Re: [tor-relays] Is there a reason for all exit nodes being public?

[Dave Warren]

I agree 100%. And yet, it's still useful for those who don't have
anything to fear from using Tor, but still want the privacy and security
from the last mile.


On Wed, Dec 7, 2016, at 23:45, Duncan Guthrie wrote:

> The problem with Facebook is that their policies on real names
> somewhat goes against hiding from a repressive regime. Their terms and
> conditions mandate that they kick people who use pseudonyms, and make
> fellow Facebook users rat on each other.
>  If I was an activist I would be wary of using it on or off Tor at
>  all. If I am going to be harassed for using Facebook, it's probably
>  unsafe to use Tor altogether. It isn't worth the risk, except in a
>  very limited manner.
>  I think the hidden service in this case is just gesture politics.
>  It's not really for citizens in repressive regimes, but people who
>  have little to fear from using Tor.
> 

>  Duncan

> 

> On 7 December 2016 3:20:05 pm GMT+00:00, Rana
>  wrote:
>> 
>> 

>> 
>> 

>> -Original Message-
>> 

>>>  From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org]
>>>  On Behalf Of heartsucker
>>>
>>>  Sent: Wednesday, December 07, 2016 5:11 PM
>>> 

>>>  : tor-relays@lists.torproject.org
>>> 

>>>  Subject: Re: [tor-relays] Is there a reason for all exit nodes
>>>  being public?
>>>
>>>  
>>> 

>>>  As one of the Tor users who connects to services where I have to
>>>  use my real name (e.g., my banks), I think it's not helpful to make
>>>  assumptions about everyone's use case. Part of why I use Tor is to
>>>
>>>  keep my ISPs from snooping on what I'm doing, and it's possible
>>>  some of these millions of facebook users are doing the same.
>>>
>> 
>> 

>> We will never know the breakdown of the Facebook users by the reason
>> why they use Tor. However, surely many of them are under repressive
>> regimes and do not want their ass kicked for what they write on
>> Facebook. Protecting them is fine purpose and anyhow, Tor has no
>> control over how people use the network and certainly not over why
>> they use it.
>>
>> 
>> 

>> Rana
>> 

>> 
>> 

>> 
>> 

>> 
>> 

>> 
>> 

>> 
>> 

>> tor-relays mailing list
>> 

>> tor-relays@lists.torproject.org
>> 

>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> _

> tor-relays mailing list

> tor-relays@lists.torproject.org

> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Duncan Guthrie]

The problem with Facebook is that their policies on real names somewhat goes 
against hiding from a repressive regime. Their terms and conditions mandate 
that they kick people who use pseudonyms, and make fellow Facebook users rat on 
each other.
If I was an activist I would be wary of using it on or off Tor at all. If I am 
going to be harassed for using Facebook, it's probably unsafe to use Tor 
altogether. It isn't worth the risk, except in a very limited manner.
I think the hidden service in this case is just gesture politics. It's not 
really for citizens in repressive regimes, but people who have little to fear 
from using Tor.

Duncan

On 7 December 2016 3:20:05 pm GMT+00:00, Rana  wrote:
>
>
>-Original Message-
>> From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On
>Behalf Of heartsucker
>> Sent: Wednesday, December 07, 2016 5:11 PM
>> : tor-relays@lists.torproject.org
>> Subject: Re: [tor-relays] Is there a reason for all exit nodes being
>public?
>> 
>> As one of the Tor users who connects to services where I have to use
>my real name (e.g., my banks), I think it's not helpful to make
>assumptions about everyone's use case. Part of why I use Tor is to
>> keep my ISPs from snooping on what I'm doing, and it's possible some
>of these millions of facebook users are doing the same.
>
>We will never know the breakdown of the Facebook users by the reason
>why they use Tor. However, surely many of them are under repressive
>regimes and do not want their ass kicked for what they write on
>Facebook. Protecting them is fine purpose and anyhow, Tor has no
>control over how people use the network and certainly not over why they
>use it.
>
>Rana
>
>
>
>
>___
>tor-relays mailing list
>tor-relays@lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Dave Warren]

On 2016-12-07 05:41, Rana wrote:

By the way, I just checked, Gmail works without problems over Tor (both Web and 
IMAPS).

Using Gmail over Tor when they already know who you are is self-defeating. Try 
to register an anonymous Gmail account using Tor.



Doable. They require a phone number for verification, but that's the same with 
and without Tor. Besides, if you want an anonymous email, use _anything but 
Gmail_, eg. ProtonMail.


Providing you phone number during registration = registration is not anonymous, 
so anonymous registration of a Gmail account using Tor is NOT doable.


