perfect-privacy.com, Family specifications, etc.

CyberRax cyberrax at yahoo.com
Mon May 17 06:04:00 UTC 2010


> > While some of them appear to be guards, none is running as an
> > exit node, so this should not be possible.

> Thanks for pointing that out, Paolo.  I had missed that.  However,
> it should not be possible to get more than one of them in any given 
> circuit route, but because they are not grouped into a single Family, 
> a circuit could consist of all nodes except the exit node being 
> perfect-privacy.com's nodes.

For most users it would suffice if all PerfectPrivacy nodes would 
loose their Guard flag (which for those who haven't explicitly set 
"UseEntryGuards 0" in their TORRC would mean that PerfectPrivacy 
servers would act the way they seems to be set up - as middle-relays).
As far as I can tell the main problem are the German relays which 
list other family members as PPrivGermanyX, while the servers themselves 
use the names PPrivComGermanyX. So it would be enough if servers 
PPrivComGermany2 - PPrivComGermany5 would become invalid.

The exact definition of "family" seems somewhat foggy in the 
documentation. The Tor manual says "controlled or administered by 
a group or organization identical or  similar to that of the other 
servers" which to me reads "is run by the same people", while the 
TorFAQ starts with "don't run more than a few dozen on the same 
network" which seems to indicate that the physical network is what 
defines a family (which seems to be how the PerfectPiracy folks are 
defining it). It's only the last line of that section which says "You 
should set MyFamily if you have administrative control of the computers 
or of their network". Seems like an optional thing to me rather than a 
requirement.

Personally I have mixed feelings about disabling a whole node-family 
just to send a message. Sure, it'll probably work and definitely would 
help Tor's security, but it'd also be bad for the networks throughput 
and punish the relay operators for something that doesn't seem to have 
been explicitly said out loud.




***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list