somebody should write a research/position paper on this rotating UserAgent idea that keeps coming up.
Roger Dingledine commited on 2008-03-30 10:37:35
Zeige 1 geänderte Dateien mit 17 Einfügungen und 0 Löschungen.
- en/volunteer.wml 3c260079b..1f30fbef8
| ... | ... |
@@ -1091,6 +1091,23 @@ tradeoff.</li> |
| 1091 | 1091 |
<li>It's not that hard to DoS Tor relays or directory authorities. Are client |
| 1092 | 1092 |
puzzles the right answer? What other practical approaches are there? Bonus |
| 1093 | 1093 |
if they're backward-compatible with the current Tor protocol.</li> |
| 1094 |
+<li>Programs like <a |
|
| 1095 |
+href="https://torbutton.torproject.org/dev/">Torbutton</a> aim to hide |
|
| 1096 |
+your browser's UserAgent string by replacing it with a uniform answer for |
|
| 1097 |
+every Tor user. That way the attacker can't splinter Tor's anonymity set |
|
| 1098 |
+by looking at that header. It tries to pick a string that is commonly used |
|
| 1099 |
+by non-Tor users too, so it doesn't stand out. Question one: how badly |
|
| 1100 |
+do we hurt ourselves by periodically updating the version of Firefox |
|
| 1101 |
+that Torbutton claims to be? If we update it too often, we splinter the |
|
| 1102 |
+anonymity sets ourselves. If we don't update it often enough, then all the |
|
| 1103 |
+Tor users stand out because they claim to be running a quite old version |
|
| 1104 |
+of Firefox. The answer here probably depends on the Firefox versions seen |
|
| 1105 |
+in the wild. Question two: periodically people ask us to cycle through N |
|
| 1106 |
+UserAgent strings rather than stick with one. Does this approach help, |
|
| 1107 |
+hurt, or not matter? Consider: cookies and recognizing Torbutton users |
|
| 1108 |
+by their rotating UserAgents; malicious websites who only attack certain |
|
| 1109 |
+browsers; and whether the answers to question one impact this answer. |
|
| 1110 |
+</li> |
|
| 1094 | 1111 |
</ol> |
| 1095 | 1112 |
|
| 1096 | 1113 |
<p> |
| 1097 | 1114 |