This depends on your country. In some countries you can purchase a SIM 
and activate service using only cash. If your threat model includes 
includes an adversary that could obtain phone company records, you 
should not reuse the phone or SIM for any other purpose.


Obviously not all countries allow for this approach.



Last time I tried, this did not work. I provided the SMS number in a Tor registration 
attempt and Gmail said we cannot register you "at this time", without even 
trying to send me an SMS.

Protonmail is exactly the same thing, if you want to register a free account you need to 
provide your phone number. You can register "anonymously" in ProtonMail only 
for paid account, and even if you are willing to pay for anonymity, you need to pay in 
bitcoin which ultimately discloses you identity - so again, not anonymous.


As someone who previously ran a small freemail service, I can tell you 
that it's extremely difficult to block abusers from signing up without 
also blocking legitimate users. I gave up trying.


If you can acquire an untrackable prepaid credit card (again, something 
that can be done using only cash here, but perhaps not everywhere), you 
may be able to find a VoIP service which can be used for this purpose.


I have registered both Gmail and Outlook.com accounts at a VoIP SMS 
phone number, although I had to register a few phone numbers in 
different area codes before I found one that would work.


It's a tough problem to solve, I will admit.


On 2016-12-07 04:15, Rana wrote:

Using Gmail over Tor when they already know who you are is self-defeating. Try 
to register an anonymous Gmail account using Tor.


Gmail might know who I am, but my connectivity provider doesn't and I 
might not want them to know I'm using Gmail.



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[Roman Mamedov]

On Wed, 7 Dec 2016 22:50:39 +
Alex Haydock  wrote:

> Intel ME/AMT concerns me too, especially how unavoidable it seems to be
> on modern CPUs (AMD is no escape, as they have an equivalent in the form
> of their "Platform Security Processor").

On AMD that's been implemented only after "Family 15h"
https://libreboot.org/faq/#amdbastards
https://en.wikipedia.org/wiki/List_of_AMD_CPU_microarchitectures

Family 15h itself is safe.

It includes FX-series 8-core CPUs at up to 5 GHz supporting DDR3-2133 RAM:
https://en.wikipedia.org/wiki/Piledriver_%28microarchitecture%29

So don't handwave-away AMD with "they are doing that too", today you CAN have
a non-backdoored modern high-performance CPU -- from AMD.

-- 
With respect,
Roman
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Dave Warren]

On 2016-12-07 07:20, Rana wrote:

We will never know the breakdown of the Facebook users by the reason why they 
use Tor. However, surely many of them are under repressive regimes and do not 
want their ass kicked for what they write on Facebook. Protecting them is fine 
purpose and anyhow, Tor has no control over how people use the network and 
certainly not over why they use it.


I use Tor to access Facebook because it exists, and because I believe 
that legitimate use of both hidden services and exit nodes improves the 
overall legitimacy of Tor. I believe that if the only use of Tor is 
users with something to hide, it becomes easier to justify blocking and 
therefore is less effective and less useful overall.


I use Facebook with my real name and real photo because I'm not hiding 
anything from anyone in this situation (except perhaps my local 
connectivity provider, should I be traveling at the time).


I'm probably a minority in this case, and certainly an anecdote is not 
of statistical significance, but that's me.




___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[Tim Kuijsten]

Op 07-12-16 om 23:50 schreef Alex Haydock:

AMD is no escape, as they have an equivalent in the form
of their "Platform Security Processor"


I believe[1] the Athlon 5370 that AMD released this year is without PSP. 
Suits small form factors and has good performance for the mere 25 Watt 
that it uses.


[1] https://notabug.org/vimuser/libreboot-website/issues/10
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[Alex Haydock]

On 07/12/16 23:15, diffusae wrote
> I am totally agree with you.
>
> One alternative would be to use coreboot on your machine. If you are
> good, than you will put your kernel into the flash chip and make it
> write protected.
As far as I know, Coreboot is merely an open source BIOS replacement and
doesn't act to disable the management engine as many Intel chips simply
won't boot without the ME firmware present and correct.

Libreboot might be the project you're thinking of, but it only works on
the small subset of (sadly usually quite old) CPUs that will actually
boot without Intel's firmware being present.

They are both fantastic projects, and I do have some Libreboot machines
at home, but the main concern I was raising was that: firstly, unless
you are colocating your own hardware or running your relay at home,
flashing a new BIOS to your relay's hardware is out of the question as
the hardware is under the control of your service provider.

The other thing I was noting was that the fact the hardware is under
control of your service provider is probably more of a threat than just
the ME would be. The service provider obviously needs access to the
machine, but they often expose quite low-level access either through web
consoles of unknown security, or to helpdesk techs working at the provider.

