Re: relay tidbits...
Kyle Williams wrote: First off, the facts. Anyone who willing and knowingly sends their traffic to some random routers on the Internet (encrypted traffic or not) just waived their right to privacy. Do you have a legal argument to back this up? I'm sure ATT's lawyers would like to hear it. Cheers, Michael
Re: A way to allow firewalled exit nodes [Was: Re: getting more exit nodes]
F. Fox wrote: I think that adding a firewall-piercing rendezvous-type system (like STUN, or I2P's SSU) to allow heavily-firewalled nodes to act as exits - ON A STRICTLY VOLUNTARY BASIS (i.e., off by default) - might be a nice feature. Maybe Tor could copy Gnutella's connection reversal trick: if a node X is firewalled, it connects to any unfirewalled node Y and publishes Y's address in its descriptor. When an unfirewalled node Z wants to open a connection to X, it sends a message to X through Y, and X opens a connection back to Z. The X-Z connection is used exactly as if it were a Z-X connection established in the normal way. The circuit doesn't pass through Y, so all the crypto from TLS upwards remains the same. Your comments about modifying the descriptors would still apply, though, and clients would have to be aware of it because connection reversal can't establish a connection between two firewalled nodes, so no circuit could contain two consecutive firewalled nodes (I guess that might have implications for anonymity as well). But if it allows more people to run nodes then maybe it's a worthwhile tradeoff? Cheers, Michael
Re: getting more exit nodes
Alexander Bernauer wrote: The basic idea is to develop a browser plugin which while active turns the computer into both an Tor client and a Tor exit node. The target group is a Windows XP or Vista user with almost no technical skills but fear of pop-ups asking strange things. Are you sure it's a good idea to encourage non-technical users, who might not understand the legal risks, to run exit nodes? Cheers, Michael
Re: [OT] mitigating or defeating syntax analysis
On Apr 17 2008, scar wrote: are there any scholarly papers or websites with this information, or at least talking more about syntax analysis (perhaps there is a more proper technical term)? Hi Scar, You might be interested in this paper: http://ai.eller.arizona.edu/COPLINK/publications/CACM_From%20Fingerprint%20to%20Writeprint.pdf http://portal.acm.org/citation.cfm?id=1121949.1121951 Cheers, Michael
Re: The use of malicious botnets to disrupt The Onion Router
Andrew wrote: Is there anyone who could give a (somewhat professional) assessment of how a web-of-trust feature would impact on anonymity? How about tor's overall performance? George Danezis has looked at using sparse expander graphs for mix networks [1]: each node has a small number of neighbours but can reach any other node in a small number of hops, so if the circuit is long enough the entry node can't narrow down the list of possible exit nodes or vice versa. Unlike Tor, the small number of neighbours per node makes it possible to provide cover traffic. It's not clear whether social networks are good expanders [2][3], but Shishir Nagaraja has looked at using social networks for mix networks [4]; the LiveJournal social network appears to be suitable, although you have to use more cover traffic than you would in an ideal expander graph. Cheers, Michael [1] http://homes.esat.kuleuven.be/~gdanezis/ExpMix.pdf [2] http://gladiator.ncsa.uiuc.edu/PDFs/networks/barrett2004.pdf [3] http://www.iop.org/EJ/abstract/0295-5075/73/4/649 [4] http://www.cl.cam.ac.uk/~sn275/papers/unstructured-mixes.pdf