[Freedombox-discuss] Decentralized Tor in Freedombox (was: Re: Identity UI)

Ted Smith tedks at riseup.net
Mon Jun 25 15:33:13 UTC 2012


On Mon, 2012-06-25 at 01:59 -0400, Daniel Kahn Gillmor wrote:
> Note also that Tor brings with it its own bit of centralized control, in
> the form of the 8 directory authorities [0] (4 need to be compromised
> for an adversary to gain control over your tor connection), but i think
> that's an improvement over the status quo, at least.
> 

I've thought a little about this before, so I thought I'd chime in here.

Directory servers accumulate and distribute lists of Tor server
descriptors, forming a Tor "consensus" -- the canonical list of all
servers in the network.

This is only the easiest way to get server descriptors into a running
Tor instance, though. You can also override the authoritative directory
servers in the Tor configuration.

One idea that I heard a while ago was running a F2F overlay on the Tor
network. This would entail:

      * Freedomboxes have Tor relays, exits, or bridges running on them
      * These instances distribute their descriptors to their "friends",
        or to some other FB-specific distribution mechanism
      * Other freedomboxes use both these relays, and (to some
        predetermined degree) the mainline Tor network.


The chief drawback (and it is a serious one) is that you partition
yourself pretty severely from bulk of the anonymity set, so if you were
using Tor entirely within the F2F pool, you might be easy to
deanonymize.

On the other hand, this is essentially what's done with Tor bridges,
just scaled up to the entire network.

-- 
Sent from Ubuntu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/freedombox-discuss/attachments/20120625/c9f4ace9/attachment.pgp>


More information about the Freedombox-discuss mailing list