Re: [tor-relays] BoingBoing Says Running Exits Is No Trouble re: LEA

[Kenneth Freeman]

On 07/06/2016 01:01 PM, grarpamp wrote:
> https://boingboing.net/2016/07/01/researchers-find-over-100-spyi.html
> "Many people fear that running an exit node will put them in police
> crosshairs if it gets used in the commission of a crime. For the
> record, Boing Boing runs a very high-capacity exit node, and though
> we've received multiple contacts from US law enforcement, we've just
> explained that this is a Tor node that runs with logging switched off,
> and thus we have no information that'll be relevant to any
> investigations, and the officers involved have thanked us and gone
> away without further trouble." -- BoingBoing

Along those lines, it is possible to incorporate yourself. The default
is "Don't talk to cops," but if any individuals have incorporated
themselves to provide that helpful corporate legal layer I am unaware of
it. In any case, have your legalese in place. Law enforcement agencies
would rather not waste resources.





0xDD79757F.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] BoingBoing Says Running Exits Is No Trouble re: LEA

[Kenneth Freeman]

On 07/06/2016 01:09 PM, Green Dream wrote:
> Except the operators at BoingBoing have the privilege of corporate
> liability (instead of personal liability), and very likely corporate
> counsel (i.e., a nice legal team) as well.
> 
> It seems easier to say "don't worry about it, it's not really a problem"
> from that perspective.
> 
> For the average Tor volunteer operator, all that comfort, protection and
> privilege is gone. _My_ ass is on the line. Or at least it feels that way.
> 
> I guess I'm saying, I wouldn't get too comfortable. Definitely not to the
> point of breaking rule #1 of running an exit -- don't do it from home.

Exits are best run from some corporate set-up for this very reason. They
have the legal infrastructure baked in, so to speak.

In there's one phrase you never want to be on the wrong side of, it's
"The way the law is written..."

In today's Slashdot article on "honions" the Library Freedom Project was
touted, and for very good reason.

https://yro.slashdot.org/story/16/07/08/2034209/researchers-discover-over-100-tor-nodes-designed-to-spy-on-hidden-services#comments

So go to your local library's board meeting and tout Tor exits!



0xDD79757F.asc
Description: application/pgp-keys


signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] dns request capitalization, tor and unbound

[Tristan]

That's my thought as well. At any rate, not using a cache for DNS queries
would add even more latency to the network.
On Jul 9, 2016 10:01 AM, "Petrusko"  wrote:

>
> It shouldn't affect unbound's ability to cache anything.  However, I
> personally think it is inappropriate to run a DNS cache on an exit
> node, because that preserves a record on the exit node of what people
> are using it for.
>
> zw
>
> Hey,
> I'm not an Unbound expert, I think Unbound doesn't log any DNS queries...?
> What I know is only statistics can be given with the command
> "unbound-control stats", only numbers are shown.
> In my unbound.conf, the only log config lines are :
> logfile: "/var/log/unbound.log"
> use-syslog: no
>
> And this /var/log/unbound.log doesn't exist on my system...
> Is there way to see DNS queries made by users ?
>
> For me, about privacy, it's not necessary a problem about "knowing what
> are doing your Tor users", because if it's not you, it will be your DNS
> resolvers... As read before, a lot of Tor exists are using Google DNS :p (I
> think it's lol about privacy!)
> So the bad guy will know the DNS queries, but he doesn't know who has made
> it (only exit IP is shown ?), so privacy is safe ?
>
>
> --
> Petrusko
> PubKey EBE23AE5
> C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] dns request capitalization, tor and unbound

[Petrusko]

> It shouldn't affect unbound's ability to cache anything.  However, I
> personally think it is inappropriate to run a DNS cache on an exit
> node, because that preserves a record on the exit node of what people
> are using it for.
>
> zw
Hey,
I'm not an Unbound expert, I think Unbound doesn't log any DNS queries...?
What I know is only statistics can be given with the command
"unbound-control stats", only numbers are shown.
In my unbound.conf, the only log config lines are :
logfile: "/var/log/unbound.log"
use-syslog: no

And this /var/log/unbound.log doesn't exist on my system...
Is there way to see DNS queries made by users ?

For me, about privacy, it's not necessary a problem about "knowing what
are doing your Tor users", because if it's not you, it will be your DNS
resolvers... As read before, a lot of Tor exists are using Google DNS :p
(I think it's lol about privacy!)
So the bad guy will know the DNS queries, but he doesn't know who has
made it (only exit IP is shown ?), so privacy is safe ?

-- 
Petrusko
PubKey EBE23AE5
C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] in/out bandwidths and packet sizes

[Tim Wilson-Brown - teor]

> On 9 Jul 2016, at 19:00, Toralf Förster  wrote:
> 
> Signed PGP part
> I'm just curious, why at my exit relay the bandwidth is constantly around 8 
> MByte/sec in both directions with a 2-3% higher value for the inbound bw 
> whereas the amount of incoming packets is 25% and more higher more than the 
> outgoing packet amount.
> 
> And as always I do have the question in mind: Would that be helpful for an 
> attacker ?

Some packets in and out are Tor cells, which are limited to 512 bytes.
Other packets are exchanged with the wider Internet, and are likely a multiple 
of 512 bytes (from cells) on the way out, but can be any size (from the remove 
website) on the way in.

I don't think it's an issue.

Tim

> 
> --
> Toralf
> PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n






signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] in/out bandwidths and packet sizes

[Toralf Förster]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

I'm just curious, why at my exit relay the bandwidth is constantly around 8 
MByte/sec in both directions with a 2-3% higher value for the inbound bw 
whereas the amount of incoming packets is 25% and more higher more than the 
outgoing packet amount.

And as always I do have the question in mind: Would that be helpful for an 
attacker ?

- -- 
Toralf
PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7
-BEGIN PGP SIGNATURE-
Version: GnuPG v2

iF4EAREIAAYFAleAvUQACgkQxOrN3gB26U5ReQD+MXWkaph94+xUEw5+6oD63PtL
WXMdSqg+vQvFxa68XhQBAIz9ys6ifbEGUXtOCFB4BUjfdPyaa1qvS+WKKZJur/Yx
=6JG/
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays