Re: [tor-relays] Tor abuse complaints (per MBit/s)

[Sadia Afroz]

Moritz,
We did not publish the report anywhere. 
I put it up on my site just for the ease of sharing it in the mailing list. 
I can take the report down if you are not comfortable with it being public.

> On Sep 28, 2016, at 9:55 PM, Moritz Bartl  wrote:
> 
> On 09/28/2016 09:12 PM, nusenu wrote:
>> In your number of complains over time graphs you do not seem to take
>> traffic into account?
>> 
>> Would you care to add a
>> number of complains over time per MBit/s of exit relay traffic?
> 
> I strongly urged them to do exactly this before they publish. The
> absolute numbers are quite pointless, and, worse, dangerous. All it
> takes is a journalist taking them the wrong way and we have a negative
> press fallout. This is the main reason why I was very reluctant to hand
> them over in the first place -- they really must be interpreted in
> context, ideally comparing them to a similar, normalized data set from
> VPN providers and Internet access providers.
> 
> I appreciate that they're trying to make sense out of the data, and it
> is definitely quite some work to weed through all of it. Maybe it's OK
> as a first initial analysis, and maybe we should rather be transparent
> and let the press mess it up than hiding it. The next step is cleaning
> it up further, and then going through the archives [1] to match it with
> bandwidth usage and changes in exit policies over time.
> 
> Due to the method used, nforce and voxility show up with large counts as
> "origin" of complaints, even though they send zero abuse complaints --
> they are just two of our largest and very friendly ISPs, and they show
> up because all of that are complaints they forward to us.
> 
> [1] https://collector.torproject.org/
> 
> -- 
> Moritz Bartl
> https://www.torservers.net/
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

Best,
Sadia

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor abuse complaints (per MBit/s)

[Moritz Bartl]

On 09/28/2016 09:12 PM, nusenu wrote:
> In your number of complains over time graphs you do not seem to take
> traffic into account?
> 
> Would you care to add a
> number of complains over time per MBit/s of exit relay traffic?

I strongly urged them to do exactly this before they publish. The
absolute numbers are quite pointless, and, worse, dangerous. All it
takes is a journalist taking them the wrong way and we have a negative
press fallout. This is the main reason why I was very reluctant to hand
them over in the first place -- they really must be interpreted in
context, ideally comparing them to a similar, normalized data set from
VPN providers and Internet access providers.

I appreciate that they're trying to make sense out of the data, and it
is definitely quite some work to weed through all of it. Maybe it's OK
as a first initial analysis, and maybe we should rather be transparent
and let the press mess it up than hiding it. The next step is cleaning
it up further, and then going through the archives [1] to match it with
bandwidth usage and changes in exit policies over time.

Due to the method used, nforce and voxility show up with large counts as
"origin" of complaints, even though they send zero abuse complaints --
they are just two of our largest and very friendly ISPs, and they show
up because all of that are complaints they forward to us.

[1] https://collector.torproject.org/

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[nusenu]

> It - plus the follow up from that many contributors - did answer my questions 
> apart from two left:
> 
> - should only Markus be contacted instead of lets say at least all the folks 
> with more than 2 notes to make them aware?

I contacted many of the most relevant operators with incorrect MyFamily
setting in the past years. ansible-relayor [1] was also born to provide
a solution for the MyFamily "problem".

The email to Markus was just triggered by the OrNetRadar email that in
turn has been trigged by the fact that he added 3 relays on 2016-09-22.

MyFamily is not very relevant, but I use MyFamily data to to aggregate
relays for lists like
https://raw.githubusercontent.com/ornetstats/stats/master/o/main_operators_by_cw.txt

and if torpids would also set a proper MyFamily their ranking would be
better (because more relays would be aggregated into their group).



> I tend to agree with what has been written "I am in favour of a scheme where 
> the process of joining a family is 
> authenticated." Personally I will correct my entries soon to get me off that 
> list :-)

people interested in that topic might want to read:

https://gitweb.torproject.org/torspec.git/tree/proposals/242-better-families.txt
https://trac.torproject.org/projects/tor/ticket/5565




[1] https://github.com/nusenu/ansible-relayor



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] The Onion Box v3.0: Web Interface for your Tor relay

[John Ricketts]

Ralph,

I will begin testing it with my 20 nodes.

John

On Sep 28, 2016, at 14:49, Ralph Wetzel 
> wrote:

Good Evening!

After several months of silence (resulting in intensive development work in the 
background) I'm happy to announce the release of 
v3.0RC1 of The 
Onion Box, the Web Interface for your Tor relay. It 
finally became a total re-write of the code, resulting in a decluttered 
interface and significantly increased amount of information displayed. 
Dependend on the available GeoIP infos you might even get a map showing the 
locality of your relay!

