[or-cvs] r8939: mention that Tor provides anonymity and that anonymity is im (in tor/trunk: . doc/design-paper)
nickm at seul.org
nickm at seul.org
Sun Nov 12 22:05:19 UTC 2006
Author: nickm
Date: 2006-11-12 17:05:18 -0500 (Sun, 12 Nov 2006)
New Revision: 8939
Modified:
tor/trunk/
tor/trunk/doc/design-paper/blocking.tex
Log:
r9299 at totoro: nickm | 2006-11-12 17:05:09 -0500
mention that Tor provides anonymity and that anonymity is important. Heh.
Property changes on: tor/trunk
___________________________________________________________________
svk:merge ticket from /tor/trunk [r9299] on 96637b51-b116-0410-a10e-9941ebb49b64
Modified: tor/trunk/doc/design-paper/blocking.tex
===================================================================
--- tor/trunk/doc/design-paper/blocking.tex 2006-11-12 21:56:34 UTC (rev 8938)
+++ tor/trunk/doc/design-paper/blocking.tex 2006-11-12 22:05:18 UTC (rev 8939)
@@ -274,7 +274,8 @@
The Tor design provides other features as well that are not typically
present in manual or ad hoc circumvention techniques.
-First, the Tor directory authorities automatically aggregate, test,
+First, Tor has a fairly mature way to distribute information about servers.
+Tor directory authorities automatically aggregate, test,
and publish signed summaries of the available Tor routers. Tor clients
can fetch these summaries to learn which routers are available and
which routers are suitable for their needs. Directory information is cached
@@ -283,8 +284,8 @@
of compromised directory authorities, we use a threshold trust scheme---
see Section~\ref{subsec:trust-chain} for details.)
-Second, Tor clients can be configured to use any directory authorities
-they want. They use the default authorities if no others are specified,
+Second, the list of directory authorities is not hard-wired.
+Clients use the default authorities if no others are specified,
but it's easy to start a separate (or even overlapping) Tor network just
by running a different set of authorities and convincing users to prefer
a modified client. For example, we could launch a distinct Tor network
@@ -345,6 +346,17 @@
something else: hundreds of thousands of different and often-changing
addresses that we can leverage for our blocking-resistance design.
+Finally and perhaps most importantly, Tor provides anonymity and prevents any
+single server from linking users to their communication partners. Despite
+initial appearances, {\it distributed-trust anonymity is critical for
+anticensorship efforts}. If any single server can expose dissident bloggers
+or compile a list of users' behavior, the censors can profitably compromise
+that server's operator applying economic pressure to their employers,
+breaking into their computer, pressuring their family (if they have relatives
+in the censored area), or so on. Furthermore, in systems where any relay can
+expose its users, the censors can spread suspicion that they are running some
+of the relays and use this belief to chill use of the network.
+
We discuss and adapt these components further in
Section~\ref{sec:bridges}. But first we examine the strengths and
weaknesses of other blocking-resistance approaches, so we can expand
More information about the tor-commits
mailing list