Hi The CCC local group Rheintal [1] is currently working on a solution to get much more Tor exit nodes which we think is a major problem of Tor.
The basic idea is to develop a browser plugin which while active turns the computer into both an Tor client and a Tor exit node. The target group is a Windows XP or Vista user with almost no technical skills but fear of pop-ups asking strange things. We are experienced in providing and promoting security software to them [2] and we beliefe that this solution will be accepted and widely used. To get the software done I would like to discuss the technical aspects here. The bigest problem we see are those personal firewalls which prevent running a normal Tor server. Therefore this machine needs to open a client connection. That's why we call it a client-exit node. So we need some servers for the client-exit nodes. This nodes we call pseudo-exit nodes. The reason for this is that Alice selects this node as exit node for its circuit but the traffic gets routed to the client-exit node. So the pseudo-exit node doesn't appear in the server logs. This means that every Tor node can become a pseudo-exit node without any additional law enforcement risks. Given that all Tor nodes are pseudo-exit nodes a client-exit node would select a Tor node at random and connect to it. As soon as a pseudo-exit node has at least one connection to a client-exit node it registers itself at the directory server as a normal exit node. From now on everything goes the normal way except that the pseudo exit nodes passes the traffic which would normally go out of the Tor network to the client-exit node. This is the basic idea. I'm sure there are technical aspects we missed or assumptions which are wrong. So I would appreciate if you could point us on them. We tried hard to find a solution which would not require patching existing Tor nodes. But we didn't find any. Maybe we do in this discussion. [1] http://ulm.ccc.de/Rheintal [2] http://www.dingens.org regards -- Alexander Bernauer