Feel free to contact me in case you have any issues or feedback (good or bad).
Thank's for using The Onion Box!

Best Regards,
Ralph


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor abuse complaints (my public key)

[Sadia Afroz]

A couple of people asked for my public key.
Here it is:
-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1

mQINBFWxKMQBEAD1DeQxFIwUpoTKKYm0lweSv4uGmaC8EKT4KTlJBLbLrOqmkGE0
0mnnlHgByqR+wzZpDMNXPu9omV+WQDMBJq7v88RzCjsMSvCEVmDx1TQQfikzedA4
/XIRvqlF4+YIHiOaQkCQ5Rc7568rPKWpYZt3BTYErnjyNlzn3czv4Mxlvh2lwPmn
SKrZ4XouOlodnxLLtdHRWMqs0pQ2DE9Avc3jVznZRHnW4+ynSC9A6ENJ8OaIHi0A
UHnCOonNkgeq2CQvJ/T1FPvQhqgKZ5yL8HY/l5yu7QYWau0rsbInsgUdORIuKEvL
JjpiWMWAvwqGaq/q6CNaKJWYaeudLkOWH2aOKlKcF9nCxNtEYjfXXwHxmJsELKnj
X9pA0byL7LWfK81jyKC5ZOwvSq0x8SDvfGOJDMJafM9YK7+gQewfxF0qigphk/XM
uyBPRu2rJkFUer3qrr24v96QffQpe55PCNPQ8k6d3rSvfrxcV0KhhRx0VcftrXEG
WMRpPY3WDUWx6fy5CA4tLwxTeifQA0yWupHgHpIR9UJvXlDgXF27bsQkffLJIj1x
wEZ1Jax4DbLKJ+ESs2zF4sn9LiUrep9JHv5KT0aKT2n68irqVKnZ3pgra9Y8VMjS
jws20bkLegx7sGGgQXwyCW9ld8GrIDLuBhKqI+5dO0baOcZe8cWLsQIKAQARAQAB
tCFTYWRpYSBBZnJveiA8c2hlZXRhbDU3QGdtYWlsLmNvbT6JAjIEEAEIACYFAlWx
KMoGCwkIBwMCCRAan2yJk8ct+gQVCAIKAxYCAQIbAwIeAQAApRoP/A8pKNQdg1b2
X+aiLSlNknjA+/8B4l1Ugr0ei6ryC7pfh43oN1YKmvRHwy8Bab97s68Tet4uLzMH
DYDS8FsOAkwQ0JU8g+3JjzcfGw1mVjlafllCotxsoUHKZQdWEG66QfuyBX7+V3EF
EUkxQQkIUpsK0w1MLxRNPwB9Vf6Eb7kWpEIqEhSi3XARPK5IFRkzzQCMYu1qZL1Q
Bx4Fy5j7oJkH2uySYzApxv4LCwbkb1rq7HSnTzhWcxGQUd15/N57WbOqdvz+4kuf
MWckC5BfwxQVtRDF8Ncvmgd7G5E2/+G3NlbiDil0bSlRA8z0EZmE34d5J6LS3jzM
hQj2LSOpYzPeRpHNrtzI5Z2vwUJlaRd1fHo6IJL3Vl3jNbIL9jZuu0Qf/JxPHKp9
ff/m9LkbwSsq2tqwonM/BFogC2T+IDTTuTWajjQHWd9p/jB05Nz3FEcMKoKY1pNN
BTr60EFBOWpKIMvJSW9V6oiUioIycfGmdZTwg/gkM6b1j5lNR4XRw0xVt5DjLxdB
UwijGCL9sPlawDo+cEVIatIZkL85gorqeravANnReZ+Po3jPhXSg4jeQvDDGG+Sf
h9lKlxB/r0NnFj6KDg8a+XNaZeAS91zxoEUiD4/5ZOLah0nOhZ8jKfPfg0K0joFI
zLTZm5iWwjb3GreN8wRb5i3MYfxpufGFuQINBFWxKMQBEACh0LHWZFGafxyttEjY
DuW7M1OGl5JKyX2YWlxpBw7FC9cL8YWFWqwc+DfL1Lp+P8O/xGpuuEanELKyGbx2
Sus513cz7VvEF3WKVHGoY7ymkdU/DTbeiS0Rljh7EO+VwUGJB1tqrblTbQkpGOAW
Pjfq6bMI26O1XltvXpZxB4suwOA+UxIrvyUDL5iQ77VNgdmRKylmr5ELesqCmWOB
GgUgAHau2joIECeaRNQLFRQT7NhVCOlBnnXe9bhBPKh71iJOxKQdxj9489VMEhgY
Lq9HfROeJYUOh1ZcbjCOr5HqyJAr5ZXMNulN79ZU+9eDvlH/SEPfk1eH+G1Wwt6K
/hjS3VpA2scZV+TzAwBBxW/jftQgKpIjRGifVOPJzzuhMG5Nov2jJ3MpRO41nX4e
WdRvdMKgDLZ9ZcPSKuaaOEqIyfdxi04D7T65Y+B/K4Kym/BaqTQr1qDfsbi5KUil
dWA/MMV9cWVRoZN71hT6SftUoEXt7kKPzGR8UUcrTVIG3yTN6ucEyL48UZquRvrx
HwA2zrFh28+rXqwFcibFDoG78yNa3q+Wwvp4HxwMBSLvxlEp1ToqlPRG7tBLBJRG
d1NRYs6zphIvryZKbitqGPVRLW07Rgp1Azh7sFNNKdiE3UC8TNH3bzvGisOA4tmV
