TOR and ipfilterX


Beware Peerguardian , PeerBlock , etc. users ,
do not rely on anonymity using Tor while on Peerblock Client .

On Wed, May 14, 2008 at 05:18:33PM +0200, Nexus23 Labs. wrote:
> Hi ,
> I’m Karl from Nexus23 Labs .
> We make research on ip ranges which we wouldn’t connect to ,
> I think you heard of peerblock or ipfilter feature in many p2p clients ,
> so I’m asking you if you and your team could make available
> this feature for tor clients ,
> the possibility to import such an ipfilter.dat or txt
> so to have ability to ban any of the ip ranges listed in it .

The Answer :

A) Your tool would not be able to ban the “use” of various
Tor nodes in the circuit just by looking at outgoing connections
to the first hop, since the Tor client tunnels into connections from
the first hop to the further hops.
So if you want to make statements like “don’t use Germany
in the circuit”, a tool that monitors the client’s network won’t be able
to do that.

But more importantly,

B) Tor’s anonymity comes from having users blending
together by making choices over the same set of data using the same weights.
If a given Tor user started choosing paths differently, she would stand out,
and actually get *worse* anonymity. This particular field of path selection
is not well-understood and full of pitfalls that might be extremely bad.

So I would worry that if you provided a feature like this for your users,
it would end up harming them in unpredictable ways.

Hope that helps,
Roger Dingledine

Note :
Obviously you can still load ipfilterX into P2P Clients while on TOR ,
that’s why the two things are using different net protocols .

This entry was posted in Uncategorized and tagged , , , . Bookmark the permalink.