Hacker News new | comments | show | ask | jobs | submit login

I wonder if there is a similar pipeline of developing hardening techniques based on the pipeline of research into vulnerabilities of things like Tor.



It's basically the same community working on both hardening and attacking Tor. Typically if you can find a vulnerability in Tor, you can patch it, and researchers usually work with the Tor developers to get the patches into Tor before disclosing them.


Some of the papers have definitely led to improvements in Tor (like refinements in how guard nodes are selected, or in other aspects of path selection) but I think there are also attacks from the research community that Tor hasn't found practical ways to mitigate yet.

Some mitigations may need to come from outside of Tor -- things that make the Internet as a whole more stable, harder to eavesdrop on, and harder to selectively disrupt.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: