On Fri, Apr 18, 2014 at 10:02:33PM +0200, Paul Staroch wrote: > Am 2014-04-18 21:31, schrieb mr.cur...@urssmail.org: > > Is there any way currently to do this, or are there already some > > safeguards in place? > > In its default configuration, Tor ensures that each relay in a > circuit belongs to another /16 subnet (cf. Tor Path Specification > [1], section "2.2. Path selection and constraints"). However, in the > case of Amazon EC2, this constraint does not suffice as Amazon uses > IP addresses from several different /16 subnets. >
Note that this important but was not a guarantee even before the use of cloud relays. In my 2009 paper with Matt Edman "AS-Awareness in Tor Path Selection" we described the generation of 1500 paths using the Tor path selection algorithm "Of those 15,000 paths, 163 (or ≈ 1.1%) contained an entry and exit node that resided in the same AS despite having an IP address from different /16 subnets. Out of those 163 paths, all but one also had a distinct /8 network address." aloha, Paul _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays