Hacker News new | comments | show | ask | jobs | submit login
RAPTOR: Routing Attacks on Privacy in Tor (arxiv.org)
38 points by aburan28 on Mar 16, 2015 | hide | past | web | favorite | 6 comments

I wonder if there is a similar pipeline of developing hardening techniques based on the pipeline of research into vulnerabilities of things like Tor.

It's basically the same community working on both hardening and attacking Tor. Typically if you can find a vulnerability in Tor, you can patch it, and researchers usually work with the Tor developers to get the patches into Tor before disclosing them.

Some of the papers have definitely led to improvements in Tor (like refinements in how guard nodes are selected, or in other aspects of path selection) but I think there are also attacks from the research community that Tor hasn't found practical ways to mitigate yet.

Some mitigations may need to come from outside of Tor -- things that make the Internet as a whole more stable, harder to eavesdrop on, and harder to selectively disrupt.

How fitting that arxiv blocks access by tor with a 403.

They don't "block access by tor". They blocked the particular exit node that you were using, probably because abuse originated from it. I just managed to access the site via Tor fine.

I guess I've been very unlucky in my exit node selection then, the last few times I've tried to access arxiv through tor I've gotten a 403.

It's very common for sites to use third-party blocklists, and all those lists compete on number of blocked addresses so they all include tor. So lots of sites are not accessible through tor. I'm glad if arxiv is not one of them, though it sounds like their blocking system is a bit overprotective.

I wish these sites would just give read-only access instead of blocking access to content.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact