Uptime Sanity Checking

coderman coderman at gmail.com
Fri Mar 9 12:00:24 UTC 2007


On 3/8/07, Roger Dingledine <arma at mit.edu> wrote:
> ... Right now we're vulnerable to the situation where
> an attacker signs up 1000 servers with uptimes of 2 years

question: how are nodes accepted into the verified directories currently?

i know the process is constrained and vetted somewhat, but no details
seem to be documented anywhere.  (that is, it takes X days for Tor ops
to notice your notification and process accordingly (assuming your
request/node appear legitimate))

uptime anomalies should be instantly detectable to an observer
watching the network grow.  discerning honest node contributors from
covert maliciousness is much more difficult though...



More information about the tor-dev mailing list