Igor Mitrofanov wrote:
> If it's important enough to do on a single relay, it's important
> enough to do it across the entire network. I bet there are, and will
> always be, plenty of exit node operators not reading this email list,
> or not planning to do anything,
If it's important enough to do on a single relay, it's important
enough to do it across the entire network. I bet there are, and will
always be, plenty of exit node operators not reading this email list,
or not planning to do anything, or not configuring everything
properly, etc.
On Tue, Sep 12,
Ralph Seichter wrote:
> On 12.09.17 23:43, Roman Mamedov wrote:
>
> > > I take it you're being ironic?
> >
> > Guess I failed at doing that well, if you had to clarify. (Or maybe
> > you didn't read my entire message.)
>
> I did read it. Just the pitfalls of non-verbal
On 12.09.17 23:43, Roman Mamedov wrote:
> > I take it you're being ironic?
>
> Guess I failed at doing that well, if you had to clarify. (Or maybe
> you didn't read my entire message.)
I did read it. Just the pitfalls of non-verbal communication, and I'm
also not a native English speaker. ;-)
>
On Tue, 12 Sep 2017 23:28:35 +0200
Ralph Seichter wrote:
> On 12.09.17 23:06, Roman Mamedov wrote:
>
> > Too bad DNS servers are not something a regular person can own, so we
> > have to be at mercy of those shady all-knowing uber-powerful Owners
> > of the DNS Servers.
On 12.09.17 23:06, Roman Mamedov wrote:
> Too bad DNS servers are not something a regular person can own, so we
> have to be at mercy of those shady all-knowing uber-powerful Owners
> of the DNS Servers.
I take it you're being ironic? These days, if you want to get serious
about controlling your
On 12.09.17 23:00, jpmvtd...@laposte.net wrote:
> An attacker can try to find what websites a Tor user has visited, by
> comparing :
> - the timing of Tor user home connection traffic and
> - the timing of DNS queries happening on DNS servers controlled by the
> attacker
I'm aware of that. With
On Tue, 12 Sep 2017 13:43:35 -0700
"Igor Mitrofanov" wrote:
> Alternatively, the Tor community could run our own DNS servers, and every
> exit node would use those by default.
On Tue, 12 Sep 2017 22:11:23 +0200 (CEST)
jpmvtd...@laposte.net wrote:
> from the owner
On 12/09/2017 20:25, Ralph Seichter wrote:
> I'm not certain what you consider a "DNS attack".
>
> Many exit node operators run a caching DNS resolver on their exits,
> which is easily done. Lacking that, you can use the resolvers run by
> your ISP, who can monitor all outbound traffic anyway, as
On 12.09.17 22:43, Igor Mitrofanov wrote:
> Every Tor relay can have a simple resolver built-in, and/or perhaps
> all Tor relays could be running a DHT-style global DNS cache.
"Simple resolver" won't do, IMO. It must be robust and fully DNSSEC
capable, which means reinventing the wheel. There is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
FWIW
https://nymity.ch/tor-dns/
- --
Toralf
PGP C4EACDDE 0076E94E
-BEGIN PGP SIGNATURE-
iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWbhJhxccdG9yYWxmLmZv
ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTpv2AP9kJ8gHOBENl1T1H9V8GKHNl56L
I wonder if these are all half-measures, and Tor needs a first-class solution
to the DNS weakness.
Every Tor relay can have a simple resolver built-in, and/or perhaps all Tor
relays could be running a DHT-style global DNS cache.
In case of a cache miss, the exit relay could build a circuit to
On 12.09.17 22:11, jpmvtd...@laposte.net wrote:
> My idea is designed to protect the exit node against a DNS attack from
> the owner of the DNS server. Not from the ISP or an attacker monitoring
> the traffic going in and out of the ISP data center.
I'm not certain what you consider a "DNS
On 12.09.17 21:17, jpmvtd...@laposte.net wrote:
> My idea is to make more DNS queries than necessary, in order to hide
> the useful DNS queries among useless DNS queries.
I'm not sure what you are trying to accomplish. Usually, a DNS query is
followed by an outbound connection to the returned IP
Andrea transcribed 1.2K bytes:
> On 07/09/2017 02:16, nusenu wrote:
> > Hi,
> >
> > do you know anything about >18k Machiavelli named bridges that have been
> > added in the last few days? (>4k currently running)
>
> Hi,
>
> I started a relay node called "Machiavelli" about 1 year ago, and I
On August 7, 2017 20:07:05 UTC, Igor Mitrofanov wrote:
> The DNS issue is in the "long tail" - rare/unique websites
> are unlikely to be cached, yet they likely represent the
> most interesting targets.
> I do agree that running dnsmasq (or a similar caching resolver) is probably
> sufficient to
This guy sure is persistent!
Check out this recent thread:
https://lists.torproject.org/pipermail/tor-relays/2017-September/012934.html
On Sep 12, 2017 11:17, wrote:
> Hello,
>
> Recently, I installed a new Tor exit node. A few days later, I received an
> email on the
Hi All,
This is clearly something that operators want.
> https://nos-oignons.net/Services/index.en.html
This looks like a great idea. I can't promise immediate progress on
this, but I'll file a trac ticket shortly and hopefully progress can be
made soon.
Thanks,
Iain.
18 matches
Mail list logo