EbZ8Qyi3t8rxXApor+a8WJAY6wARAQABiQIfBBgBCAATBQJVsSjMCRAan2yJk8ct
+gIbDAAAsxcP/21vUrzwyz1DmW4d5WCJKRRfxSIRbSPwNniEVuJJCOXa20EZdpDS
2pqIF8xX1BKz0B3+nWeLYr5GslCdwZnXkKsLkRCi+4oGyFFPwGMiFtF14HUiOTgB
3Tku905yiBOf2XftImoHvr8xn5UK6qYzBmZfj/nFn1z54CR5uz1/0ZdJOARALKbE
6MOK0YSaKtB22CBo6vPvVRQkG312S+fk9nCYSSse7d9uYnqiTLZqtP+eKcXQnCN+
EB7ybiTXPwYzKHo+qb9QlXBssUgzU2XlVuCuxA6JkHO3mpqmwrmfXX2uewFLgnyI
2l5kQAefuIojpi+gizHnqPT19Kh0fnIYssaqREY5AG6431f01vAjpySbiOzX6fMd
vy75VFoD+3eV+Uhj9OHcsYuyVQIu3JZsmLuNXIPRjcSIgIPeAdyu3jZlFEMJT7ji
2ptlCT/mFmNCilxI6QVBF2VThHOuKw6VnqvPwQ4kUjJwoApIfpARzDWYWbrg50m6
HAGKfoWLMnL2wryN+jBB1TB+E/HToUD0nFeFa2S99FLDKoASWSD1bM+cy8osaO/S
ZUtJ004800gkTc01dBtM9n6hWGQ7hiCg8yyBh7oD4V3dFMX8v/fCWYfQ2o+SSxvR
pjG0jZ9eoxuMXAA8Cjwz18fill0zX9IVxSmZo5UFjOLjKjpGjk4mYgTRmQENBFfr
2nkBCACbjozJZAup4Vxg7IlOb46pYQs2ecBnEnBfZ2WYyKr4zaAamIBydvdiB4wG
0cleMmNGa6AcEZVk82u+StYqxp6IEXBFtt4qqLYt2KsdFZoVvieALDKxExUjAnBM
unmqeN/WL2y1jnCwRgHNUzi5ujOOy+XkF4m344LhgUZ/+1R5ZBJOHiRAosQVz5fc
o7Yu+54Fa+59MOuM1RdTjvPwL3SMNobHURdjejJmLR7IqUyXLxMoAVfxXKuSoejt
vSsN/Vkh0B8crIigy5UCrMRZVQKHFs3+bhqrBB8wVcCgrLM50PAnMYBkhv690Q95
pNb/ImQfIgCGKKbAk03vpnOLiIGRABEBAAG0JVNhZGlhIEFmcm96IDxzYWRpYUBp
Y3NpLmJlcmtlbGV5LmVkdT6JATgEEwECACIFAlfr2nkCGwMGCwkIBwMCBhUIAgkK
CwQWAgMBAh4BAheAAAoJENMtNOCx6YjjWfoH/2HidPDu6GgoH1GVUoJ/Jhn8LtBy
HbkuvtGj2lUvAsd0vPFTG5yhNLWqMmWpGkkf9r7g0jJyvipyQh0N4ryf1uVObf7B
a85DQrJsUlU4y2Ek5dv0QY29cnDIkcOzg5SRfdKYsK7vldjzUdq0eTKEbIEpyAXG
TYe8fxW9liSqOJro3uORpvJcBV6hJVhWDzy9bMY4+RixufbIDnyRNDBUmWOfw2PK
GwQHJpfoS7XBGX5X5uVNijIYFlMnhd/W6/dEp/9vxIfoVhVCWqMrRCAiDOHKRnRE
2ZkjsX1k733+GK35VD4Hbwh/0NIMGtwLNAWTChSV/6HgsidNmjmfj8NJRjy5AQ0E
V+vaeQEIALcDvRSc9gt+xPxUm5LOdcMmpe+lM6h6S+cp4IabX+L4Dmn5RIcvHl7O
W7Oo7d3JGj8WcoW1eBBsFq+aasrlQg5Va8gntlxUWlZzq42C9hHfstrFRxwxDXWL
CGJhJ4vZQdw2ZXYrvhok2Op4RPMc682ctV3oyqrr1v6uU63TLOQJm0oWYzglP4hn
xbcea5Y62//bJGZ27CZXLEZwQF0tVkiAB5RJxjswx+KxEUqAcHNOMMToZFcHSeo3
7QKPBmvlA4Ob8VyEcljhEPkQwJgYHcea1BDlByTQzajneVNOJPwpGMatE1m57uol
IB2W+RlimsBDoHo81zrqulSsoiib4IEAEQEAAYkBHwQYAQIACQUCV+vaeQIbDAAK
CRDTLTTgsemI49jZCACOUDSVortQhY4eVzaN25VFAv/y6LPYyrYsnMEcOIl675ti
/HF48EsKX+GeD8bYfH88arKkBWRXTu1tEtuREoCstIAxmUp3+0L+n2goy6tp6irq
TWfwbyVf3MQVYa5gWw57CPhP4WUl2fgpW3UJF3w99Vo3U00VQggNbxF3p+aqJJoC
GtVtUNldodYEpmjqvt1LPumxCG2U8ihPLVzNgqCe/5jEl4vYJilSPlxWxDHOnx+H
78z1HfwMBou6j1aukhOh7KelYQ5sParqykmxWKUqnrmhPnWjJuwAj0j7FcZhBF83
rbL10sjrES3NFOszht6nvQH5bAv18CiV5o0AiOyh
=9/B7
-END PGP PUBLIC KEY BLOCK-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor abuse complaints (per MBit/s)

