Delivery-Date: Tue, 02 Feb 2016 07:50:26 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 538811E0A28;
	Tue,  2 Feb 2016 07:50:24 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 38A9A396F2;
	Tue,  2 Feb 2016 12:50:20 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id D0C37396E3
 for <tor-talk@lists.torproject.org>; Tue,  2 Feb 2016 12:50:16 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Tx1oF6-8ZrVG for <tor-talk@lists.torproject.org>;
 Tue,  2 Feb 2016 12:50:16 +0000 (UTC)
Received: from khazad-dum.seul.org (khazad-dum.csail.mit.edu [128.31.0.47])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "moria.seul.org", Issuer "moria.seul.org" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id B739E396E2
 for <tor-talk@lists.torproject.org>; Tue,  2 Feb 2016 12:50:16 +0000 (UTC)
Received: by khazad-dum.seul.org (Postfix, from userid 501)
 id 348A01E0A28; Tue,  2 Feb 2016 07:50:14 -0500 (EST)
Date: Tue, 2 Feb 2016 07:50:14 -0500
From: Roger Dingledine <arma@mit.edu>
To: tor-talk@lists.torproject.org
Message-ID: <20160202125014.GM7734@moria.seul.org>
References: <56AE1D6B.6060804@infosecurity.ch>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <56AE1D6B.6060804@infosecurity.ch>
User-Agent: Mutt/1.5.20 (2009-12-10)
Subject: Re: [tor-talk] Exit Traffic classification and discrimination
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sun, Jan 31, 2016 at 03:42:51PM +0100, Fabio Pietrosanti (naif) - lists wrote:
> But 90% of my resources (given the previous hypotetical assumption)
> would be happily pumping non-abuse-generating Tor exit traffic.
> 
> Does anyone ever done some kind of testing or analysis about that kind
> of approach?

Well, the first question there is to learn whether your assumption
about destinations is actually true -- is most Tor traffic going to a
small number of sites, or are many Tor destinations in the "long tail"?

I spoke to Tariq Elahi at length about exactly this research question,
because they want to run some exit relays and try to answer it. They had
some good plans for how to do it safely -- use Privex to combine views
from several exits so you can't go back and learn which exit saw which
destination, write nothing to disk except the final answer, etc.

(I put together a draft set of guidelines for how to do safe research
like this as part of the 32c3 onion services talk:
https://media.ccc.de/v/32c3-7322-tor_onion_services_more_useful_than_you_think
)

My suggestion to him at the time was to write up the details for why his
design is safe, and get them vetted by other researchers in public, before
proceeding. I haven't talked to him about how it's going since then.
Hopefully he didn't skip too many of the recommended steps. :)

--Roger

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

