Hi Arturo,
On 18 April 2012 17:47, Arturo Filastò art@baculo.org wrote:
On 4/18/12 5:33 PM, Andrew Clausen wrote:
Do .exit addresses already do what you had in mind? For example, if you add "AllowDotExit 1" to your torrc, you can type an address like this
No, .exit notation is a bad idea because it allows people to force you to exit through a particular exit node of their choosing.
I suppose this is true, according to the spec. (When I tested this out, the implementation seemed to match my proposal below rather than the spec. I haven't had a chance to look at it.)
However, it would be easy to change Tor slightly. If Tor used four ORs rather than three with .exit addresses, then there would be no problem. The only difference between using "http://myserver.exit" rather than "https://myserver.com" would be that the last hop would use the Tor protocol rather than HTTP.
For example I can place a <img src=""> tag on a website and de-anonymize every user by getting them to go through my address.
The situation for <img src="http://myserver.exit"> would be no worse than for <img src="http://myserver.com">
Cheers, Andrew