23 Oct
2015
23 Oct
'15
11:29 a.m.
Let's use your idea of "if one IP fails and TTL expired then re-fetch". This could also make it "easier" to identify people connecting to Facebook. As your client guard, I see you do the fetch + IP/RP dance (3 circuits in short period of time where two are killed). I wait 2 hours and then kill all circuits passing through me from you. If I can see again that distinctive HS pattern (3 circuits), I'll get closer to know that you are accessing FB.
Would that not happen if and only if (in the meantime) the server had had a server outage impacting the first IP that the client tries reconnecting to?
Odds on, the client entry guard will see no measurable change?
-a