Re: Answer by perfect-privacy.com Re: perfect-privacy.com, Family specifications, etc.

2010-05-19 Thread Robert Marquardt
 In the meantime, perfect-privacy.com should advise this list as soon as
 its torrc files are in compliance, while the rest of us should feel free to
 use the NodeFamily information I posted earlier with, apparently, the addition
 of 17 more node fingerprints that I missed when I grepped the directory for
 the email address from the contact info.

The entries should be fine now.

Robert

On May 18, 2010, at 6:22 AM, Scott Bennett wrote:

 On Mon, 17 May 2010 21:44:21 +0200 Moritz Bartl t...@wiredwings.com
 wrote:
 What I did was just file a report at the company's website. It took them
 only minutes to get back to me.
 Scott, I don't know why, but you probably didn't get their response in
 the first place.
 
 No, I certainly didn't.  Also, they should have received a bounce message.
 Bruce neglected to mention whether he had gotten one.
 I've long thought that every node Family should have a Family name, but
 his suggestion for the actual form of the MyFamily statement is better than
 what I had been thinking of.  I heartily recommend that it be adopted and
 implemented ASAP.
 In the meantime, perfect-privacy.com should advise this list as soon as
 its torrc files are in compliance, while the rest of us should feel free to
 use the NodeFamily information I posted earlier with, apparently, the addition
 of 17 more node fingerprints that I missed when I grepped the directory for
 the email address from the contact info.
 
 
  Scott Bennett, Comm. ASMELG, CFIAG
 **
 * Internet:   bennett at cs.niu.edu  *
 **
 * A well regulated and disciplined militia, is at all times a good  *
 * objection to the introduction of that bane of all free governments *
 * -- a standing army.   *
 *-- Gov. John Hancock, New York Journal, 28 January 1790 *
 **
 ***
 To unsubscribe, send an e-mail to majord...@torproject.org with
 unsubscribe or-talkin the body. http://archives.seul.org/or/talk/

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: nameserver stats

2010-05-19 Thread Anders Andersson
Qualified guess: These might be so-called BitTorrent trackers.

These tracker URLs are embedded in torrent files that you download.
You can download these torrent files from various sources, not
necessarily (even rarely) from the site itself. When you load these
torrents into a BitTorrent client, the client tries to contact all the
trackers embedded in the file, and will probably try every 5 minutes
or so. Smarter clients would give up or use incremental/exponential
back-off, but there are probably enough dumb clients out there to
compensate.

The sad thing is that people try to use Tor for BitTorrent, though of
course there might be a use for BitTorrent on Tor so I hope it's not
just for sharing the random average movies and music.





On Wed, May 19, 2010 at 5:48 AM, Dyno Tor dyno...@gmail.com wrote:
 Yup, BT=BitTorrent.    I don't know the sites by personal experience,
 they just seemed to have BT like names.  Strange that there's such a
 correspondence, but it isn't particular to your server -- I replicated
 your results on a handful of tests, from both my exit and a local
 non-tor IP.  Perhaps these are domains that have been shutdown via
 court order or over zealous domain registrars?  Still, I'd think
 people would stop trying to connect to them after a bit, but
 trackedbyet.info is the 6th most popular DNS name, and it doesn't
 resolve!


 On Tue, May 18, 2010 at 6:20 AM, Olaf Selke olaf.se...@blutmagie.de wrote:
 Dyno Tor wrote:
 Interesting.  Olaf, I notice BT destinations seem mapped to nxdomain
 or servfail.

 BT stands for BitTorrent, right?

 Do you do this purposely to reduce abuse reports, or is
 that done by your upstream provider?

 neither, the nameserver running on this machine does caching only
 knowing nothing but the root servers from its config. So there's no
 upstream provider's ns used. I can't explain the nxdomain and servfail
 mapping.

 Olaf
 ***
 To unsubscribe, send an e-mail to majord...@torproject.org with
 unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

 ***
 To unsubscribe, send an e-mail to majord...@torproject.org with
 unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Attac Heidenheim
Hi everybody,
I just tried a little tool called Tortunnel which allows a user to
tunnel Tor via Privoxy/Polipo to any selected exitnode. Just one hop
instead of three relays.
Of course, if the exitnode ist evil, you're lost, but it really speeds
up the whole thing on the other hand.
Website: http://www.thoughtcrime.org/software/tortunnel/

My questions: 
Does anybody use tortunnel ?
Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the number
of relays ?
Where is the security/anonymity reduction since tortunnel also uses
Tor ?
Can Tor itself reduce the number of relays (like tortunnel) ?

