Thus spake Matej Kovacic ([EMAIL PROTECTED]): > Hi, > > I have another idea. With Snakes On A Tor you are trying to estimate > amount of exit "abusers" and catch them. > > What about some simple exit traffic analysis to detect how many people > are using non-encrypted communications? > > We would have then the estimation about actual and potential abuse.
Heh, no thanks. So then we know what? That when given guns, people are likely to shoot themselves with them? Big surprise ;) I do have to fight my evil twin nearly every day to not write a script to watch google queries on my exit. It's a harder battle than quitting smoking. I bet Tor users google for some really interesting stuff. I considered proposing using aggregate query stats for research purposes (hey, could be another reason for Universities to run tor nodes), but in light of this AOL deal (and also US wiretap law), such a thing would probably be suicide. The wiretap thing is debatable though.. my ISP informs me they record whatever they feel like, I should be able to do the same why not. One idea that I did consider was asking if anyone ran or would care to run any honeypots, and then log into those with unique POP/IMAP/telnet/web/whatever logins/passwords for each exit (or a group of exits). Then we could tell if certain exits were actually USING this plaintext data. But keeping the IPs of these honeypots a secret would be incredibly hard, if nothing else because malicious exit owners probably would be able to figure it out over a preriod of time based on usage patterns. Once the honeypots are known, malicious exits would just not use them. For stuff like this, I agree with Roger, everyone should be using SSL anyway. Those who don't use IMAPS/POPS should be weeded from the population via death by embarassment. Bring on the Wall of Sheep. Unfortunately for exe/doc formats, there is seldom the option for even an MD5, let alone gpg sig. And SSL is out of the question for most of these sites. So some other stopgap was needed. -- Mike Perry Mad Computer Scientist fscked.org evil labs