As a side note, there is one VPS provider I know of that are currently
in the preparation stages before launch, and who are intending to run
their entire infrastructure on Libreboot machines:
https://www.vikings.net/index.html

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[Rana]

As long as CPU hardware is closed source, perfect privacy does not exist, full 
stop. Conspiracy theories are futile, the probability of microcode backdoor is 
1. So there is no need to "worry" about hardware blobs. There is NO way that 
processors made by US chip manufacturers do NOT contain a backdoor. The same 
goes for Raspberry Pi which is based on a Broadcom chip. 

Privacy is a therefore probabilistic entity.  Instead of worrying about 
hardware blobs, you should is try to estimate  the cost of intrusion, 
collection and analysis, divided by the probability of yourself being a target. 
This yields a weighted cost of spying on you. If the result is high enough, no 
problem, as the adversary's budget s always limited. Otherwise you are toast, 
Tor or no Tor, VM or no VM. What Tor hopefully does is raise the cost and thus 
minimize the probability of the Tor user being targeted, collected and 
analyzed, due to purely budgetary reasons.

I am happily using hardware based on Intel chips. If I were an ISIS ringleader, 
I wouldn't. Allahu Akbar but my ass is valuable, too.

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[diffusae]

On 07.12.2016 23:50, Alex Haydock wrote:
> On 07/12/16 21:45, diffusae wrote:
>> Hmm, interesting subject ...
>>
>> On 07.12.2016 21:35, Gumby wrote:
>>>   Subject seems to have changed a bit, so not hijacking it.
>>> When thinking of any exploitation of firmware - should there be concerns
>>> of Intel's Management Engine in the CPU of any relays
>>>  running on "home hardware" in any common unused pc or laptop?
>>> Should that be a concern on ANY newer Intel hardware?
>>>
>>> Gumby
>> What do you think about Intel AMT, it's a part of the most modern PCs?
>>
> Intel ME/AMT concerns me too, especially how unavoidable it seems to be
> on modern CPUs (AMD is no escape, as they have an equivalent in the form
> of their "Platform Security Processor").
> 
> Though I this probably concerns me less than the fact that only the
> fastest relays are going to be deployed on colocated and fully
> owner-controlled hardware or under their own ASNs.
> 
> The rest are probably going to be VPS nodes or at least connected to
> some out-of-band network management interface for quick deployment and
> monitoring at the ISP-level. This can provide low-level access in a
> similar way to ME/AMT. I've seen many providers allowing access to
> management TTYs, or even raw disk management tools via HTTP web interfaces.
> 
> Abusing the ME/AMT would require some sort of co-operation on Intel's
> part, or stolen signing keys, but imagine if you could get access to
> some sort of administration panel for OVH/DigitalOcean etc. Co-opting a
> large number of relays/exits through that process might be a lot easier,
> so if I was going to worry about out-of-band management interfaces, I'd
> probably worry about those first.

I am totally agree with you.

One alternative would be to use coreboot on your machine. If you are
good, than you will put your kernel into the flash chip and make it
write protected.


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[Alex Haydock]

On 07/12/16 21:45, diffusae wrote:
> Hmm, interesting subject ...
>
> On 07.12.2016 21:35, Gumby wrote:
>>   Subject seems to have changed a bit, so not hijacking it.
>> When thinking of any exploitation of firmware - should there be concerns
>> of Intel's Management Engine in the CPU of any relays
>>  running on "home hardware" in any common unused pc or laptop?
>> Should that be a concern on ANY newer Intel hardware?
>>
>> Gumby
> What do you think about Intel AMT, it's a part of the most modern PCs?
>
Intel ME/AMT concerns me too, especially how unavoidable it seems to be
on modern CPUs (AMD is no escape, as they have an equivalent in the form
of their "Platform Security Processor").

Though I this probably concerns me less than the fact that only the
fastest relays are going to be deployed on colocated and fully
owner-controlled hardware or under their own ASNs.

The rest are probably going to be VPS nodes or at least connected to
some out-of-band network management interface for quick deployment and
monitoring at the ISP-level. This can provide low-level access in a
similar way to ME/AMT. I've seen many providers allowing access to
management TTYs, or even raw disk management tools via HTTP web interfaces.

Abusing the ME/AMT would require some sort of co-operation on Intel's
part, or stolen signing keys, but imagine if you could get access to
some sort of administration panel for OVH/DigitalOcean etc. Co-opting a
large number of relays/exits through that process might be a lot easier,
so if I was going to worry about out-of-band management interfaces, I'd
probably worry about those first.

