> Can you please say a little more about this for all of us who are not au > fait with all command options?
Relays have an option to allow single hop connections through them, which is off by default. If relays *do* set this and allow single hop circuits through themselves then Tor clients by default avoid them for *any* usage in their circuits. Here's the description from the man page [1]: ExcludeSingleHopRelays 0|1 This option controls whether circuits built by Tor will include relays with the AllowSingleHopExits flag set to true. If ExcludeSingleHopRelays is set to 0, these relays will be included. Note that these relays might be at higher risk of being seized or observed, so they are not normally included. Also note that relatively few clients turn off this option, so using these relays might make your client stand out. (Default: 1) In short, there's no proof that these relays are bad but we avoid them because they're riskier (hopefully the parallels with the current discussion are obvious). > Could you please say a little more about this case and "sybil attack[s]"? A sybil attack is where a huge number of relays operated by a single entity appear with the goal of doing bad things (for instance operating the first and last circuit hops to correlate traffic). Again, during that incident we didn't have proof that the seven hundred Trotsky relays appearing out of the blue were bad - we invalidated them because they were highly suspicious, lacked contact information, and had no family entry set. In both of those cases we took harder measures based on suspicion of malicious intent than we are with these plaintext-only relays. Despite its name, the BadExit flag really isn't a big whoop - the relays are still perfectly usable for guard and middle hop positions. They just aren't seeing exit traffic any longer. -Damian [1] https://www.torproject.org/docs/tor-manual.html *********************************************************************** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/