[Sadia Afroz]

In your number of complains over time graphs you do not seem to taketraffic into account?Would you care to add anumber of complains over time per MBit/s of exit relay traffic?Thanks for pointing that out!This is a preliminary report, so there are many questions this report doesn’t answer yet.We know that compared to the total exit relay traffic the number of complaints is probably pretty negligible and we will take that into account in final report.The report is only on the complaints for ~20 exits. We are hoping to receive more abuse complaints to get a better sense of the kind of complaints exit operators receive.-BEGIN PGP PUBLIC KEY BLOCK-
Version: GnuPG v1

mQINBFWxKMQBEAD1DeQxFIwUpoTKKYm0lweSv4uGmaC8EKT4KTlJBLbLrOqmkGE0
0mnnlHgByqR+wzZpDMNXPu9omV+WQDMBJq7v88RzCjsMSvCEVmDx1TQQfikzedA4
/XIRvqlF4+YIHiOaQkCQ5Rc7568rPKWpYZt3BTYErnjyNlzn3czv4Mxlvh2lwPmn
SKrZ4XouOlodnxLLtdHRWMqs0pQ2DE9Avc3jVznZRHnW4+ynSC9A6ENJ8OaIHi0A
UHnCOonNkgeq2CQvJ/T1FPvQhqgKZ5yL8HY/l5yu7QYWau0rsbInsgUdORIuKEvL
JjpiWMWAvwqGaq/q6CNaKJWYaeudLkOWH2aOKlKcF9nCxNtEYjfXXwHxmJsELKnj
X9pA0byL7LWfK81jyKC5ZOwvSq0x8SDvfGOJDMJafM9YK7+gQewfxF0qigphk/XM
uyBPRu2rJkFUer3qrr24v96QffQpe55PCNPQ8k6d3rSvfrxcV0KhhRx0VcftrXEG
WMRpPY3WDUWx6fy5CA4tLwxTeifQA0yWupHgHpIR9UJvXlDgXF27bsQkffLJIj1x
wEZ1Jax4DbLKJ+ESs2zF4sn9LiUrep9JHv5KT0aKT2n68irqVKnZ3pgra9Y8VMjS
jws20bkLegx7sGGgQXwyCW9ld8GrIDLuBhKqI+5dO0baOcZe8cWLsQIKAQARAQAB
tCFTYWRpYSBBZnJveiA8c2hlZXRhbDU3QGdtYWlsLmNvbT6JAjIEEAEIACYFAlWx
KMoGCwkIBwMCCRAan2yJk8ct+gQVCAIKAxYCAQIbAwIeAQAApRoP/A8pKNQdg1b2
X+aiLSlNknjA+/8B4l1Ugr0ei6ryC7pfh43oN1YKmvRHwy8Bab97s68Tet4uLzMH
DYDS8FsOAkwQ0JU8g+3JjzcfGw1mVjlafllCotxsoUHKZQdWEG66QfuyBX7+V3EF
EUkxQQkIUpsK0w1MLxRNPwB9Vf6Eb7kWpEIqEhSi3XARPK5IFRkzzQCMYu1qZL1Q
Bx4Fy5j7oJkH2uySYzApxv4LCwbkb1rq7HSnTzhWcxGQUd15/N57WbOqdvz+4kuf
MWckC5BfwxQVtRDF8Ncvmgd7G5E2/+G3NlbiDil0bSlRA8z0EZmE34d5J6LS3jzM
hQj2LSOpYzPeRpHNrtzI5Z2vwUJlaRd1fHo6IJL3Vl3jNbIL9jZuu0Qf/JxPHKp9
ff/m9LkbwSsq2tqwonM/BFogC2T+IDTTuTWajjQHWd9p/jB05Nz3FEcMKoKY1pNN
BTr60EFBOWpKIMvJSW9V6oiUioIycfGmdZTwg/gkM6b1j5lNR4XRw0xVt5DjLxdB
UwijGCL9sPlawDo+cEVIatIZkL85gorqeravANnReZ+Po3jPhXSg4jeQvDDGG+Sf
h9lKlxB/r0NnFj6KDg8a+XNaZeAS91zxoEUiD4/5ZOLah0nOhZ8jKfPfg0K0joFI
zLTZm5iWwjb3GreN8wRb5i3MYfxpufGFuQINBFWxKMQBEACh0LHWZFGafxyttEjY
DuW7M1OGl5JKyX2YWlxpBw7FC9cL8YWFWqwc+DfL1Lp+P8O/xGpuuEanELKyGbx2
Sus513cz7VvEF3WKVHGoY7ymkdU/DTbeiS0Rljh7EO+VwUGJB1tqrblTbQkpGOAW
Pjfq6bMI26O1XltvXpZxB4suwOA+UxIrvyUDL5iQ77VNgdmRKylmr5ELesqCmWOB
GgUgAHau2joIECeaRNQLFRQT7NhVCOlBnnXe9bhBPKh71iJOxKQdxj9489VMEhgY