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[diffusae]

Which "other parts" do you mean? The GPU blob or Raspbian?
You don't need to use the stock distribution.

On 07.12.2016 23:10, Duncan Guthrie wrote:
> What I was originally getting at was that the parts of the Raspberry Pi
> that are completely proprietary - while there is a free software
> implementation of the GPU blob, most people don't use that, as they are
> on stock Rasbian, which includes all the nasty "other parts" - are a
> great possibility for hijacking, perhaps through malicious code running
> on the GPU, which controls the CPU in several ways. The problem with
> this isn't that this is unique (Intel computers having so much more
> attack surface) but that a flaw in lots of these small computers that
> power a portion of the network means that an exploit in them due to lack
> of diversity would be much more serious.

Better a lots of these small computers than none ...

> The management engine blob is also very serious. One possible mitigation
> might be to run the relays in VMs with good isolation, e.g. Xen on
> recent hardware which has good IOMMU. This makes it much harder to
> exploit the actual software that runs on the ME since the VMs would, in
> theory, have no access to hardware.
> 
> It should be of concern on any hardware that is being used for related
> purposes, I think. However, whether it works out in practice as a
> backdoor that is worth exploiting vs other methods is debatable.
> 
> Regardless, diversity is good.

That's true!

Regards,

> On 07/12/16 20:35, Gumby wrote:
>>   Subject seems to have changed a bit, so not hijacking it.
>> When thinking of any exploitation of firmware - should there be
>> concerns of Intel's Management Engine in the CPU of any relays
>>  running on "home hardware" in any common unused pc or laptop?
>> Should that be a concern on ANY newer Intel hardware?
>>
>> Gumby

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[teor]

> On 8 Dec. 2016, at 01:18, myflyrybr  wrote:
> 
> Trying to hide exit nodes would have little effect on censorship. I believe a 
> more effective approach would be just do the same the vpngate guys did to 
> beat the chinese firewall. Just mix in the published list some essential or 
> high popularity IPs (ex. DNS servers...) as if they were relays. That would 
> send the censors in a goose-chase when a lot of people start complaining 
> about the block. The cost to censor is raised considerably.

This is somewhat like the approach taken by the meek pluggable transport, which 
uses popular sites to front for a reflector to a Tor bridge.

> They would have to check every relay address before adding it to a blacklist, 
> or risk breaking popular services. It's just not worth the trouble.

This would create a market for providing an accurate list.

T

-- 
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org




___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[Duncan Guthrie]

What I was originally getting at was that the parts of the Raspberry Pi 
that are completely proprietary - while there is a free software 
implementation of the GPU blob, most people don't use that, as they are 
on stock Rasbian, which includes all the nasty "other parts" - are a 
great possibility for hijacking, perhaps through malicious code running 
on the GPU, which controls the CPU in several ways. The problem with 
this isn't that this is unique (Intel computers having so much more 
attack surface) but that a flaw in lots of these small computers that 
power a portion of the network means that an exploit in them due to lack 
of diversity would be much more serious.


The management engine blob is also very serious. One possible mitigation 
might be to run the relays in VMs with good isolation, e.g. Xen on 
recent hardware which has good IOMMU. This makes it much harder to 
exploit the actual software that runs on the ME since the VMs would, in 
theory, have no access to hardware.


It should be of concern on any hardware that is being used for related 
purposes, I think. However, whether it works out in practice as a 
backdoor that is worth exploiting vs other methods is debatable.


Regardless, diversity is good.

On 07/12/16 20:35, Gumby wrote:

  Subject seems to have changed a bit, so not hijacking it.
When thinking of any exploitation of firmware - should there be 
concerns of Intel's Management Engine in the CPU of any relays

 running on "home hardware" in any common unused pc or laptop?
Should that be a concern on ANY newer Intel hardware?

Gumby

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware

[diffusae]

Hmm, interesting subject ...

On 07.12.2016 21:35, Gumby wrote:
>   Subject seems to have changed a bit, so not hijacking it.
> When thinking of any exploitation of firmware - should there be concerns
> of Intel's Management Engine in the CPU of any relays
>  running on "home hardware" in any common unused pc or laptop?
> Should that be a concern on ANY newer Intel hardware?
> 
> Gumby

What do you think about Intel AMT, it's a part of the most modern PCs?


