve here, > but the fact that users can in theory be forced off of tor via DOS > attacks is not immediately concerning to me because its a conscious > choice users would make to abandon their privacy (and the behaviour of > the system here is known and intentional). There are other mechanisms > available for people to relay their transactions than connecting > directly to the bitcoin network; so their choice isn't just abandon > privacy or don't use bitcoin at all.] > I think this issue is more important than it seems. Firstly, when running Tor-only, there are still attack vectors which make use of the DoS protection deficiencies. Secondly, if we tell people not to connect directly if they want privacy, how do we ensure that these indirect methods will not come with implications for their privacy? Best regards, Isidor ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