Lq9HfROeJYUOh1ZcbjCOr5HqyJAr5ZXMNulN79ZU+9eDvlH/SEPfk1eH+G1Wwt6K
/hjS3VpA2scZV+TzAwBBxW/jftQgKpIjRGifVOPJzzuhMG5Nov2jJ3MpRO41nX4e
WdRvdMKgDLZ9ZcPSKuaaOEqIyfdxi04D7T65Y+B/K4Kym/BaqTQr1qDfsbi5KUil
dWA/MMV9cWVRoZN71hT6SftUoEXt7kKPzGR8UUcrTVIG3yTN6ucEyL48UZquRvrx
HwA2zrFh28+rXqwFcibFDoG78yNa3q+Wwvp4HxwMBSLvxlEp1ToqlPRG7tBLBJRG
d1NRYs6zphIvryZKbitqGPVRLW07Rgp1Azh7sFNNKdiE3UC8TNH3bzvGisOA4tmV
EbZ8Qyi3t8rxXApor+a8WJAY6wARAQABiQIfBBgBCAATBQJVsSjMCRAan2yJk8ct
+gIbDAAAsxcP/21vUrzwyz1DmW4d5WCJKRRfxSIRbSPwNniEVuJJCOXa20EZdpDS
2pqIF8xX1BKz0B3+nWeLYr5GslCdwZnXkKsLkRCi+4oGyFFPwGMiFtF14HUiOTgB
3Tku905yiBOf2XftImoHvr8xn5UK6qYzBmZfj/nFn1z54CR5uz1/0ZdJOARALKbE
6MOK0YSaKtB22CBo6vPvVRQkG312S+fk9nCYSSse7d9uYnqiTLZqtP+eKcXQnCN+
EB7ybiTXPwYzKHo+qb9QlXBssUgzU2XlVuCuxA6JkHO3mpqmwrmfXX2uewFLgnyI
2l5kQAefuIojpi+gizHnqPT19Kh0fnIYssaqREY5AG6431f01vAjpySbiOzX6fMd
vy75VFoD+3eV+Uhj9OHcsYuyVQIu3JZsmLuNXIPRjcSIgIPeAdyu3jZlFEMJT7ji
2ptlCT/mFmNCilxI6QVBF2VThHOuKw6VnqvPwQ4kUjJwoApIfpARzDWYWbrg50m6
HAGKfoWLMnL2wryN+jBB1TB+E/HToUD0nFeFa2S99FLDKoASWSD1bM+cy8osaO/S
ZUtJ004800gkTc01dBtM9n6hWGQ7hiCg8yyBh7oD4V3dFMX8v/fCWYfQ2o+SSxvR
pjG0jZ9eoxuMXAA8Cjwz18fill0zX9IVxSmZo5UFjOLjKjpGjk4mYgTRmQENBFfr
2nkBCACbjozJZAup4Vxg7IlOb46pYQs2ecBnEnBfZ2WYyKr4zaAamIBydvdiB4wG
0cleMmNGa6AcEZVk82u+StYqxp6IEXBFtt4qqLYt2KsdFZoVvieALDKxExUjAnBM
unmqeN/WL2y1jnCwRgHNUzi5ujOOy+XkF4m344LhgUZ/+1R5ZBJOHiRAosQVz5fc
o7Yu+54Fa+59MOuM1RdTjvPwL3SMNobHURdjejJmLR7IqUyXLxMoAVfxXKuSoejt
vSsN/Vkh0B8crIigy5UCrMRZVQKHFs3+bhqrBB8wVcCgrLM50PAnMYBkhv690Q95
pNb/ImQfIgCGKKbAk03vpnOLiIGRABEBAAG0JVNhZGlhIEFmcm96IDxzYWRpYUBp
Y3NpLmJlcmtlbGV5LmVkdT6JATgEEwECACIFAlfr2nkCGwMGCwkIBwMCBhUIAgkK
CwQWAgMBAh4BAheAAAoJENMtNOCx6YjjWfoH/2HidPDu6GgoH1GVUoJ/Jhn8LtBy
HbkuvtGj2lUvAsd0vPFTG5yhNLWqMmWpGkkf9r7g0jJyvipyQh0N4ryf1uVObf7B
a85DQrJsUlU4y2Ek5dv0QY29cnDIkcOzg5SRfdKYsK7vldjzUdq0eTKEbIEpyAXG
TYe8fxW9liSqOJro3uORpvJcBV6hJVhWDzy9bMY4+RixufbIDnyRNDBUmWOfw2PK
GwQHJpfoS7XBGX5X5uVNijIYFlMnhd/W6/dEp/9vxIfoVhVCWqMrRCAiDOHKRnRE
2ZkjsX1k733+GK35VD4Hbwh/0NIMGtwLNAWTChSV/6HgsidNmjmfj8NJRjy5AQ0E
V+vaeQEIALcDvRSc9gt+xPxUm5LOdcMmpe+lM6h6S+cp4IabX+L4Dmn5RIcvHl7O
W7Oo7d3JGj8WcoW1eBBsFq+aasrlQg5Va8gntlxUWlZzq42C9hHfstrFRxwxDXWL
CGJhJ4vZQdw2ZXYrvhok2Op4RPMc682ctV3oyqrr1v6uU63TLOQJm0oWYzglP4hn
xbcea5Y62//bJGZ27CZXLEZwQF0tVkiAB5RJxjswx+KxEUqAcHNOMMToZFcHSeo3
7QKPBmvlA4Ob8VyEcljhEPkQwJgYHcea1BDlByTQzajneVNOJPwpGMatE1m57uol
IB2W+RlimsBDoHo81zrqulSsoiib4IEAEQEAAYkBHwQYAQIACQUCV+vaeQIbDAAK
CRDTLTTgsemI49jZCACOUDSVortQhY4eVzaN25VFAv/y6LPYyrYsnMEcOIl675ti