> On 12/07/2016 02:35 PM, diffusae wrote:
>>
>> On 07.12.2016 01:36, Duncan Guthrie wrote:
>>> if some flaw was exploited in the various nasty proprietary bits that
>>> make up the Pi, much of the network might be compromised - due to large
>>> similarities across the different models, this would affect considerable
>>> numbers of devices. So using many different computer models with a large
>>> variety of operating systems is ideal for the network as a whole.
>>
>> Yes, there proprietary parts in the firmware, but also this firmware is
>> free and open source. And there are a lot of people who keep care on it.
>>
>> It's especially very easy to rewrite the boot partition.
>>
>> Regards,
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exploiting firmware (was: Unwarranted discrimination of relays with dynamic IP)

[Gumby]

  Subject seems to have changed a bit, so not hijacking it.
When thinking of any exploitation of firmware - should there be concerns 
of Intel's Management Engine in the CPU of any relays

 running on "home hardware" in any common unused pc or laptop?
Should that be a concern on ANY newer Intel hardware?

Gumby

On 12/07/2016 02:35 PM, diffusae wrote:


On 07.12.2016 01:36, Duncan Guthrie wrote:

if some flaw was exploited in the various nasty proprietary bits that
make up the Pi, much of the network might be compromised - due to large
similarities across the different models, this would affect considerable
numbers of devices. So using many different computer models with a large
variety of operating systems is ideal for the network as a whole.


Yes, there proprietary parts in the firmware, but also this firmware is
free and open source. And there are a lot of people who keep care on it.

It's especially very easy to rewrite the boot partition.

Regards,
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] how to distribute pgp public key?

[teor]

> On 8 Dec. 2016, at 06:40, Univibe  wrote:
> 
> >> I had a thought to publish it on my relay's DirPort (using 
> >> DirPortFrontPage 
> >> and a simple html doc containing the public key). Then I could just 
> >> provide a
> >> link to the DirPort in ContactInfo.
> 
> > It's better to just use a fingerprint. I don't know how efficient or useful
> > that would be. It is also not necessary.
> 
> Okay. Thanks Jason for your reply. I was just thinking about how PGP key 
> exchange seems to frustrate most people and wondering if it would make sense 
> to skip the middleman (keyservers) in this case. Having the public key 
> published directly by the relay establishes trust. There would be no question 
> that the PGP key belongs to the relay operator.

Unfortunately, the DirPortFrontPage is not authenticated: it is plain HTTP.
But the descriptor with the ContactInfo is signed with your relay key.

> However since it's an odd implementation, it might just add confusion instead 
> of making things easier. It sounds like the convention is to just list your 
> fingerprint, so I'll do that. Thanks!

Yes, this is what people typically do. Thanks!

T

-- 
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org




___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] how to distribute pgp public key?

[Univibe]

>> I had a thought to publish it on my relay's DirPort (using DirPortFrontPage
>> and a simple html doc containing the public key). Then I could just provide a
>> link to the DirPort in ContactInfo.

> It's better to just use a fingerprint. I don't know how efficient or useful
> that would be. It is also not necessary.

Okay. Thanks Jason for your reply. I was just thinking about how PGP key 
exchange seems to frustrate most people and wondering if it would make sense to 
skip the middleman (keyservers) in this case. Having the public key published 
directly by the relay establishes trust. There would be no question that the 
PGP key belongs to the relay operator. However since it's an odd 
implementation, it might just add confusion instead of making things easier. It 
sounds like the convention is to just list your fingerprint, so I'll do that. 
Thanks!___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[diffusae]

On 07.12.2016 01:36, Duncan Guthrie wrote:
> if some flaw was exploited in the various nasty proprietary bits that
> make up the Pi, much of the network might be compromised - due to large
> similarities across the different models, this would affect considerable
> numbers of devices. So using many different computer models with a large
> variety of operating systems is ideal for the network as a whole.

Yes, there proprietary parts in the firmware, but also this firmware is
free and open source. And there are a lot of people who keep care on it.

It's especially very easy to rewrite the boot partition.

Regards,
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[diffusae]

:-)

Does anyone needs a P4 with 300 Watts power supply. In idle mode it's
only 100 ...

On 07.12.2016 06:32, Rana wrote:
> I can just imagine someone panting while dragging a sub-$35 old desktop 
> computer up the stairs after physically searching for it in a nearby 
> junkyard. A considerable level of destitution and a commendable commitment to 
> the cause of Tor  would be required.
>  
> -Original Message-
> From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf 
> Of Roman Mamedov
> Sent: Wednesday, December 07, 2016 7:08 AM
> To: Duncan Guthrie
> Cc: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
> 
> On Wed, 7 Dec 2016 00:36:15 +
> Duncan Guthrie  wrote:
> 
>> My original figure may have been... somewhat off. With different 
>> models they may have updated the network hardware.
> 
> They did not. All models with Ethernet use the same SMSC LAN9514 chip.
> 
>> A more general point is that old desktop computers still offer better 
>> performance than a Raspberry Pi. You can easily get one for 
>> considerably less than the cost of a Pi
> 
> And pay more than the cost of a Pi in electricity.
> 
> --
> With respect,
> Roman
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Tristan]

You're seriously going to play the "be polite" card after this entire
thread happened? I give up.

