On 09/05/2013 03:05 PM, Robert G wrote: > Is the fundamental problem that these clients are connecting to TOR without > the user knowing?
It depends on how you define "user" ;( If they're bots, computer owners don't know. But the botnet owner does. > Could there be an initial, one time, human test for for access? Unique > tokens could be granted after a CAPTCHA, or something similar, and > exchanged for initial handshakes between routers and clients. Of course > then you'd have the problem of who to trust to sign these "is-human" tokens > without centralizing. There could be something similar to a web of trust. > This would be a huge headache for people that operate a large number of > routers, but maybe that's also a good thing? That might help. Doing a few 1e+6 CAPTCHAs would be a pain. But there's software for that, so you'd need rather difficult CAPTCHAs. > On Thu, Sep 5, 2013 at 8:22 AM, Anton Nikishaev <m...@lelf.lu> wrote: > >> Roger Dingledine <a...@mit.edu> writes: >> >>> Anybody know details? It's easy to speculate (Pirate Browser publicity >>> gone overboard? People finally reading about the NSA thing? Botnet?), >>> but some good solid facts would sure be useful. >> >> Check this out >> >> >> http://blog.fox-it.com/2013/09/05/large-botnet-cause-of-recent-tor-network-overload/ >> >> >> -- >> lelf >> >> >> >> -- >> tor-talk mailing list - tor-talk@lists.torproject.org >> To unsusbscribe or change other settings go to >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk >> -- tor-talk mailing list - tor-talk@lists.torproject.org To unsusbscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
