No. They should not try to survive such attacks. The best defense to a temporary attack is often to pull the plug. Better than than potentially expose users. When there are 10x as many bad nodes as good, the base protection of any anonymity network is likely compromised. Shut down, survive, and return once the attacker has moved on.

▲

conradev 3 hours ago | parent | next [-]

This is why Tor is centralized, so that they can take action like cutting out malicious nodes if needed. It’s decentralized in the sense that anyone can participate by default.

▲

notpushkin an hour ago | parent [-]

> so that they can take action like cutting out malicious nodes if needed

How does that work?

▲

cyphar 42 minutes ago | parent [-]

While anyone can run a Tor node and register it as available, the tags that Tor relays get assigned and the list of relays is controlled by 9 consensus servers[1] that are run by different members the Tor project (in different countries). They can thus easily block nodes.

[1]: https://consensus-health.torproject.org/

	▲	flipped 8 minutes ago \| parent [-]
		It's 10, not 9. And there are severe problems with having a total of 10 DA be the essential source of truth for whole network. It would be trivial to DDoS the DAs and bring down the Tor network or at the very least, disrupt it. It's the only complaint I have of the current state of Tor. Anyone should be able to run directory authority, regardless if you trust the operator or not (same as normal relays).

▲

4 hours ago | parent | prev | next [-]

[deleted]

▲

martin-t 5 hours ago | parent | prev [-]

Why would an attacker move on if it can maintain a successful DoS attack forever?

	▲	flipped 3 minutes ago \| parent \| next [-]
		The mentioned botnet didn't intentionally take down I2P. It's run by bunch of kids who don't know what they're doing.
	▲	xmcp123 5 hours ago \| parent \| prev [-]
		Because botnets are mostly there to make money nowadays. Or owned by state actors. Either way, it’s opportunity cost.