diff options
| author | Robert Ransom <rransom.8774@gmail.com> | 2012-09-18 16:38:01 -0400 |
|---|---|---|
| committer | Robert Ransom <rransom.8774@gmail.com> | 2012-09-18 16:38:01 -0400 |
| commit | d1c4cf2f5adbfa3810164d18428ee06ccbed6451 (patch) | |
| tree | 80295d86d17c18074e7d36e4d3a823cafbcd73db /src/or | |
| parent | 9d3e497edb25d8161ba166ae5cec8fabf8b462fd (diff) | |
| download | tor-d1c4cf2f5adbfa3810164d18428ee06ccbed6451.tar tor-d1c4cf2f5adbfa3810164d18428ee06ccbed6451.tar.gz | |
Correct comment explaining why tor2web mode should disable entry guards
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/config.c | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/src/or/config.c b/src/or/config.c index c77f7fbee..affe2388b 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -2523,15 +2523,13 @@ options_validate(or_options_t *old_options, or_options_t *options, } if (options->Tor2webMode && options->UseEntryGuards) { - /* Tor2WebMode is incompatible with EntryGuards in two ways: - * - * - Tor2WebMode uses its guard nodes as rend and intro points. - * This makes tor2web users fingerprintable by their continued - * selection of the same 3 nodes for these circuits (their guard - * nodes). - * - * - Tor2WebMode makes unexpected use of circuit path lengths - * in ways that prevent us from applying the PathBias defense. + /* tor2web mode clients do not (and should not) use entry guards + * in any meaningful way. Further, tor2web mode causes the hidden + * service client code to do things which break the path bias + * detector, and it's far easier to turn off entry guards (and + * thus the path bias detector with it) than to figure out how to + * make a piece of code which cannot possibly help tor2web mode + * users compatible with tor2web mode. */ log_notice(LD_CONFIG, "Tor2WebMode is enabled; disabling UseEntryGuards."); |