On Wed, 15 Dec 2010 14:29 +0000, "Runa A. Sandvik" <[email protected]> wrote: > It is not recommended because it "can mess up your anonymity in ways > we don't understand". By using only exit relays in, for example, > Germany you have have less relays to choose from than if you used > *any* exit relay in the world. This applies to Entry and Exit, as well > as Exclude.
Just for the record, how can restricting the *entry* nodes set mess one's anonymity up? E.g. using entry guards is recommended and considered to be safe. Are there any plausible conjectures on how to exploit such a restriction? On the other hand, consider a situation when restricting entry nodes could be of some use. Suppose an emigrant does not trust her native country (NC) secret police (SP) and wants to connect to an NC based web-server anonymously. She does not know which nodes are controlled by SP (either in NC or abroad), however, every connection to any NC based node is observable by SP. Thus, using an NC based entry to reach an NC based server does facilitate end-to-end correlations. So it seems wise for the emigrant to avoid using NC based entry nodes. Of course, geoIP techniques are not very reliable and a malicious entry could be located anywhere. However, if restricting entry nodes allows to avoid a priori insecure circuits without any significant adverse effects, it is worth to have EntryNodes option, isn't it? BTW, the stable version does not support country codes in EntryNodes (see l.2512 of src/circuitbuild.c). Are there any plans to implement this feature? -- http://www.fastmail.fm - The way an email service should be *********************************************************************** To unsubscribe, send an e-mail to [email protected] with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