Greetings,
Niklas



signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Damian Johnson

 Does anybody use tortunnel ?


Never heard of it before, so doubt it.

Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the number
 of relays ?


We discourage people from reducing the circuit length since it cripples the
anonymity tor provides, makes exit nodes more tasty targets since they can
correlate users to exit traffic, etc. There's been several discussion of
this in the archives.

Where is the security/anonymity reduction since tortunnel also uses
 Tor ?


It's equivalent to using a single hop proxy.

Can Tor itself reduce the number of relays (like tortunnel) ?


No, nor do we want it to.

Cheers! -Damian

On Wed, May 19, 2010 at 9:06 AM, Attac Heidenheim heidenh...@attac.dewrote:

 Hi everybody,
 I just tried a little tool called Tortunnel which allows a user to
 tunnel Tor via Privoxy/Polipo to any selected exitnode. Just one hop
 instead of three relays.
 Of course, if the exitnode ist evil, you're lost, but it really speeds
 up the whole thing on the other hand.
 Website: http://www.thoughtcrime.org/software/tortunnel/

 My questions:
 Does anybody use tortunnel ?
 Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the number
 of relays ?
 Where is the security/anonymity reduction since tortunnel also uses
 Tor ?
 Can Tor itself reduce the number of relays (like tortunnel) ?

 Greetings,
 Niklas




Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Sebastian Hahn

Hi Niklas,

On May 19, 2010, at 6:06 PM, Attac Heidenheim wrote:

Hi everybody,
I just tried a little tool called Tortunnel which allows a user to
tunnel Tor via Privoxy/Polipo to any selected exitnode. Just one hop
instead of three relays.


This works by pretending to the exit relay that you've already come
through the Tor network. This is considered abusing the resources
made available to the Tor network by volunteers, and effectively
entirely breaks your anonymity.


Of course, if the exitnode ist evil, you're lost, but it really speeds
up the whole thing on the other hand.


The only goal of tortunnel is speed. Remember, though, that most
nodes on the Tor network aren't exits, so even for the network as a
whole tortunnel, is a bad idea as exit capacity is tapped by more
people (assuming the people who use tortunnel would otherwise
find something else that offers speed but no anonymity).

Remember that not only the exit node, but also people who might
want to threaten/watch the exit node or its operator are perfectly
able to track you down and analyze all your traffic as much as
they want.


My questions:
Does anybody use tortunnel ?


Yes, quite many people do, unfortunately. We have implemented
a patch to detect people who abuse Tor in this way, and exit node
operators using the development version can already opt to deny
handling traffic for tortunnel users. As this option gets more testing
it will propagate into the stable versions and probably be turned
on by default before too long.

Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the  
number

of relays ?


Yes, unfortunately quite a few people use it.
It hurts the network by endangering exit node operators, and
by completely ignoring any of the load balancing that happens
in normal Tor.


Where is the security/anonymity reduction since tortunnel also uses
Tor ?


Anonymity is entirely gone.


Can Tor itself reduce the number of relays (like tortunnel) ?


No, because Tor itself identifies as a client to the first hop. This
means that the first hop knows that you are a client, and
disallows exiting.


Greetings,
Niklas


One thing you fail to consider is how secure tortunnel itself is.
Others have reported it is doing some dubious things, and it
wouldn't come as a big surprise if there were a nice bugdoor
somewhere.

Sebastian
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Stephen Carpenter
On Wed, May 19, 2010 at 1:48 PM, Sebastian Hahn m...@sebastianhahn.net wrote:

 Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the number
 of relays ?

 Yes, unfortunately quite a few people use it.
 It hurts the network by endangering exit node operators, and
 by completely ignoring any of the load balancing that happens
 in normal Tor.

I agree with most of what you have had to say, though, this gets to
the heart of why its not just bad for you but abusive to the
community. However, I am not sure that I understand how this is the
case.