Fuck this, unsubscribed. If you need me, I'll be hiding in my cold dark
corner.


On Dec 7, 2016 10:02 AM, "Ralph Seichter"  wrote:

On 07.12.16 15:44, Tristan wrote:

> Stop it, both of you. This is not the place for a flame war. If this
> were a forum, the topic would be locked.

It is not a forum, it is not a flame war, and you'd do well to be a lot
more polite before you try to take the moral high ground and presume to
tell other people what to do.

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Ralph Seichter]

On 07.12.16 15:44, Tristan wrote:

> Stop it, both of you. This is not the place for a flame war. If this
> were a forum, the topic would be locked.

It is not a forum, it is not a flame war, and you'd do well to be a lot
more polite before you try to take the moral high ground and presume to
tell other people what to do.

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Rana]

-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of 
Paul Syverson
Sent: Wednesday, December 07, 2016 4:34 PM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Is there a reason for all exit nodes being public?

On Wed, Dec 07, 2016 at 02:15:55PM +0200, Rana wrote:
>>As of last April, FaceBook reported over a million users per month via Tor. 

I am sure that the 1 million FB users connect via Tor not because they want to 
hide their location but the want to hide WHO they are. Hence their 
authentication information is mostly false and they use Tor for personal 
anonymity, not for anonymous routing. 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Tristan]

This is exactly why I use Tor.

I imagine a lot of people use Tor to bypass network restrictions, like
school/University firewalls or counties like China and Pakistan.

On Dec 7, 2016 9:11 AM, "heartsucker"  wrote:

> As one of the Tor users who connects to services where I have to use my
> real name (e.g., my banks), I think it's not helpful to make assumptions
> about everyone's use case. Part of why I use Tor is to keep my ISPs from
> snooping on what I'm doing, and it's possible some of these millions of
> facebook users are doing the same.
>
> -h
>
> On 12/07/2016 04:07 PM, Rana wrote:
> >
> >
> > -Original Message-
> > From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On
> Behalf Of Paul Syverson
> > Sent: Wednesday, December 07, 2016 4:34 PM
> > To: tor-relays@lists.torproject.org
> > Subject: Re: [tor-relays] Is there a reason for all exit nodes being
> public?
> >
> > On Wed, Dec 07, 2016 at 02:15:55PM +0200, Rana wrote:
> >>> As of last April, FaceBook reported over a million users per month via
> Tor.
> >
> > I am sure that the 1 million FB users connect via Tor not because they
> want to hide their location but the want to hide WHO they are. Hence their
> authentication information is mostly false and they use Tor for personal
> anonymity, not for anonymous routing.
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Anonymous email (was: Is there a reason for all exit nodes being public?)

[Rana]

>
>Protonmail supports receiving a verification code by email. Use a disposable 
>email provider that isn't blocked to receive the code. I _just_ made a 
>protonmail account to test.
>
>https://10minutemail.net/ worked for me just now.
>
>https://10minutemail.com did not work as protonmail recognized the address I 
>got from it as being temporary.
>
>Hope that helps.
>
>Matt

I already had it solved but I tipped a friend about https://10minutemail.net 
and it worked for him, for which he thanks you. I wonder how long it will take 
Protonmail to close this loophole :)

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Tristan]

Stop it, both of you. This is not the place for a flame war. If this were a
forum, the topic would be locked.

Can we just have a normal conversation and get back to what this mailing
list is actually used for?


On Dec 7, 2016 5:29 AM, "Rana"  wrote:

There's an alternative interpretation but mentioning in reply to your
message would be... rude :-)

-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf
Of Ralph Seichter
Sent: Wednesday, December 07, 2016 12:59 PM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic
IP

On 07.12.2016 10:56, Rana wrote:

> Calling "rude" people who, to make a point, use a bit of obvious and
> harmless humor, is rude.

Your getting on other people's nerves must *obviously* be the fault of
other people. Welcome to Trump World. :-)

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Paul Syverson]

On Wed, Dec 07, 2016 at 02:15:55PM +0200, Rana wrote:
> >How would that work? First of all, the clients need to know which exit nodes 
> >exist, so that they can build circuits. That list, as well as that of the 
> >middle nodes, is public, otherwise you'd >have to manually request exits by 
> >email/web service/… As a result you'd be limited to a few exits, which might 
> >not necessarily have an exit policy matching your needs, or might be 
> >offline, >or simply overloaded on account of there being less than regular 
> >exits.
> The same way bridges work. They are not published.
> 
> >By the way, I just checked, Gmail works without problems over Tor (both Web 
> >and IMAPS).
> Using Gmail over Tor when they already know who you are is
> self-defeating. Try to register an anonymous Gmail account using
> Tor.

