
RAPTOR: Routing Attacks on Privacy in Tor - aburan28
http://arxiv.org/abs/1503.03940
======
wahsd
I wonder if there is a similar pipeline of developing hardening techniques
based on the pipeline of research into vulnerabilities of things like Tor.

~~~
tedks
It's basically the same community working on both hardening and attacking Tor.
Typically if you can find a vulnerability in Tor, you can patch it, and
researchers usually work with the Tor developers to get the patches into Tor
before disclosing them.

~~~
schoen
Some of the papers have definitely led to improvements in Tor (like
refinements in how guard nodes are selected, or in other aspects of path
selection) but I think there are also attacks from the research community that
Tor hasn't found practical ways to mitigate yet.

Some mitigations may need to come from outside of Tor -- things that make the
Internet as a whole more stable, harder to eavesdrop on, and harder to
selectively disrupt.

------
throwaway7767
How fitting that arxiv blocks access by tor with a 403.

~~~
mike-cardwell
They don't "block access by tor". They blocked the particular exit node that
you were using, probably because abuse originated from it. I just managed to
access the site via Tor fine.

~~~
throwaway7767
I guess I've been very unlucky in my exit node selection then, the last few
times I've tried to access arxiv through tor I've gotten a 403.

It's very common for sites to use third-party blocklists, and all those lists
compete on number of blocked addresses so they all include tor. So lots of
sites are not accessible through tor. I'm glad if arxiv is not one of them,
though it sounds like their blocking system is a bit overprotective.

I wish these sites would just give read-only access instead of blocking access
to content.

