On Fri, Jul 08, 2016 at 08:17:05AM -0400, Sci Fith wrote: > > I've tested for research purposes running both proxychains and > openvpn setups using 2-3 VPSs with private ip addresses from bolt vm > for really cheap per month. Worked really well as an alternative to > using Tor. > > Question, If you run your own relays couldn't you just force your > host to connect to your relays only, thus ensuring that you won't > randomly hit a malicious exit or be de-anon by nefarious actor? Yes > this assumes you have a guard and exit relay running as well, but > still wondering the security of that versus other setups.
Assuming that your client-guard connection is not observed _and_ your adversary cannot learn through observation that those relays are yours, then you would (mostly) avoid de-anon. The problem is that this association is not easily hidden. If, e.g., your exit's ISP notices repeated patterns from certain circuits, it can form a pseudonymous profile of you. Now if there is ever a single link to your actual IP or other sensitive identifier that whole profile is linked to you---probably worse than a single connection de-anon. This is a major basis for Tor in the first place. When we created onion routing, we noted that a Navy only network would identify traffic into/out of the network as for the Navy. So one had to carry traffic for diverse parties to protect against this. And since limiting traffic to those trusting an entirely Navy run network is similarly problematic, you have to let diverse others run some of the network. And since they won't just trust your code, it has to be open source. That is how we have been doing it since the nineties. One could, as you suggest, just use your own trusted relays within that larger network. But that brings you a long way back towards the original problem we were looking at in 1995. Leveraging trust safely and efficiently turns out to be hard. We've been looking at this for a while now. For our latest publication on incorporating trust in relays, ISPs, etc. into routing decisions see "20,000 In League Under the Sea: Anonymous Communication, Trust, MLATs, and Undersea Cables" Jaggard et al. Proceedings on Privacy Enhancing Technologies 1(1). https://www.nrl.navy.mil/itd/chacs/jaggard-20000-league-under-sea-anonymous-communication-trust-mlats-and-undersea-cables-proceedings HTH, Paul -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