Responses have already been given in this thread about trying to
obtain an email account that is anonymous (err, pseudonymous) with the
intended meaning that the service provider is not directly given
another identity (phone number, etc.) intended to be kept
separate---where "given" means that the service provider can (easily)
associate these. (So not some sort of ZKP of a blinded credential, etc.)

'Anonymous' often gets thrown around quite recklessly, but the much
more important problem with the above statement is perpetuating the
false impression that letting a service provider know such
associations must be contrary to the goals of Tor.  As we wrote in
1996, "Our motivation here is not to provide anonymous communication,
but to separate identification from routing. Authenticating
information must be carried in the data stream...  use of a public
network should not automatically reveal the identities of
communicating parties. The goal here is anonymous routing, not
anonymity." As of last April, FaceBook reported over a million users
per month via Tor. As to GMail, you might want to access GMail over
Tor to complicate geo-location by GMail, or because you don't want a
local ISP (or your VPN provider or...) to know you are accessing
GMail, or...

aloha,
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is my exit affected by a botnet?

[Sec INT]

I get abuse reports like that - my exit is not yet officially recognised as an 
exit so is curretly seen as the source of the attack - its unlikely your server 
is infected its just the traffic from your exit - especially as you using port 
443 - just send standard abuse template to them if its a problem for the isp

U could always install clamav and do a quick check on your server if u think 
its necessary 

regards

Mark B


> On 7 Dec 2016, at 14:09, Volker Mink  wrote:
> 
> hey folks.
>  
> i got an abuse-information from my provider, please see details attached.
> could this propably be caused by some malware on my tor exit?
>  
> Any ideas on this?
>  
> Best,
> volker
>  
>  
>  
> 
> https://unity.abusehq.net/share/gFraliWxA_A-0uCFJvSxAkPRxYn536JoReAkl2MNUuCq3TNWJ8f4uXJVypwWAnVa
> 
>  
> 
>  
> 
> MAC Address   IP
> 
> f07959d25289 109.90.11.123
> 
>  
> 
> Date:
> 
> 06.12.2016 11:16
> 
>  
> 
> Type:
> 
> bot-infection
> 
>  
> 
> Reporter:
> 
> secur...@libertyglobal.com
> 
>  
> 
> IP address:
> 
> 109.90.11.123
> 
>  
> 
> Incident part:
> 
> - malware family: virut
> 
> - destination ip: 148.81.111.121
> 
> - destination port: 80
> 
> - feeder: team cymru
> 
> - description: This host is most likely infected with malware.
> 
>  
> 
> Date:
> 
> 05.12.2016 10:00
> 
>  
> 
> Type:
> 
> malware
> 
>  
> 
> Reporter:
> 
> repo...@reports.cert-bund.de
> 
>  
> 
> IP address:
> 
> 109.90.11.123
> 
>  
> 
> Incident part:
> 
> - malware: urlzone
> 
> - destination ip: 64.71.166.50
> 
> - destination port: 443
> 
> - destination hostname: didnadinka.net
> 
> - asn: 6830
> 
>  
> 
> Date:
> 
> 02.12.2016 19:16
> 
>  
> 
> Type:
> 
> bot-infection
> 
>  
> 
> Reporter:
> 
> secur...@libertyglobal.com
> 
>  
> 
> IP address:
> 
> 109.90.11.123
> 
>  
> 
> Incident part:
> 
> - malware family: zeus
> 
> - destination ip: 87.106.18.112
> 
> - http request: /config
> 
> - destination port: 80
> 
> - destination domain name: mabqg.com
> 
> - feeder: shadowserver
> 
> - report type: botnet_drone
> 
> - description: This host is most likely infected with malware.
> 
>  
> 
>  
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[myflyrybr]

Trying to hide exit nodes would have little effect on censorship. I believe a 
more effective approach would be just do the same the vpngate guys did to beat 
the chinese firewall. Just mix in the published list some essential or high 
popularity IPs (ex. DNS servers...) as if they were relays. That would send the 
censors in a goose-chase when a lot of people start complaining about the 
block. The cost to censor is raised considerably. They would have to check 
every relay address before adding it to a blacklist, or risk breaking popular 
services. It's just not worth the trouble.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Anonymous email (was: Is there a reason for all exit nodes being public?)

