On 12/3/13, Carribbean Rob <[email protected]> wrote: > Hi, > > I believe that one of the drawbacks of Tails, when compared to other > privacy focused distributions, is that the entry nodes change each boot > when using a DVD. This is fine if the IP address that someone is > connecting to Tor from also changes but in some scenarios this may not be > the case. As the Tor Blog outlines in a recent post, changing entry nodes > each boot can become a security risk over time [1]. > > I have been thinking about how to improve this situation while also > preserving the non-persistent nature of booting Tails from a DVD where > keeping /var/lib/tor across boots is difficult. > > Would it be possible to choose entry guards on the first boot and then use > the IP of the guard as a seed for a 4 word passphrase, maybe XOR'd with a > PIN to increase the search space? Given the small number of entry guards > it would be trivial to later match the supplied four word passphrase with > the correct bridge/PIN on the next boot. This way you would be able to > choose the same entry guard each boot until it goes down. When the entry > guard goes down, a new 4 word passphrase is generated and recorded by the > user. If three entry guards are used then a 12 word phrase would be output > where each four words would represent a bridge.
Nice try, but (a) that doesn't store enough information about each guard, and (b) users will not cooperate. See <https://bugs.torproject.org/2653> for the real fix. Robert Ransom _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
