Re: private vs. public tor network ... any other options ?
> On the other hand, I do control a fair amount of infrastructure and > bandwidth in multiple locations ... so it's very tempting to leverage those > resources in a way that gives me tor-like anonymity, but without the > (sometimes terrible) speed and latency. Trouble is -- you don't have a way of reserving part of the throughput to yourself. The whole point of tor is that exit and middleman nodes don't know which flows belong to which user, and hence reserving resources to a given user is not doable. If you're mostly accessing a small set of servers, you could restrict your exit policies to those particular IPs; this way, you'd only be sharing resources with those users that are also accessing those servers. Similarly, if you're only using rare ports (e.g. 22), then you could set up your exit policies to only allow those ports. I doubt, however, that this will help much. The proper solution is to improve the tor network, in particular to implement fair sharing of bandwidth between flows, prioritisation of interactive traffic, and especially IPv6 support (so that hosts behind NATs can accept incoming connections from other tor nodes with no special tricks). Juliusz *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: private vs. public tor network ... any other options ?
On Thu, 24 Sep 2009, Flamsmark wrote: On Thu, 24 Sep 2009, Flamsmark wrote: If you limit yourself to a small set of nodes, you will definitely compromise your anonymity against a powerful attacker. But What would you (loosely) define as a small set of nodes vs. a large set of nodes ? You want as many nodes as you can get. How many have you got? Well ... let's say I have 6 nodes. That's a very small number. But then let's say that all six nodes are in quad-homed datacenters where I can get one (or more) IPs on each peer. So now, assuming I run one VM per network, I've got 24 nodes, each on a different route on the Internet. 6 is low. I suspect 24 is low. But is it laughably low ? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: private vs. public tor network ... any other options ?
> > On Thu, 24 Sep 2009, Flamsmark wrote: > > If you limit yourself to a small set of nodes, you >> will definitely compromise your anonymity against a powerful attacker. But >> > > > What would you (loosely) define as a small set of nodes vs. a large set of > nodes ? You want as many nodes as you can get. How many have you got?
Re: private vs. public tor network ... any other options ?
Hello, On Thu, 24 Sep 2009, Flamsmark wrote: If you limit yourself to a small set of nodes, you will definitely compromise your anonymity against a powerful attacker. But What would you (loosely) define as a small set of nodes vs. a large set of nodes ? Note that trying to take advantage of your own resources inevitably limits your anonymity potential. Customizing your network also means that you won't benefit as much, or at all, from upgrades to Tor. However, if all you want is casually anonymous browsing at high speed, this may be useful to you. Nonetheless, I make no guarantees that the system you set up will be sufficiently anonymous for you. Thanks. That's probably a deep truth about any kind of subversion/duplicity/anonymity ... *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: private vs. public tor network ... any other options ?
Hello David, On Thu, 24 Sep 2009, David Jevans wrote: What we have contemplated is operating the exit nodes, and mixing into the public Tor network for either the middle or both middle and entry nodes. You could select high bandwidth middle-nodes for this, which would give you reasonably high performance, yet you would have 1-2-or more public nodes in between the user and the exit node. This would provide increased anonymity, while preserving performance and security of the exit nodes (protecting against mal-nodes). The thought was also to select those middle nodes based on measured performance. Thank you - that does help. So you are always using your own exit nodes, and usually using public Tor for hops 1 and 2, but sometimes using yourself for entry ? What makes the determination, for you, whether to use two public Tor hops vs. just one (the middle) ? I suppose a converse of this is that you could put private nodes in your "route" so as to run your traffic over four or five hops (instead of the default three) without the typical speed/latency costs. So, increased speed for three hops, or no speed loss for 3+X hops... But that still leaves the undefined anonymity loss, which appears to be non-zero... Thanks again - any additional comments you may have are appreciated. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: private vs. public tor network ... any other options ?