Certainly there is a certain amount of sense to the idea that
tortunnel traffic may use another system that focuses more on speed if
tortunnel was unavailable. However, an assumption is an assumption and
I am not sure how much I buy the truth of it.

Is there an argument for the problem beyond this? What load balancing
mechanisms is it ignoring? Is this ignorance a symptom of what it
tries to do, or a symptom of ignorant design (ie just plain ignoring
network information that it is the client's job to respect?).

I ask for two reasons. The first is logical accuracy, what its trying
to do, while bad for user anonymity, doesn't, on its face, seem like a
real problem for tor exit node runners. The second is that I have
considered writting a client myself (I have some things that I want to
play with that is a bit beyond what the current client can do... like
rendezvous nodes that don't publish in the public directory) and I
wouldn't want to end up being considered an abuser

 Where is the security/anonymity reduction since tortunnel also uses
 Tor ?

 Anonymity is entirely gone.

A bit overstated but, not far off. It is as anonymous as any single
hop relay. Also, since it tries to emulate tor traffic to trick the
node, well, if you were running a node (even a non-exit), I would
think that tortunnel traffic would be very hard to distinguish from
non-tortunnel. Of course... this wouldn't help if speed is your goal.

-Steve
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Jim



Sebastian Hahn wrote:

Hi Niklas,

On May 19, 2010, at 6:06 PM, Attac Heidenheim wrote:
Is tortunnel evil since it maybe hacks Tor-cirucits to reduce the  
number

of relays ?


Yes, unfortunately quite a few people use it.
It hurts the network by endangering exit node operators, and
by completely ignoring any of the load balancing that happens
in normal Tor.


Just wondering if anybody from the Tor Project has contacted the author 
to express the concerns with tortunnel.  Particularly about it being 
detrimental to the Tor network.


Jim
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Martin Fick
--- On Wed, 5/19/10, Stephen Carpenter thec...@gmail.com wrote:

 Certainly there is a certain amount of sense to the idea
 that tortunnel traffic may use another system that focuses more
 on speed if tortunnel was unavailable. However, an assumption is an
 assumption and I am not sure how much I buy the truth of it.

Although, I can't help but think that with equal 
resources, the use of a single system could have
benefits too:  shared code paths (and thus 
potentially better debugged), better load 
balancing, more traffic to mix with for those
loving company (anonymity seekers)...

To be more specific about what I mean by equal
resources: suppose that users of system X have 
5 relays, and tor has 5 relays, and both
sets of users used the same bandwidth.  If all 
users used one 10 relay system instead, the 
total bandwidth should be similar.


 I ask for two reasons. The first is logical accuracy, what
 its trying to do, while bad for user anonymity, doesn't, 
 on its face, seem like a real problem for tor exit node 
 runners. The second is that I have considered writting a 
 client myself (I have some things that I want to
 play with that is a bit beyond what the current client can
 do... like rendezvous nodes that don't publish in the public
 directory) and I wouldn't want to end up being considered 
 an abuser
 
I can't help but think that there are indeed 
other use cases that would greatly benefit 
from a independent simpler transport-type 
lower-layer that tor could ride on.  If this 
layer could have more users and more 
resources (relays/coders) dedicated to it 
than just the resources that tor currently 
gets, it could be a net win for tor.

I proposed something like this a year or two
ago and have done nothing with it.  I keep 
coming back to the idea though.  I just 
recently started playing with the concept 
again, I was going to call it PNR for 
Private Natting Router.  Essentially 
attempting to define a very simple OpenVPN 
setup ontop of some natting firewall rules 
and IP forwarding.  A simple system would 
then define a way to add restrictions and 
extra capabilities to such a setup and to 
publish them along with status info.  
Restrictions might be something like: 
can only connect to these other PNRs 
(act as a middle node), or can only go to
the internet via port 80 (exit node 
restriction).  A capability might be 
something like the ability to tunnel 
connections to other individual points 
via a single VPN (to make separate input
streams aggregate into a single output 
stream), or to aggregate/delay packages 
for potentially better mixing.