Re: [tor-relays] "Potentially dangerous relay groups"

[pa011]

Am 27.09.2016 um 19:37 schrieb nusenu:
> pa...@web.de wrote:
>> there is that list of "potentially_dangerous_relaygroups" you published.
>> Could yo please emphasize a bit more on what brings a relay on that list, 
>> apart from incorrect given MyFamily which doesnt seem to be always the case.
>> I mean I see quite a few well respected names on that list ?
> 
> 
> to quote from https://github.com/ornetstats/stats
> (1) "dangerous" in the sense that a tor client might has a chance to
> use more than one of these relays in a single circuit
> (2) these relays are aggregated based on contact information
> (3) if their groupsize is bigger than their effective family size
> and they are operated in more than one /16 network block they are listed
> (4) this list might contain false-positives (contact information is
> not authenticated)
> 
> Does that answer your question?
> 
> I probably should also filter entries where two out of guard_prob,
> middle_prob and exit_prob are 0 since that means that (1) is never the
> case - iff onionoo is right about these probabilities.

nusenu,

great respect of your work at first and thank you for the answer provided as 
well.

It - plus the follow up from that many contributors - did answer my questions 
apart from two left:

- should only Markus be contacted instead of lets say at least all the folks 
with more than 2 notes to make them aware?
- how could it take nearly a week for that serious discussion to start?

