Surveillance rules, feature suggestion

Michael Schmidt schmidtm524 at googlemail.com
Sun Nov 25 17:39:02 UTC 2007


this is a good idea, see the thread to do this over f2f,
in your model this is done as well, but you need to make sure, that a
middelman-only node NEVER connects to another node, which is any other node
in the same law-country,
So the middleman-only-node connecting to another middleman-only-node  in
germany is redundant, as if one is analyzed, the logs offer as well the
other in the same law zone, so the hop is redundant and waste in the point
of security.
A german middlenode-only to an german-exit-node is a dead thing !
Only german middlenode-only-peer connecting to ANY kind of node Outside the
law area is useful.

the idea to use F2F would allow to have the waste of 2 german middlenodes
broken, which means this is helpful to have both or more hops, even as well
for using a different law-Exit node from the law-zone (do not mix up with
the web-exit node) in the chain.

So this means: Middelnodes in the law aerea are only useful with ONE hop and
ONLY connections to law-outside-nodes. But who will determine that all in a
p2p way if a node is outside, then the analyzers just need to set up a
dedicated server in the USA or India and the middle-node is as well
analyzed.

Third, to prevent this, you then need as well several middle nodes in the
law zone, which is not really a prevention, as both or all three need to
log, So if the middle-node is contacting a malicious law-outside node, your
are done.

Here as well only F2F helps to connect to stable trusted prooved firiends in
the outside-law aerea.
If there is a random peer is choosen, then the middlenode as well is
analyzed in the case of a trap.

2007/11/25, Smuggler <smuggler at kryptohippie.com>:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hello,
>
> I wonder if it would be a good thing to define "Middleman-Only" nodes.
> Those nodes would ONLY talk to other Tor-Nodes. They will not accept
> connections from non-Tor-nodes and not relay to non-Tor-nodes.
> While the latter is currently configurable via the exit-policy the
> former is not directly supported and thus quick hacks (like firewalling)
> reduce the speed and reliability of the network.
>
> The reason why to do this is that those nodes would not provide relaying
> to the "public" and thus imho not fall under the various EU Data
> retention rules.
>
> Comments welcome.
>
> Regards,
> smuggler
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFHSa56OMmnRrmEoQkRAkMAAJ9iwIMcKY5unSpRXaRqasFzL5nByACfVeh/
> 21anvrJOq/M/ODR6zQGEeGg=
> =Rqur
> -----END PGP SIGNATURE-----
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20071125/4787b002/attachment.htm>


More information about the tor-talk mailing list