All of this would create more of a research 
environment where new models could be 
experimented with and still potentially 
benefit from a common deployed foundation. 
It would be possible to explore many new
transport layer speed/latency/bandwidth
optimisations independently from anonymity 
issues.  It might make exploring resource 
management (charging for/exchanging for 
bandwidth...) easier. An implementation of
tor could be designed to ride on such an 
infrastructure.  This implementation would 
embody many of the very clever things that
tor does today, good route selection, 
directory services...


  Anonymity is entirely gone.
 
 A bit overstated but, not far off. It is as anonymous as
 any single hop relay. Also, since it tries to emulate tor 
 traffic to trick the node, well, if you were running a node
 (even a non-exit), I would think that tortunnel traffic 
 would be very hard to distinguish from non-tortunnel. 
 Of course... this wouldn't help if speed is your goal.

I keep searching for that use case where
a user does not need anonymity for any 
individual query, but does on the 
aggregate level.  Perhaps this is 
something some users want, i.e. to never 
access different sites from the same IP.  
Such a use case would be very effectively 
achieved with many single hop relays.

Although I can see why tor is not 
interested in catering to such users, I
can't help but think that they could
help disguise traffic for users 
requiring strong anonymity and they
could potentially add to the resource
pool that tor uses, to ultimately
benefit tor as a whole.

My .02 cents,

-Martin



  
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Anders Andersson
 Just wondering if anybody from the Tor Project has contacted the author to
 express the concerns with tortunnel.  Particularly about it being
 detrimental to the Tor network.

 Jim

The author is a security researcher, the tool is ages old and
abandoned, as far as I know it doesn't work right away unless you
change some of the code, and it was written to check what tor exit
nodes where running sslstrip or in other ways were messing with the
traffic.

I'm not really sure what this fuzz is all about. I wonder how many
people actually use it these days.

Also, *if* Tor can be used in this way, it will be. If no white-hat
will write code to do it, the black-hats will, and the only difference
is that you'll be unaware of the tool.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Moritz Bartl
 To be more specific about what I mean by equal
 resources: suppose that users of system X have 
 5 relays, and tor has 5 relays, and both
 sets of users used the same bandwidth.  If all 
 users used one 10 relay system instead, the 
 total bandwidth should be similar.

Tortunnel is not a separate network, but (ab)uses existing Tor exits. My
guess would be that tortunnel users - client only - don't think a lot
about adding exit relays to Tor. It's not developed any longer, and I
don't think many are using it anyway.

I agree with Stephen that it's not per se a threat to the Tor network.

 I can't help but think that there are indeed 
 other use cases that would greatly benefit 
 from a independent simpler transport-type 
 lower-layer that tor could ride on. 

Have you looked at I2P? http://www.i2p2.de/techintro.html
It for example allows both users and services to specify their hop
length, and uses packet switching instead of circuit switching.

-- 
Moritz Bartl
GPG 0xED2E9B44
http://moblog.wiredwings.com/
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread grarpamp
 The author is a security researcher, the tool is ages old and
  abandoned, as far as I know it doesn't work right away unless you
  change some of the code, and it was written to check what tor exit
  nodes where running sslstrip or in other ways were messing with the
  traffic.

  I'm not really sure what this fuzz is all about. I wonder how many
  people actually use it these days.

  Also, *if* Tor can be used in this way, it will be. If no white-hat
  will write code to do it, the black-hats will, and the only difference
  is that you'll be unaware of the tool.

Agreed as to general sentiment.


 Have you looked at I2P? http://www.i2p2.de/techintro.html
 It for example allows both users and services to specify their hop
 length, and uses packet switching instead of circuit switching.

Phantom does this too... user specified hop counts based on their
needs for speed vs. security. A nice design feature.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread Moritz Bartl
On 19.05.2010 23:58, grarpamp wrote:
 Have you looked at I2P? http://www.i2p2.de/techintro.html
 It for example allows both users and services to specify their hop
 length, and uses packet switching instead of circuit switching.
 Phantom does this too... user specified hop counts based on their
 needs for speed vs. security. A nice design feature.

Is there any working implementation of Phantom? I2P is widely in use,
and I must say that I really begin to like it. Code also looks much
cleaner to me (not: mature). Tor could use a complete rewrite.

-- 
Moritz Bartl
GPG 0xED2E9B44
http://moblog.wiredwings.com/
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Reducing relays = reducing anonymity ? Tortunnel.

