[tor-dev] Tor Geolocating exit nodes.

JP Wulf wulf.jp at gmail.com
Wed Jun 18 08:38:22 UTC 2014


So Griffin Boyce is canvasing for some input to improve Tor, specifially
for Journalists.
https://twitter.com/abditum/status/479052228138119168

1. It is known that various actors are trying to compromise Tor comms by
establishing
own exit nodes. With enough nodes, they can break Tor (see slides).

2. Idea: Is it possible to allow the end user to determine the geo-location
(with various degrees of fine tuning from hemisphere, through continental,
to top country domain to regional?
(I have NFI about the inner workings of TOR protocol and new work on it)

For example. Say a journalist in Russia is using Tor, s/he declares in
their tor client, that they only want to use exit nodes in South America
and Australia. Thus minimising the chance the nodes are owned.

This geolocation could perhaps be used to validate the integrity of the
nodes (how I dont know, maybe by establishing TOR honeypots that can only
be compromised through traffic through a compromised (owned) exit node).

Risk:
This is a rats nest, because if implemented incorrectly it may allow
hostile actors to direct exit nodes to those that are owned.

Thanks for reading my fiction. Maybe its useful in the light of what
Griffin is asking about.


-- 
JP Wulf
Problem Solution Engineering
http://nomeonastiq.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20140618/4bc9ff80/attachment.html>


More information about the tor-dev mailing list