[tor-talk] Question Regarding Routing of Network-Traffic using Tor-Browser

Felix felix.wiedenroth at gmx.de
Sun Nov 1 10:10:22 UTC 2015


Hello,

I read the linked Page and understand most of the ideas behind the 
concept of using only a few number of Entry-Guadrs. However, as I 
understand Entry Guards are chosen by Parameters like Response-Time or 
Network-Bandwidth.

If  i.e North Corea. would like to control the Tor-Network in NC, NC 
would have to do the following things:

1. Slow down (or disable) the rest of the Internet from outside NC 
extremely.
2. Setup some fast Tor-Servers (Primary Entry Guards) inside NC.
3. Provide fast Tor-Relays (inside NC) that are accessible from these 
Entry Guards (other Tor-Relays are slow from or inaccessible these Entry 
Guards)
4. Provide (fast) Exit-Nodes inside NC.

In this scenario the fast Primary Entry Guards would proably the chosen 
for almost any Network-Traffic using Tor, and I could at least see which 
IP-Source-Adresse would bei using Tor.

If the rest of the Tor-Network would rely on Performance-Data for 
Routing the Traffic, NC could proably also see the Tor-Relays (and maybe 
even the Exit-Nodes) - so Tor would be (somehow) useless.

So in my opinion it would be at least a good (configurable) option to 
provide dynamic switching of the Entry-Guards - as this would at least 
make it more difficult to trace every move of a Tor-User.

Regards,

Felix



Am 01.11.2015 02:24, schrieb Harmony:
> Felix:
>> Hello,
>>
>> I am from Germany and I use the Tor-Browser very often. I think Tor is a
>> great product.
>>
>> I have a question regarding the connection from my Tor-Browser to the
>> Tor-Network.
>>
>> I noticed, that Tor tends to always connect to the same Tor-Relays on
>> the internet. I can observe this when I monitor the connections using
>> Netstat on my Linux-machine - even after restart of the Tor-Browser or
>> even after a reboot of the Linux-machine.
>>
>> So my initial Idea was to delete the "cached*-files" in the
>> /Data/Tor-Directory before each start - but this does not help - Tor
>> always connects basically to the same Tor-Nodes all the time. I think
>> this is probably due to an internal "ranking" in the Tor-Network.
>>
>> So my question is, would´nt it be better (or more secure) for the
>> End-User, if the Tor-Browser (or the Onion-Router) would change the used
>> Tor-Relays i.e. every 5 minutes. As the Tor-Browser connects to more
>> than one Tor-Relay, this could be staged, Drop Tor-Relay 1 after
>> connection to Tor-Relay 3 has been established i.e.
>>
>> Are there any plans to enhance the Tor-Network / the Tor-Browser in this
>> direction?
> Hello Felix,
>
> https://www.torproject.org/docs/faq#EntryGuards
>
> This is in fact a safety mechanism that Tor uses, as explained in the
> above link. If your browser connected to new 'first-hop' relays every
> time, there would be a greater chance that one day all the relays in
> your circuit are attacking you. By picking one (or a few) guards only
> and cycling them rarely, it is that much more tedious for anyone who is
> waiting until you pick their bad relay in order to attack you.
>
> Tor certainly did at one stage change its circuits after ten minutes, as
> you suggest, but for various reasons this was altered, and in any case
> Tor Browser itself manages circuits in a different way to the core Tor
> program. It's a much-discussed question and no one yet has the perfect
> answer.
>
> If for some reason you really do need to change the guards that your
> browser is using, the file to delete is called 'state', and it is under
> Browser/TorBrowser/Data/Tor (on Linux). Generally, however, you should
> not do that.
>
> [I am not an expert on any of the above.]
>
> Thanks,
>
>> Thank you very much.
>>
>> Regards,
>>
>> Felix



More information about the tor-talk mailing list