On 12/3/13, Carribbean Rob <carrybean@???> wrote:
> Hi,
>
> I believe that one of the drawbacks of Tails, when compared to other
> privacy focused distributions, is that the entry nodes change each boot
> when using a DVD. This is fine if the IP address that someone is
> connecting to Tor from also changes but in some scenarios this may not be
> the case. As the Tor Blog outlines in a recent post, changing entry nodes
> each boot can become a security risk over time [1].
>
> I have been thinking about how to improve this situation while also
> preserving the non-persistent nature of booting Tails from a DVD where
> keeping /var/lib/tor across boots is difficult.
>
> Would it be possible to choose entry guards on the first boot and then use
> the IP of the guard as a seed for a 4 word passphrase, maybe XOR'd with a
> PIN to increase the search space? Given the small number of entry guards
> it would be trivial to later match the supplied four word passphrase with
> the correct bridge/PIN on the next boot. This way you would be able to
> choose the same entry guard each boot until it goes down. When the entry
> guard goes down, a new 4 word passphrase is generated and recorded by the
> user. If three entry guards are used then a 12 word phrase would be output
> where each four words would represent a bridge.
Nice try, but (a) that doesn't store enough information about each
guard, and (b) users will not cooperate. See
<
https://bugs.torproject.org/2653> for the real fix.
Robert Ransom