2010-05-19 Thread grarpamp
 Is there any working implementation of Phantom? I2P is widely in use,
  and I must say that I really begin to like it. Code also looks much
  cleaner to me (not: mature). Tor could use a complete rewrite.

Not as of yet. They have a specification whitepaper and a video with
slides to give you a pretty good idea. And a blog post indicating some
form of midyear release plans. Other players in the anon space
are surely good things.
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Tor Exit Node Sponsorship - looking for partners

2010-05-19 Thread Moritz Bartl
On 14.05.2010 06:56, and...@torproject.org wrote:
 Can we split entrepreneurial from bad?  I don't see the two as one
 concept.  If someone figures out a way to increase fast exit relays and
 preserve user privacy/anonymity and make money, more power to them. We
 as the non-profit aren't going to stand in their way.  I'm glossing over
 lots issues, but in general, trying and failing until you succeed is a
 fine plan as any.

Can I use the Tor logo in combination with my hosted Tor sponsorship
offer? I'd like to use it as part of a logo, somewhat modified and with
the clear statement that I am not associated to the Tor project and that
the logo is copyrighted by the project.

-- 
Moritz Bartl
GPG 0xED2E9B44
http://moblog.wiredwings.com/
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


[GSoC] JTor Hidden Services

2010-05-19 Thread Kory Kirk
Hello Everyone,

   I am doing GSoC this summer with Tor. My name is Kory Kirk, I am a
Computer Science masters student at Villanova University (west of
Philadelphia); I will be graduating this weekend and then I am moving to
Austin, TX a week later. Last year I also participated in GSoC with the Tor
project adding features to Torbutton Firefox extension. This summer I will
be working on implementing Hidden Service access and publishing capabilities
in the Java implementation of Tor, JTor, with Bruce Leidl. In addition, I
will be revising rend-spec to reflect the current state of Tor hidden
services. You can follow my progress by checking for updates on my GSoC
blog, http://korykirk.com/GSoC/2010http://korykirk.com/GSoC/2010/index.php/,
my proposal is also available there.

  I am very excited to have another Summer of Code with Tor. I look forward
to collaborating with people! My irc nick is koryk feel free to shoot me a
message if you have any questions/critiques of my proposal.

-Kory


Re: perfect-privacy.com, Family specifications, etc.

2010-05-19 Thread Roger Dingledine
On Sun, May 16, 2010 at 12:45:22AM -0500, Scott Bennett wrote:
  The tor man page gives a not very edifying description of the NodeFamily
 statement.  The man page says that the NodeFamily statement may be used more
 than once in a given torrc file.  Does each use define a different Family?

Yes.

 Or do all nodes listed in NodeFamily statements get lumped into a single
 Family?

No.

  What effect does the NodeFamily statement have upon the use of nodes
 whose descriptors already contain some Family information?

Independent. Meaning your Tor client believes family information in the
descriptor, and independently looks at whether you've set the NodeFamily
to indicate not to use two relays in the same circuit.

  I intend to add
 one or more NodeFamily lines to my torrc very shortly, but need to know
 whether a) I have to include all of the nodes in a single, very long run-on
 NodeFamily statement, and b) listing all of perfect-privacy.com's nodes now
 would mean that encountering similar situations with nodes belong to someone
 else would require grouping them with perfect-privacy.com's nodes.  Thanks
 in advance for any answers to these questions!

It would be great to see somebody clean up the man page entry.

Maybe that is you? :)

Thanks,
--Roger

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Answer by perfect-privacy.com Re: perfect-privacy.com, Family specifications, etc.

2010-05-19 Thread Roger Dingledine
On Mon, May 17, 2010 at 09:44:21PM +0200, Moritz Bartl wrote:
  Original Message 
 Subject: Re: - Medium - Tor servers, Tor community wants to disable your
 nodes - General
 Date: Mon, 17 May 2010 13:46:04 +0200
 From: Perfect Privacy Administration ad...@perfect-privacy.com
 Organization: PP Internet Services
[snip]
 A proposal to the TOR developers:  I don't know if it's technically
 possible, but maybe one could introduce a BelongingToFamily entry or a
 similarly named command in future versions of TOR which could work as
 such, as that every server which contains the same BelongingToFamily
 entry (e.g. BelongingToFamily xyz) belongs to the family xyz.
 
