On Dec 24, 2011, at 12:21 AM, Chris wrote: > [snip] > > The threat here potentially comes from governments mandating a back door.
All Tor developers that have voiced their opinion on the matter of backdoors state that they would never put in a backdoor, and personally I would immediately quit the project if any evidence was produced that such a backdoor was implemented/is about to be implemented. > The solution to this problem is to spread out the responsibility of > checking for back doors amongst developers in different parts of the world > and giving them the ability to issue secure signed hashes of the compile > binaries. They would need to compile binaries themselves to create these > signed secure hashes. This is not currently possible, because the builds are not deterministic [0]. So, nobody except the release engineer knows how the binary was built exactly. > Tor has a vulnerability where there are only two or three bootstraping > servers. They are spread out from my understanding although also a point > of vulnerability. It requires 2 of three server currently I believe to > compromise the service. If I recall correctly there is the possibility to > have several trusted entities although there are only two or three right > now. I'm sure someone more knowledgeable can provide better info. This is pretty plainly wrong. Tor uses a set of currently 8 directory authorities (I operate one of them, gabelmoo), and uses them to bootstrap. Blocking them all is easy, and prevents bootstrapping for Tor clients that aren't using bridges, but if a bridge is available they are not required for bootstrapping purposes. If a sufficient number of them are compromised, an adversary can do bad stuff like skew the popularity of a relay or prevent a relay from joining/add a relay that isn't really online, etc. Unless a majority of them are hijacked it is very hard to pull off those attacks unnoticed, tho. Sebastian _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk