On Thu, Nov 11, 2021 at 03:35:26PM +0000, Gary C. New via tor-relays wrote:
This Message Originated by the Sun.
iBigBlue 63W Solar Array (~12 Hour Charge)
+ 2 x Charmast 26800mAh Power Banks
= iPhone XS Max 512GB (~2 Weeks Charged)
On Thursday, November 11, 2021, 5:59:45 AM PST, gus <firstname.lastname@example.org> wrote:
On Wed, Nov 10, 2021 at 09:14:58PM +0000, z-relay--- via tor-relays wrote:
> I'll throw in my 2 cents.
> Limitations with current approach:
> 1. Asking all relay operators to list their email addresses in the public relay list is largely equivalent to asking them to invite tens of thousands of spam emails into their inboxes and having to either ignore most of them or set up aggressive filtering rules which can easily bounce legitimate messages.
I'm running relays and spam is not an issue. It's a pain if you're
running exit nodes, then you will get abuse notifications from your ISP.
And if spam is an issue for you, you could manage that using GitLab
Service Desk feature, for example:
Service Desk | GitLab
>This also opens up a convenient channel for "adversaries" to harass or even coerce the relay operators.
Actually, that would be quite stupid from their part to do that... by
email. Anyway, if that happens, contact us.
Anyway, my question is:
Why your ISP can contact you, but the Tor Community can't have
an easy way to reach out to an operator?
> 2. Middle relays can be used for attacking and the only defense being "list your email addresses or else we'll kick you out" throws a sizable wretch into the credibility and technical soundness of the whole project. If the "adversaries" are capable of de-anonymize tor users by simply running a middle relay that by design knows neither the real sources nor the real destinations of the traffic through it, I wonder how hard would it be for them to set up an email address?
> Some suggestions to consider:
> 1. Since the DAs and the relays already know each others' IP addresses and public ID keys. Perhaps tor can add a feature where the DAs can send authenticated and encrypted short messages to the relays, which can then verify the messages and log them in syslog or log files as configured in torrc.
> The messages can be something along the lines of "Your relay is misconfigured in ABC ways, please do XYZ to fix it. Contact our help desk at ***@torproject.org if you have questions or need further assistance.".
> 2. As a stop term solution before this feature can be implemented would be listing all the misconfigured relays on a page hosted by torproject.org, and make the page easy to discover by linking to it on relay help pages. Same idea here, I'm sure many are happy to reach out for instructions to correct any misconfigurations, but that does not mean all of us are excited about publishing an email address in a public list, nor it is technically necessary.
Thanks for your suggestion. But, in my experience, unrecommended relays
are already listed on Metrics page and operators didn't act/notice until
we got in touch and asked them to upgrade.
> From: Georg Koppen 'gk at torproject.org' <email@example.com>
> Sent: Wednesday, November 10, 2021 6:40 PM
> To: firstname.lastname@example.org <email@example.com>
> Subject: Re: [tor-relays] Recent rejection of relays
> Jonas via tor-relays:
> > Where is this criteria documented?
> I am not sure what criteria you mean but we have our bad-relay
> criteria documented at our wiki and keep fingerprints we reject due
> to attacks we noticed there as well.
> > It seems the tor project, or its designated volunteers, are increasing controlling and managing the network. In the Swiss Federation and EU this turns the tor project into an "online service provider" or "online platform" and subjects one to all sorts of regulations and compliance regimes.
> > We already get enough requests from the police regarding relays hosted in our datacenters. Shall we point them at tor as the network operator?
> The Tor Project is not running the network. It's comprised of relays run
> mostly by volunteers. I am actually not really sure either what you are
> proposing to be honest. Shall we just keep the relays attacking our
> users in the network instead?
> Criteria for rejecting bad relays · Wiki · The Tor Project / Network Health / Team · GitLab
> Rejected fingerprints found in attacks · Wiki · The Tor Project / Network Health / Team · GitLab
> > ---------- Original Message ----------
> > On Wed, November 10, 2021 at 8:59 AM, Georg Koppen<firstname.lastname@example.org> wrote:
> > Hello everyone!
> > Some of you might have noticed that there is a visible drop of relays on
> > our consensus-health website. The reason for that is that we kicked
> > roughly 600 non-exit relays out of the network yesterday. In fact, only
> > a small fraction of them had the guard flag, so the vast majority were
> > middle-only relays. We don't have any evidence that these relays were
> > doing any attack, but there are attacks possible which relays could
> > perform from the middle position. Therefore, we decided we'd remove
> > those relays for our users' safety sake.
> > _______________________________________________
> > tor-relays mailing list
> > email@example.com
> > tor-relays Info Page
> tor-relays mailing list
> tor-relays Info Page
The Tor Project
Community Team Lead
tor-relays mailing list
tor-relays Info Page
tor-relays mailing list
tor-relays Info Page