North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Tor and network security/administration

  • From: Todd Vierling
  • Date: Wed Jun 21 17:09:52 2006
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta;; h=received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=aoa0xlA2ZGm1GM8bK4DbR6VaSdOVHpxqppwxfOGd9omMmL+GbCSsKLjRYgFZvmS0hH+ndSqXJrtn6452V/KKuEwqTN6hPdl9f4umWm8k6y9+eQNb1GbtyoeRs8iL6N63sRRv7VtX9G8Gz1UmrEmVDmXQNKewLRHvcaqnBJWNt5Q=

On 6/21/06, Kevin Day <[email protected]> wrote:
Failing that, having an exit node look at HTTP headers back from the
server that contained a "X-No-Anonymous" header to say that the host
at that IP shouldn't allow Tor to use it would work.
What's to stop one or more exit node operators from hacking such a
check right back out of the code?

This is a better idea, but still has a bit of defeats-the-whole-point
to it, as it would depend on people obeying that header voluntarily.
Social vs. technological divide, again.

-- Todd Vierling <[email protected]> <[email protected]> <[email protected]>