I tend to agree with what has been written "I am in favour of a scheme where 
the process of joining a family is 
authenticated." Personally I will correct my entries soon to get me off that 
list :-)


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor abuse complaints (per MBit/s)

[nusenu]

> Dear exit operators, Can you please share the abuse complaints you
> received while running an exit?
> 
> We are researchers from Univ. of California, Berkeley and Univ. of
> Massachusetts Amherst are interested in understanding what kind of
> abuse happens through Tor.  Thanks to Moritz Bartl from
> Torservers.net  we analyzed over 1GB of
> complaints received over 6 years. Here is our preliminary analysis of
> the complaints:
> http://www1.icsi.berkeley.edu/~sadia/tor_abuse_complaints.pdf
> 
> 
> We will appreciate if you can share the abuse complaints you
> received. It will be valuable for us to better understand the abuse
> of Tor and to find solutions to reduce abuse.

Thank you for doing this.


In your number of complains over time graphs you do not seem to take
traffic into account?

Would you care to add a
number of complains over time per MBit/s of exit relay traffic?



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Corné Oppelaar]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Personally I like what Petrusko provided the most

> In torrc, an idea...??
> 
> *MyFamily http://mydomain.org/myfamily.txt*

the list being a plaintext file of fingerprints seperated by newlines,
and if the server having that family list is not in that mentoined
family list, it's not authorized to be in that family.

Altho this will create an overhead of making a new http request when
looking for an Tor node, which may be a problem. it actually isn't
possibly at all without leaking the real IP to said server, or someone
needs to be more creative then me :s

But on the other hand, if you run more then 4 nodes, just let puppet
or any other system managment tool fill in the MyFamily field,
shouldn't be that hard imo

On 09/28/2016 02:44 PM, Random Tor Node Operator wrote:
> On 09/28/2016 02:01 PM, Chad MILLER wrote:
>> So? A relay can always have behaved badly. What's the harm in
>> you fraudulently claiming to be in family com.example.chadmiller
>> ? A user's path won't have passed through both you and me, but
>> you could have prevented traffic from passing through you any
>> time. At worst, you get to participate in a user's path and
>> exclude me from participating. That's no worse than you setting
>> your machine on fire and me participating.
> 
> 1) Bad actor sets up a bunch of relays fraudulently joining the
> majority of other relays. 2) Path selection of clients will now
> effectively prefer the bad actor's relays on which he performs
> eavesdropping, traffic analysis, or other nasty things.
> 
> The bad actor could also leave a few of his bad relays without
> family in order not to uncover himself so easily.
> 
> I am in favor of a scheme where the process of joining a family is 
> authenticated.
> 
> 
> 
> 
> ___ tor-relays mailing
> list tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
-BEGIN PGP SIGNATURE-

iQEcBAEBCAAGBQJX677wAAoJEE6fMe4ysJ7McdUH/1TzCArbxb0kZ1SDwc1P01LE
5bWvTtFj++C3PqcDzeiN3UrzVwm1AtJLa5pW3yZlAorgHksL98oX/om4EY2DKptz
IpEreQeobE/bd6c9Klhjc+FwVwW6Lb3D61KbeZkxE9+nyXrMjWUS8Nws0REZgKhc
IW6Q6kmuBt48yudbTm/dBAYPPND290ebGDuF7EDhsS9shx3+SxchuXYapwh8S1Xi
mZENyKDqxxcZT/8Ua7xMTreOzFFfscpcbFBnsKCbMjqJg0/bGKENyASoNJVQha7t
xmd5dL4fLyLrDlsi3AK4IVFCuWp3rsFpZZJ5An4FPHUe6NBSAX7pbfRko0cmq/E=
=Xptb
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[grarpamp]

On Wed, Sep 28, 2016 at 6:24 AM, Chad MILLER  wrote:
> Why isn't MyFamily a family name, instead of a list of members? I see no
> downside to having an unauthenticated

Because anyone can assert the string and
shared strings can't cross certify each other.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Chad MILLER]

Why isn't MyFamily a family name, instead of a list of members? I see no
downside to having an unauthenticated advisory
don't-route-through-me-if-you-also-route-through...

So, all of my nodes could have

MyFamilyName org.example

On Sep 28, 2016 05:52, "Roman Mamedov"  wrote:

> On Wed, 28 Sep 2016 11:41:16 +0200
> Ralph Seichter  wrote:
>
> > Key fingerprints are technically much closer to being IDs than nicknames,
> > which are nothing but short strings that can - and do - change at a whim.
>
> We're talking MyFamily, so it's you who is in control of all the nicknames,
> and it's only by your whim they may or may not change.
>
> Still did not see any concrete practical arguments to why fingerprints are
> worth the additional hassle, especially when what we see in reality is
> nicknames working there perfectly well and causing zero issues whatsoever
> for
> years.
>
> --
> With respect,
> Roman
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Roman Mamedov]

On Wed, 28 Sep 2016 11:41:16 +0200
Ralph Seichter  wrote:

> Key fingerprints are technically much closer to being IDs than nicknames,
> which are nothing but short strings that can - and do - change at a whim.

