Comment by sandworm101
13 hours ago
No. They should not try to survive such attacks. The best defense to a temporary attack is often to pull the plug. Better than than potentially expose users. When there are 10x as many bad nodes as good, the base protection of any anonymity network is likely compromised. Shut down, survive, and return once the attacker has moved on.
This is why Tor is centralized, so that they can take action like cutting out malicious nodes if needed. It’s decentralized in the sense that anyone can participate by default.
> so that they can take action like cutting out malicious nodes if needed
How does that work?
While anyone can run a Tor node and register it as available, the tags that Tor relays get assigned and the list of relays is controlled by 9 consensus servers[1] that are run by different members the Tor project (in different countries). They can thus easily block nodes.
[1]: https://consensus-health.torproject.org/
4 replies →
Why would an attacker move on if it can maintain a successful DoS attack forever?
Because botnets are mostly there to make money nowadays. Or owned by state actors.
Either way, it’s opportunity cost.
The mentioned botnet didn't intentionally take down I2P. It's run by bunch of kids who don't know what they're doing.