Re: [tor-dev] Comments on proposal 279 (Name API)

On 04/04/2017 12:50 AM, Nick Mathewson wrote: > On Mon, Apr 3, 2017 at 8:20 AM, George Kadianakis > wrote: >> Nick Mathewson writes: >>> Section 2.1 and elsewhere: >>> >>> I suggest that we require all address suffixes to end with .onion; >>> other

[tor-dev] Counter-RAPTOR Paper

Hi all, Our proposed defenses (Counter-RAPTOR) against active routing attacks on Tor will soon appear at IEEE S in May. It's also available here: https://arxiv.org/abs/1704.00843 In short, we have two lines of defenses: (1) Entry Guard Selection (proactive defense,

Re: [tor-dev] Control-port filtering: can it have a reasonable threat model?

Hi Nick. Just a quick note that something I've wanted from time to time is a 'make the control port read-only' option so only GETINFO, GETCONF, events, etc would work. Yes, these could be used to deanonymize a user, but it could provide assurance the controller doesn't tamper with tor. This has

Re: [tor-dev] Control-port filtering: can it have a reasonable threat model?

On Mon, Apr 3, 2017 at 6:39 PM, dawuud wrote: > > > It's worth noting that controllers able to run SETCONF can ask the tor > process to execute arbitrary programs: > > man torrc | grep exec > > So if you want a controller to have any less privileges than the tor > daemon