[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] the privacy of public tor descriptor data



"l.m" <ter.one.leeboi@hush.com> writes:

> A project that promotes privacy and anonymity
> is in violation of it's own purpose the moment it tries to force the
> operator to identify themselves. I think you did just that. At least
> that was the effect.

Tor has never claimed to promote the privacy and anonymity of relays;
that would be silly, given that relays are part of a public directory.
Tor does promote the anonymity of its users, and any right of relay operators
not to be mildly questioned must be secondary to that.

It's reasonable to ask what's up with a MyFamily-less, ContactInfo-less
group of new relays hosted at a university,
because, unfortunately, paying attention to exactly that sort of phenomenon
would have allowed Tor to detect and prevent the hidden service deanonymization
attack perpetrated by US-CERT (based at but independent from cmu.edu)
in the cancelled Black Hat talk.

Further, for the same reason, it's worth asking whether someone running relays
for research purposes on the live Tor network,
which people do depend on for anonymity, is performing human subjects research,
which ought to require ethics review board approval at a reputable university.

If the choice is between making some inquiries about a relay operator
and letting that relay operator possibly deanonymize users,
the choice is obvious.

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk