Hacker News new | past | comments | ask | show | jobs | submit login

There are no incentives. I'm pretty sure the vast majority does it for altruistic reasons. At least all those I've met. Many run relays with spare resources they pay for anyway. Others rent a cheap VPS to run a relay. $10 gives you a surprisingly large amount of bandwidth if you avoid the cloud like the plague.

Governments have other possibilities. Why should they run a relay if they can force the ISP to mirror the traffic of all relays to them?




Can you expand on that last bit? I don’t understand how this compromises the entire network or any individual user. The ISPs only have layer 3 data in plaintext. We can perform timing/throughput analysis attacks against individuals, but not the entire network. These operations are VERY expensive/difficult.


Not an expert at all but from my understanding a traffic correlation attack doesn't require someone to run the relay he just needs to see what traffic enters and leaves it. So the German BND for example can just go to Hetzner (15% Tor traffic) and ask them to mirror the traffic of all relays to them. They don't have to run any relays themselves.

Alt227 has a point but the Tor network is centered around a handful countries where traffic is cheap and there aren't that many huge IXs and Tier 1 ISPs where much of the traffic flows through.

I'm not saying that this is done but it's IMHO more likely than state actors running thousands of relays.


I think we have the same understanding. I read this as

“a state actor has the physical capabilities/resources to perform an attack that determines Alice was speaking to Bob.”

I totally agree. Im just pointing out that we still have layer 5 encryption to protect the contents of our messages. Also at that point, if you’re so important they would just grab a warrant and raid your home.


Governments dont have authority outside of their borders. They cannot force foreign ISP to give over the same information. Therefore they could only mirror nodes on IP addresses issued to companies in their country.


Governments will just get other governments to let them tap their fiber.


Right, like China and Russia are going to let USA tap their fibre?


Conveniently, tor nodes are blocked by the Chinese and Russian governments.


Your post was 'Governments will just get other governments to let them tap their fiber.'

You have, conveniently, moved your point back to tor when I pointed out the folly of your statement.


The discussion is about tor. If you look at the countries where tor nodes are hosted fiber tapping is a relevant attack vector.


And I was pointing out that governments need to be on particularly friendly terms to achieve this, which doesnt make it a universal attack vector.

Here, have an example:

https://www.telegraph.co.uk/news/worldnews/asia/japan/104090...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: