[liberationtech] Tor Exit Nodes Mapped and Located | HackerTarget.com
liberationtech at lewman.us
liberationtech at lewman.us
Sun Mar 10 18:23:02 PDT 2013
On Sun, 10 Mar 2013 11:32:20 -0700
Yosem Companys <companys at stanford.edu> wrote:
> http://hackertarget.com/tor-exit-node-visualization/
>
> Tor Exit Nodes Located and Mapped
Tor includes a Network Map which also maps nodes across a Mercator
projection of the globe. I don't understand this fetish with Google
mapping everything (why not openstreetmap? why not doing lat/long
coordinate mapping on your own map?). However, it apparently exists. Ok,
moving on.
The usage of blutmagie is an interesting choice, when
https://metrics.torproject.org/ and https://compass.torproject.org/ and
https://atlas.torproject.org/ all exist with gobs more data, including
the raw source data on which all of those sites are built. Freegeoip.net
uses the same MaxMind GeoList database we do. Google has it's own GeoIP
database as well. I wonder which one is most accurate.
What's more valuable to me is the list of exit relays by ISP.
Intuitively, it makes sense. Cheap, well-connected server providers are
going to be attractive to those running Tor relays (exits or not). I
take this list to mean, "this is the list of ISPs who care about
Internet freedom". It sure seems small.
The other implication here is that Tor exits can be monitored. Yes, we
know. We've been saying this for a decade. Here's one blog post about
it, https://blog.torproject.org/blog/plaintext-over-tor-still-plaintext.
It's part of the reason the EFF and Tor write HTTPS Everywhere for
Chrome and Firefox, https://www.eff.org/https-everywhere.
Your ISP can watch your traffic too, and inject ads or redirect DNS. In
fact, there's a billion dollar market for traffic management at ISPs.
I'm assuming this means the providers are looking to manage Tor traffic
as well.
For me, the visualization is a cool map, a product pitch for
hackertarget llc, and just raises some implications for operational
security.
Larger questions it raises in my mind are about AS-aware routing,
what does it mean to have a large concentration of exit relays in
pro-freedom ISPs, and what about legal jurisdictions and MLATs?
There is some on-going work on the AS-awareness question, see
http://freehaven.net/anonbib/bibtex.html#DBLP:conf:ccs:EdmanS09 and
http://freehaven.net/anonbib/bibtex.html#oakland2012-lastor and
http://freehaven.net/anonbib/bibtex.html#ndss13-lira
As for some measurement of anonymity and risk modulo concentration of
exit relays? Who knows. Sounds like a fine project.
And I know of at least one group working on the MLAT and legal
arbitrage question as it relates to tor circuits and relays.
I look forward to more analysis and proposed research theories to
improve the Tor network in the future.
--
Andrew
http://tpo.is/contact
pgp 0x6B4D6475
More information about the liberationtech
mailing list