> Censorship Circumvention: Exit Side ... what if there were a pool of exit bridges that you could use via this mechanism? Would that pool have any less abuse or incidence of banning? What if this pool were pay-to-use?
This can already be solved outside of the network by setting up a VPS and chaining it after the exit node (you still have to figure out a way to pay for it anonymously and it's a PITA to set it up).
> What if you posted a monetary amount via a ZK smart contract, and if there was abuse reported, that money became forfeit?
Now that sounds interesting. Not sure how it would work in practice tho.
> This can already be solved outside of the network by setting up a VPS and chaining it after the exit node (you still have to figure out a way to pay for it anonymously and it's a PITA to set it up).
This isn't really a solution. Not only do you have to pay for it "anonymously", but any slip up at all suddenly correlates all your traffic. What do you do when an adversary compromises your VPS, will you even notice?
> You already have to operate as if an exit node could be bad, it's not that different.
Tor's anonymity is guaranteed by its probability and temporary nature of exit nodes. Every Tor client uses the same algorithm to select an exit node, and a single exit node in a circuit is typically discarded within a few minutes for web browsing. Further, Stream Isolation selects different exit nodes for different destinations. Effectively, it means the correlation between an individual Tor user and a particular exit node is practically zero (and tracking at Layer-7 is often better than breaking Tor).
It's like discarding and selecting one of the 1,000 dead-drops at a time, and all of them are being used by a million people. On the other hand, purchasing a VPS is like setting up a single, permanent dead-drop just for yourself. The correlation is almost-certain, and the cost of getting a new one is high.
It may be a solution to a very specific problem where pseudonymous access is needed, like using a VPN/VPS to bypass the Tor blacklist of your E-mail account, and ONLY TO ACCESS your E-mail account. But for greater applications which requires anonymity, or very-shortlived pseudonymity, it's generally unsuitable. You don't want to ruin your valuable VPS that you've spent half-an-hour to purchase via Bitcoin, only to bypass the blacklist of a random website.
Some may suggest a pool of VPS servers can be provided, and well, be purchased on-demand via Lightning Network's micropayment (old-school Cypherpunks will love this idea, the idea had been around since the 1990s, and has eventually become feasible today!). But it effectively recreate the Exit Node infrastructure that Tor is using.
That's true of Tor entrance nodes too. The key is to not let the first node in the chain know _what_ you're sending, and not let the last node in the chain know _who_ is sending it.
This is the exact problem solved by onion-routing. The first node is called "Guard" for a reason, it can directly monitor all incoming connection to the network, but if onion-routing is used and the system is properly designed, it usually doesn't matter. The only information revealed is the fact that someone has connected.
A really low end VPS is ~$10-$20 a year. Setting up is a matter of connecting to it's ssh trough tor and enabling dynamic port forwards - basically a single command line (and configuring whatever application you have to use that port). It's not too costly or technically hard. The main problem is payment as it is with VPNs.
On the other hand a VPN may solve some of the traffic correlation problems depending on how they operate. How would you go about setting it up at the exit end tho? The only time I've used a VPN it was prepackaged to install as a network adapter, meaning traffic would go trough it before it enters Tor, I imagine?
10 comments
[ 0.12 ms ] story [ 24.1 ms ] threadThis can already be solved outside of the network by setting up a VPS and chaining it after the exit node (you still have to figure out a way to pay for it anonymously and it's a PITA to set it up).
> What if you posted a monetary amount via a ZK smart contract, and if there was abuse reported, that money became forfeit?
Now that sounds interesting. Not sure how it would work in practice tho.
This isn't really a solution. Not only do you have to pay for it "anonymously", but any slip up at all suddenly correlates all your traffic. What do you do when an adversary compromises your VPS, will you even notice?
You already have to operate as if an exit node could be bad, it's not that different. One could swap them each month.
> any slip up at all suddenly correlates all your traffic
Hadn't considered that, may be a major downside for some use cases. Easily solved by using one VPS for one service / website you visit :D
Tor's anonymity is guaranteed by its probability and temporary nature of exit nodes. Every Tor client uses the same algorithm to select an exit node, and a single exit node in a circuit is typically discarded within a few minutes for web browsing. Further, Stream Isolation selects different exit nodes for different destinations. Effectively, it means the correlation between an individual Tor user and a particular exit node is practically zero (and tracking at Layer-7 is often better than breaking Tor).
It's like discarding and selecting one of the 1,000 dead-drops at a time, and all of them are being used by a million people. On the other hand, purchasing a VPS is like setting up a single, permanent dead-drop just for yourself. The correlation is almost-certain, and the cost of getting a new one is high.
It may be a solution to a very specific problem where pseudonymous access is needed, like using a VPN/VPS to bypass the Tor blacklist of your E-mail account, and ONLY TO ACCESS your E-mail account. But for greater applications which requires anonymity, or very-shortlived pseudonymity, it's generally unsuitable. You don't want to ruin your valuable VPS that you've spent half-an-hour to purchase via Bitcoin, only to bypass the blacklist of a random website.
Some may suggest a pool of VPS servers can be provided, and well, be purchased on-demand via Lightning Network's micropayment (old-school Cypherpunks will love this idea, the idea had been around since the 1990s, and has eventually become feasible today!). But it effectively recreate the Exit Node infrastructure that Tor is using.
It might be cheaper and easier to connect to any one of the commercial VPN providers.
On the other hand a VPN may solve some of the traffic correlation problems depending on how they operate. How would you go about setting it up at the exit end tho? The only time I've used a VPN it was prepackaged to install as a network adapter, meaning traffic would go trough it before it enters Tor, I imagine?