Shoalsteed / outproxies

Guide and Practices
1 stars 0 forks source link

Issues With outproxies #5

Open Shoalsteed opened 2 years ago

Shoalsteed commented 2 years ago

copied from this reddit thread , response from Diva that I think talks about the issue very clearly: https://www.reddit.com/r/i2p/comments/x93k66/meet_your_maintainer_stormycloud_blog/

"Additional note from a forensic perspective: outproxies are a very "easy" opponent. They are easy to track down and to block (known IP ranges, also traffic pattern recognition works very well). This has to do with the "centralistic" architecture of outproxies (bundling of traffic). Additionally there is a problem of trust involved (like: logs are still either in transit in memory or even "shortly" on persistant storage). AFAIK there are almost no high-traffic services left which are not able to identify in real-time Tor/I2P outproxied traffic and to act accordingly (like tar pitting or feeding back corrupted data). What still works rather well is to chain proxies (like: origin -> tor/I2P network -> outproxy -> proxy endpoint -> destination) - however, the proxy endpoint must be a frequently changing, and within-a-small-timeframe-not-well-known proxy (like every three minutes or so - works OK with stateless protocols). Obviously latency increases a lot - and the user experience becomes difficult. Proxy chains also partly solve the "problem of trust": even if there is logging or leaking on all proxies, it requires cooperation between the proxies (this is again the same attack vector as on I2P networks)."