 That way one wouldn't have to enumerate all server names in the
 MyFamily section of each and every individual torrc file what causes
 an enormous effort if one adds a lot of servers (and donates a lot of
 traffic) to the Tor network.  As mentioned, we currently would have to
 edit 45+ torrc files on 45+ TOR servers whenever a server is added or
 removed, and the number of our servers is constantly increasing.

The trouble here is that if we make family declarations one-sided, then
I can tell everybody that I'm in blutmagie's family (and X's family and
Y's family and Z's family and ...), and suddenly I'm influencing the
path selection of other clients in a way I shouldn't be able to.

We need to have each set of relays in a family declare the others,
or it's open to attacks like this.

--Roger

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: perfect-privacy.com, Family specifications, etc.

2010-05-19 Thread Jerzy Łogiewa
I apologize for altering the nature of this thread, but can someone please 
summarize what this discussion is about? Who is perfect-privacy.com and why are 
they of concern to Tor users? I am having a difficult time following the 
threads.

--
Jerzy Łogiewa -- jerz...@interia.eu


--
Pamietaj o Dniu Matki!
Wyslij kartkę na komorke  http://linkint.pl/f26f3

***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: Answer by perfect-privacy.com Re: perfect-privacy.com, Family specifications, etc.

2010-05-19 Thread Scott Bennett
 On Thu, 20 May 2010 00:25:33 -0400 Roger Dingledine a...@mit.edu
wrote:
On Mon, May 17, 2010 at 09:44:21PM +0200, Moritz Bartl wrote:
  Original Message 
 Subject: Re: - Medium - Tor servers, Tor community wants to disable your
 nodes - General
 Date: Mon, 17 May 2010 13:46:04 +0200
 From: Perfect Privacy Administration ad...@perfect-privacy.com
 Organization: PP Internet Services
[snip]
 A proposal to the TOR developers:  I don't know if it's technically
 possible, but maybe one could introduce a BelongingToFamily entry or a
 similarly named command in future versions of TOR which could work as
 such, as that every server which contains the same BelongingToFamily
 entry (e.g. BelongingToFamily xyz) belongs to the family xyz.
 
 That way one wouldn't have to enumerate all server names in the
 MyFamily section of each and every individual torrc file what causes
 an enormous effort if one adds a lot of servers (and donates a lot of
 traffic) to the Tor network.  As mentioned, we currently would have to
 edit 45+ torrc files on 45+ TOR servers whenever a server is added or
 removed, and the number of our servers is constantly increasing.

The trouble here is that if we make family declarations one-sided, then
I can tell everybody that I'm in blutmagie's family (and X's family and
Y's family and Z's family and ...), and suddenly I'm influencing the
path selection of other clients in a way I shouldn't be able to.

 How would that be any different from me adding a MyFamily statement
of the current form to my node's torrc that included all four blutmagie
nodes?

We need to have each set of relays in a family declare the others,
or it's open to attacks like this.

 All that would do would be to say to all clients, Don't include
this node in the same circuit as any of the blutmagie nodes.  How would
that be an attack?


  Scott Bennett, Comm. ASMELG, CFIAG
**
* Internet:   bennett at cs.niu.edu  *
**
* A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army.   *
*-- Gov. John Hancock, New York Journal, 28 January 1790 *
**
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/


Re: perfect-privacy.com, Family specifications, etc.

2010-05-19 Thread Scott Bennett
 On Thu, 20 May 2010 00:40:42 -0400 =?utf-8?Q?Jerzy_=C5=81ogiewa?=
jerz...@interia.eu wrote:
I apologize for altering the nature of this thread, but can someone =
please summarize what this discussion is about? Who is =
perfect-privacy.com and why are they of concern to Tor users? I am =
having a difficult time following the threads.

 If you subscribed to this list after the start of the thread, just
go to the list archives, and look for my original message.  It should
all then become clear.


  Scott Bennett, Comm. ASMELG, CFIAG
**
* Internet:   bennett at cs.niu.edu  *
**
* A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army.   *
*-- Gov. John Hancock, New York Journal, 28 January 1790 *
**
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/