25 tbreg relays in directory

Scott Bennett bennett at cs.niu.edu
Mon Jun 29 11:26:47 UTC 2009


     On Mon, 29 Jun 2009 05:14:25 -0600 Jim McClanahan <jimmymac at copper.net>
wrote:
>Scott Bennett wrote:
>
>>      Ouch.  This provides another example in support of having a way
>> for the directory authorities to render insecure versions ... 
>> and only usable as clients to connect to the tor project's web site to
>> download a current version of tor.
>
>This kind of thinking baffles me.  It seems diametrically opposed to the
>notion of free software.  I could understand if the outdated client was

     How so?  It's still free of charge, freely available, and freely
modifiable and redistributable.  (GPL3-licensed software doesn't qualify,
IMO.)

>endangering the Tor network (which was discussed in the portion of the
>comment I skipped over with the ellipsis).  And I would have no problem

     Insecure relays endanger the network.  Insecure clients installed
virally onto systems without notice to the users endanger those users.

>with a friendly advisory as long is it wasn't incessant nagware that
>couldn't be disabled.  But I don't understand the desire to dictate to

     I don't think the current log messages are so influential as all that.
Just take a look at the current consensus. :-(

>people or some nanny viewpoint of trying to save people from
>themselves.  (Before somebody makes an argument of keeping the Internet
>free of compromised machines, I rather imagine the number of machines
>compromised because of Tor software would be lost in the statistical

     Again, when the software is installed by stealth onto the machines
of unsuspecting users, then the probability on each user's machine becomes
100%.  In other words, the number of machines w.r.t. the user is 1 out of 1,
a ratio that cannot be considered "lost in the noise" for that user.

>noise of all the other ways machines get compromised.  And I don't think
>the unsavory purpose these "tbreg" instances are put to is a relevant
>factor.)
>
     How so?  I note that you deleted all the relevant context in your reply.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************



More information about the tor-talk mailing list