|
|
|
|
|
|
by belorn
3593 days ago
|
|
|
> enables the attacker to penalize non-attacker-controlled circuits, and cause Tor clients to settle on compromised ones That's the key question. Will clients "settle" on compromised ones, or just continue to try access the penalized (dead) circuits? A few years ago, there were a bug which was used to rapidly force users to create new paths. The Tor Project fixed that bug, but they also added a extra precaution for future bugs by limiting how new paths were selected in regard to guard nodes. As to my understanding, when a client first connects, it initially generate a random (but consensus weighted) subset selection of all guard nodes. It then randomly picks one from that selection when creating new paths, which mean that only guard nodes in the selection can ever be picked by the client. A client that is attacked as described in the article will just cycle through its lists indefinitely and never choose a compromised node, unless it already picked a compromised node initially. |
|
|