We're talking MyFamily, so it's you who is in control of all the nicknames,
and it's only by your whim they may or may not change.

Still did not see any concrete practical arguments to why fingerprints are
worth the additional hassle, especially when what we see in reality is
nicknames working there perfectly well and causing zero issues whatsoever for
years.

-- 
With respect,
Roman


pgphLU5fB1WRV.pgp
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Ralph Seichter]

On 28.09.2016 08:53, Roman Mamedov wrote:

> Any actual rationale, other than "do as I say"? And aside from linking
> to the man page which doesn't provide one EITHER.

Key fingerprints are technically much closer to being IDs than nicknames,
which are nothing but short strings that can - and do - change at a whim.

I think that grarpamp's recommendation to use fingerprints is much
better advice than your choice of using nicknames. I only ever use
fingerprints in MyFamily.

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[grarpamp]

On Wed, Sep 28, 2016 at 2:53 AM, Roman Mamedov  wrote:
> Any actual rationale, other than "do as I say"? And aside from linking to the
> man page which doesn't provide one EITHER.

The ambiguity problems are long known, leading to it going away.
Feel free to search historical references and better document things.

Though I endorse it, I didn't make it up, so it's not me.

> The only problem I can imagine with this is that Nefarious People can run a
> my family, possibly knocking out one of my actual relays out of it. But what

It may require bidirectional assertion, at least it should.
See search like above, and torspec.

> Then expect the number of people to even bother with MyFamily, to dwindle

The line counts just posted debunk this.
Both fp and nick are currently accepted (as well as random garbage) so
no dwindle possibility there, and when they bother, orders of magnitude
bother to do it right.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Roman Mamedov]

On Wed, 28 Sep 2016 11:53:51 +0500
Roman Mamedov  wrote:

> The only problem I can imagine with this is that Nefarious People can run a

same nickname relay *


-- 
With respect,
Roman


pgp6uN5Itqc5L.pgp
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Roman Mamedov]

On Wed, 28 Sep 2016 02:38:37 -0400
grarpamp  wrote:

> On Tue, Sep 27, 2016 at 4:38 PM, Roman Mamedov  wrote:
> > *) Give up on listing fingerprints, instead simply list nicknames.
> 
> No. Fingerprints are what to use here. Please do not use nicknames.

Any actual rationale, other than "do as I say"? And aside from linking to the
man page which doesn't provide one EITHER.

The only problem I can imagine with this is that Nefarious People can run a
same fingerprint relay with the same MyFamily string as mine, and by that join
my family, possibly knocking out one of my actual relays out of it. But what
exactly would anyone achieve with that, is entirely unclear.

> Besides, other than for simply announcing a vanity tag, nicks are
> going away in every area they are currently accepted as config input,
> so don't get used to them as such. See tickets 12898, etc.

Then expect the number of people to even bother with MyFamily, to dwindle
further.

-- 
With respect,
Roman


pgpaAETTCEr2K.pgp
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[Petrusko]

In torrc, an idea...??

*MyFamily http://mydomain.org/myfamily.txt*

So > there will be only 1 list to update / maintain by the operator(s).
Ctrl+F to find if a fingerprint is already here (for lazy guyz)... if
not, Ctrl-V to add the new fingerprint,
if Atlas shows a down fingerprint, Ctrl+F too...
then /service tor reload/ to eat the new txt file?
> One list is much easier.
>
> Robert

-- 
Petrusko
PubKey EBE23AE5
C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[grarpamp]

On Tue, Sep 27, 2016 at 4:38 PM, Roman Mamedov  wrote:
> *) Give up on listing fingerprints, instead simply list nicknames.

No. Fingerprints are what to use here. Please do not use nicknames.
Ignoring the ambiguous assertions you'd be making with nicks,
it inserts the same ambiguity into downstream consensus parsers.
Just grok FP's your configs and assemble the family like any good admin.
Besides, other than for simply announcing a vanity tag, nicks are
going away in every area they are currently accepted as config input,
so don't get used to them as such. See tickets 12898, etc.

Note in current consensus, there are about 1500 different good strict
FP only family lines, and 60 different bad essentially random lines to fix.
'^family( \$[0-9A-F]{40})+$'

Ticket 12799 will apply further needed sanity to fingerprints.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays