Delivery-Date: Thu, 12 Nov 2015 05:24:50 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 943351E0678;
	Thu, 12 Nov 2015 05:24:48 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E6D6E37E9F;
	Thu, 12 Nov 2015 10:24:43 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 683F8341CC
 for <tor-talk@lists.torproject.org>; Thu, 12 Nov 2015 10:24:40 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id DXctmtr1OYGt for <tor-talk@lists.torproject.org>;
 Thu, 12 Nov 2015 10:24:40 +0000 (UTC)
Received: from mail-lf0-x231.google.com (mail-lf0-x231.google.com
 [IPv6:2a00:1450:4010:c07::231])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 0D43B37038
 for <tor-talk@lists.torproject.org>; Thu, 12 Nov 2015 10:24:40 +0000 (UTC)
Received: by lfs39 with SMTP id 39so31280935lfs.3
 for <tor-talk@lists.torproject.org>; Thu, 12 Nov 2015 02:24:36 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:in-reply-to:references:date:message-id:subject:from:to
 :content-type; bh=LePceSBvI4FP/Q3Tmr67unlYi+CCTcKm/xlg9n3sccI=;
 b=yfJTmHV2iHEvIAkRRfcTKxGbyJgKld2RhQtFUJOk0+Pii7NP7iSqm88Cag9nvTpETY
 /glRLTp3gtDANj6rZtIjfDlreq5xDnt4oUH376OOCveW0aQcmnXpQ4k3trXzgWsh0CFJ
 uAl9x3YDH+/kQjQ3tl/c/hRSRBHFu9L5h6MZx09qUi6+b/b+4bndkSLPkAqDFruATZAc
 BwsoQ10iXV/JwN/Nf9gnKz8X+3wrzMjya+81W4sUDaoE7f+51eGIci2f2pZIeJBYGAGq
 xfH2eKvzFL4Qk5bChDemz4+yrYpzebw/99NhHOq08YljQArnBnNHi6XfudmAaX3OtgrQ
 nLjA==
MIME-Version: 1.0
X-Received: by 10.25.87.71 with SMTP id l68mr6580921lfb.97.1447323876805; Thu,
 12 Nov 2015 02:24:36 -0800 (PST)
Received: by 10.25.40.66 with HTTP; Thu, 12 Nov 2015 02:24:36 -0800 (PST)
In-Reply-To: <CAJ5w9HU7POa3nZB5u=Qp2VtyD=nHycYTVynyRzSLE2qkYjoYQA@mail.gmail.com>
References: <CAJ5w9HU7POa3nZB5u=Qp2VtyD=nHycYTVynyRzSLE2qkYjoYQA@mail.gmail.com>
Date: Thu, 12 Nov 2015 02:24:36 -0800
Message-ID: <CAJVRA1QShcUXiKhO60=3ZvmYVbOObHSmAyon90EHMRQkQTz3gg@mail.gmail.com>
From: coderman <coderman@gmail.com>
To: Soul Plane <soulplane11@gmail.com>, tor-talk@lists.torproject.org
Subject: Re: [tor-talk] Did the FBI Pay a University to Attack Tor Users?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 11/11/15, Soul Plane <soulplane11@gmail.com> wrote:
> ...
> Is this a problem that can't be stopped, these relays that may join the
> network in an effort to de-anonymize users?

conflating issues; let's pick apart,

can you stop evil relays from ever participating?
 No. however the design of Tor takes this into account through guard
selection, circuit building, consensus decisions, see
https://ritter.vg/p/tor-vlatest.pdf

can you stop enough evil relays from routinely be selected in circuits
such that correlation like this is impossible?
 Probably! this is where better relay checking techniques (beyond the
usual exit checks) could help. Note that troubleshooting for tor-relay
community would be advantaged by more robust checks as well.

can you stop evil relays from using 0day attacks against users?
 No; 0day has, does, and will continue to happen. this is why defense
in depth is important - you don't know if you might one day fall into
a window of vulnerability to the wrong attacker and end up without
Tor's privacy protections.



> Can anyone still flood the
> network with tons of relays?

yes, and this is annoying.
 see LizardSquad attempted Tor DoS.

this kind of crap sybil does not affect the anonymity of clients however!



> Though the relays that were identified were
> removed wouldn't someone persistent just learn from that and differentiate
> more?

this is the challenge. when an attacker is motivated, patient, well
funded, and exercising utmost stealth, it is very difficult to
distinguish their behavior from others in the world wide Tor relay
community.


best regards,
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

