On the risks of serving whenever you surf

Jon McLachlan, Nicholas Hopper
2009 Proceedings of the 8th ACM workshop on Privacy in the electronic society - WPES '09  
In Tor, a bridge is a client node that volunteers to help censored users access Tor by serving as an unlisted, first-hop relay. Since bridging is voluntary, the success of this circumvention mechanism depends critically on the willingness of clients to act as bridges. We identify three key architectural shortcomings of the bridge design: (1) bridges are easy to find; (2) a bridge always accepts connections when its operator is using Tor; and (3) traffic to and from clients connected to a bridge
more » ... interferes with traffic to and from the bridge operator. These shortcomings lead to an attack that can expose the IP address of bridge operators visiting certain web sites over Tor. We also discuss mitigation mechanisms.
doi:10.1145/1655188.1655193 dblp:conf/wpes/McLachlanH09 fatcat:2lopglt6svempjs3fd5mzkp6ue