We run a private Tor-based network. Email Steve (sms@) or I for questions. What we have contemplated is operating the exit nodes, and mixing into the public Tor network for either the middle or both middle and entry nodes. You could select high bandwidth middle-nodes for this, which would give you reasonably high performance, yet you would have 1-2-or more public nodes in between the user and the exit node. This would provide increased anonymity, while preserving performance and security of the exit nodes (protecting against mal-nodes). The thought was also to select those middle nodes based on measured performance. Thoughts? DJ -Original Message- From: Flamsmark Date: Thu, 24 Sep 2009 11:24:27 To: Subject: Re: private vs. public tor network ... any other options ? > > > On the other hand, I do control a fair amount of infrastructure and > bandwidth in multiple locations ... so it's very tempting to leverage those > resources in a way that gives me tor-like anonymity, but without the > (sometimes terrible) speed and latency. > If you limit yourself to a small set of nodes, you will definitely compromise your anonymity against a powerful attacker. But what if you're not worried about a powerful attacker, or serious anonymity? What if you just want a casual observer to think you're using Tor, and leave it at that? > > Is there a middle ground ? Is it possible for me to simultaneously > contribute network resources to the public Tor network, allowing me to blend > in like every other Tor user, yet at the same time somehow leveraging the > specific resources I control to achieve faster speeds for my own use ? > You could run two relays on each node you control. One relay would be part of the public tor network, and limit the bandwidth to a (large) fraction of what you have available. One relay would be part of your private tor network and use the rest of the available bandwidth. You'd have to bootstrap your tor network from scratch, and set up an authority, and so on. Then you could run your local tor client on your private network, and have a small set of fast nodes available to you. A casual observer at either end (you-hop1 or hop3-internet) would see the traffic from/to a tor node, and assume that it was truly torified. Depending what you personally think the threat profile is - and I'd suggest reading some of the research to find out what threats to consider - you might want to use an entry point or exit node on the regular network, or do other circuit manipulation. Note that trying to take advantage of your own resources inevitably limits your anonymity potential. Customizing your network also means that you won't benefit as much, or at all, from upgrades to Tor. However, if all you want is casually anonymous browsing at high speed, this may be useful to you. Nonetheless, I make no guarantees that the system you set up will be sufficiently anonymous for you.
Re: private vs. public tor network ... any other options ?
> > > On the other hand, I do control a fair amount of infrastructure and > bandwidth in multiple locations ... so it's very tempting to leverage those > resources in a way that gives me tor-like anonymity, but without the > (sometimes terrible) speed and latency. > If you limit yourself to a small set of nodes, you will definitely compromise your anonymity against a powerful attacker. But what if you're not worried about a powerful attacker, or serious anonymity? What if you just want a casual observer to think you're using Tor, and leave it at that? > > Is there a middle ground ? Is it possible for me to simultaneously > contribute network resources to the public Tor network, allowing me to blend > in like every other Tor user, yet at the same time somehow leveraging the > specific resources I control to achieve faster speeds for my own use ? > You could run two relays on each node you control. One relay would be part of the public tor network, and limit the bandwidth to a (large) fraction of what you have available. One relay would be part of your private tor network and use the rest of the available bandwidth. You'd have to bootstrap your tor network from scratch, and set up an authority, and so on. Then you could run your local tor client on your private network, and have a small set of fast nodes available to you. A casual observer at either end (you-hop1 or hop3-internet) would see the traffic from/to a tor node, and assume that it was truly torified. Depending what you personally think the threat profile is - and I'd suggest reading some of the research to find out what threats to consider - you might want to use an entry point or exit node on the regular network, or do other circuit manipulation. Note that trying to take advantage of your own resources inevitably limits your anonymity potential. Customizing your network also means that you won't benefit as much, or at all, from upgrades to Tor. However, if all you want is casually anonymous browsing at high speed, this may be useful to you. Nonetheless, I make no guarantees that the system you set up will be sufficiently anonymous for you.
Re: private vs. public tor network ... any other options ?
> Is there a middle ground ? Is it possible for me to simultaneously > contribute network resources to the public Tor network, allowing me to blend > in like every other Tor user, yet at the same time somehow leveraging the > specific resources I control to achieve faster speeds for my own use ? You could build circuits through your own nodes and map destinations to exits. However I don't know how to reserve x portion of their bandwidth for yourself. Nor would using them in this way seem to be smart if these paths through your nodes are more likely to be monitored than the rest of the Tornet. It would be an interesting experiment if everyone on the list coordinated all of a sudden one day, for x number of hours needed [6/12/18/24/etc]. to turn up everything they can as non-exit / exit relays and feed them all the bandwith they can muster... to see where the demand / supply cap is... if some of the always pegged nodes begin experiencing sustained relief. On a quarterly basis even. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
private vs. public tor network ... any other options ?
I am aware that I may run a private Tor network if the speed or latency of the public Tor network is unacceptable to me. I am also aware that failing to reach a critical mass of nodes and traffic will leave users' anonymity much more vulnerable to attack. I don't know what the numbers are, in terms of minimum acceptable nodes or traffic, but I suspect that I don't want to arrange or maintain it. On the other hand, I do control a fair amount of infrastructure and bandwidth in multiple locations ... so it's very tempting to leverage those resources in a way that gives me tor-like anonymity, but without the (sometimes terrible) speed and latency. Is there a middle ground ? Is it possible for me to simultaneously contribute network resources to the public Tor network, allowing me to blend in like every other Tor user, yet at the same time somehow leveraging the specific resources I control to achieve faster speeds for my own use ? Thanks. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
