Thus spake Olaf Selke (olaf.selke@xxxxxxxxxxxx): > Am 24.02.2011 08:45, schrieb grarpamp: > > > There is NO way to detect passive monitoring unless you have access > > to the monitor. > > for each exit node I can set up a unique decoy email account one a > machine controlled my myself, access it over unencrypted pop or imap > sessions thru Tor and wait for a second login from a rogue exit operator > trying to steal my mails. That's no rocket science. There's also the approach described in section 5 of this paper, which actually kind of clever, but might also catch things like intermediate caching proxies. If we could figure out a way to get lots of random black IP space and keep it secret, it would be a fun one to run regularly: http://www.cs.washington.edu/homes/yoshi/papers/Tor/PETS2008_37.pdf http://systems.cs.colorado.edu/~bauerk/papers/PETS08_slides.pdf There's quite a few other side channels available if you can get on the same ethernet segment as a sniffer, or on the same VM host as a suspicious tor node. Most of these techniques are also fairly easy to evade, if you try. -- Mike Perry Mad Computer Scientist fscked.org evil labs
Attachment:
pgphG839Yrdbb.pgp
Description: PGP signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk