[tor-dev] exit-node block bypassing
Ximin Luo
infinity0 at gmx.com
Tue Dec 31 11:07:32 UTC 2013
Hey all,
Flashproxy[1] helps to bypass entry-node blocks. But we could apply the general idea to exit-nodes as well - have the exit-node connect to the destination via an ephemeral proxy. The actual technology probably needs to be different since we can't assume the destination has a flashproxy (websocket/webrtc) PT server running, but we could probably find a technical solution to that.
However, I talked this over with a few people and there might be legal and security issues. A few points:
- running an exit node carries a great risk, it would be bad/unethical to let ephemeral proxy runners take this risk
- (for security reasons we don't fully understand) there is a process for trusting exit nodes and/or detecting misbehaviour (I see badexit emails from time to time). this would be made much harder if exits were ephemeral.
- someone could create a massive number of ephemeral exit nodes and capture a lot of exit traffic, giving them extra data to de-anonymise people.
I was wondering if any of these have been discussed in depth before already, or if the general topic of exit-node block bypassing is something to be explored.
X
[1] http://crypto.stanford.edu/flashproxy
--
GPG: 4096R/1318EFAC5FBBDBCE
git://github.com/infinity0/pubkeys.git
More information about the tor-dev
mailing list