[Volker Mink]

Lucky me, i signed up in the early beta state and got everything for free without phone number.
 

Gesendet: Mittwoch, 07. Dezember 2016 um 15:06 Uhr
Von: "Matt Traudt" 
An: tor-relays@lists.torproject.org
Betreff: Re: [tor-relays] Anonymous email (was: Is there a reason for all exit nodes being public?)



On 12/7/16 08:41, Rana wrote:
> Protonmail is exactly the same thing, if you want to register a free account you need to provide your phone number. You can register "anonymously" in ProtonMail only for paid account, and even if you are willing to pay for anonymity, you need to pay in bitcoin which ultimately discloses you identity - so again, not anonymous.
>

Protonmail supports receiving a verification code by email. Use a
disposable email provider that isn't blocked to receive the code. I
_just_ made a protonmail account to test.

https://10minutemail.net/ worked for me just now.

https://10minutemail.com did not work as protonmail recognized the
address I got from it as being temporary.

Hope that helps.

Matt
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Is my exit affected by a botnet?

[Volker Mink]

hey folks.

 

i got an abuse-information from my provider, please see details attached.

could this propably be caused by some malware on my tor exit?

 

Any ideas on this?

 

Best,

volker

 



 
 

https://unity.abusehq.net/share/gFraliWxA_A-0uCFJvSxAkPRxYn536JoReAkl2MNUuCq3TNWJ8f4uXJVypwWAnVa

 

 

MAC Address       IP

f07959d25289     109.90.11.123

 

Date:

06.12.2016 11:16

 

Type:

bot-infection

 

Reporter:

secur...@libertyglobal.com

 

IP address:

109.90.11.123

 

Incident part:

- malware family: virut

- destination ip: 148.81.111.121

- destination port: 80

- feeder: team cymru

- description: This host is most likely infected with malware.

 

Date:

05.12.2016 10:00

 

Type:

malware

 

Reporter:

repo...@reports.cert-bund.de

 

IP address:

109.90.11.123

 

Incident part:

- malware: urlzone

- destination ip: 64.71.166.50

- destination port: 443

- destination hostname: didnadinka.net

- asn: 6830

 

Date:

02.12.2016 19:16

 

Type:

bot-infection

 

Reporter:

secur...@libertyglobal.com

 

IP address:

109.90.11.123

 

Incident part:

- malware family: zeus

- destination ip: 87.106.18.112

- http request: /config

- destination port: 80

- destination domain name: mabqg.com

- feeder: shadowserver

- report type: botnet_drone

- description: This host is most likely infected with malware.

 

 







smime.p7s
Description: S/MIME cryptographic signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Anonymous email (was: Is there a reason for all exit nodes being public?)

[Matt Traudt]

On 12/7/16 08:41, Rana wrote:

Protonmail is exactly the same thing, if you want to register a free account you need to 
provide your phone number. You can register "anonymously" in ProtonMail only 
for paid account, and even if you are willing to pay for anonymity, you need to pay in 
bitcoin which ultimately discloses you identity - so again, not anonymous.



Protonmail supports receiving a verification code by email. Use a 
disposable email provider that isn't blocked to receive the code. I 
_just_ made a protonmail account to test.


https://10minutemail.net/ worked for me just now.

https://10minutemail.com did not work as protonmail recognized the 
address I got from it as being temporary.


Hope that helps.

Matt
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Rana]

>>> By the way, I just checked, Gmail works without problems over Tor (both Web 
>>> and IMAPS).
>> Using Gmail over Tor when they already know who you are is self-defeating. 
>> Try to register an anonymous Gmail account using Tor.

>Doable. They require a phone number for verification, but that's the same with 
>and without Tor. Besides, if you want an anonymous email, use _anything but 
>Gmail_, eg. ProtonMail.

Providing you phone number during registration = registration is not anonymous, 
so anonymous registration of a Gmail account using Tor is NOT doable. 

Last time I tried, this did not work. I provided the SMS number in a Tor 
registration attempt and Gmail said we cannot register you "at this time", 
without even trying to send me an SMS.

Protonmail is exactly the same thing, if you want to register a free account 
you need to provide your phone number. You can register "anonymously" in 
ProtonMail only for paid account, and even if you are willing to pay for 
anonymity, you need to pay in bitcoin which ultimately discloses you identity - 
so again, not anonymous.

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Matthew Finkel]

On Wed, Dec 07, 2016 at 02:25:03PM +0200, Rana wrote:
> 
> On Wed, Dec 07, 2016 at 11:51:34AM +, Matthew Finkel wrote:
> >> On Wed, Dec 07, 2016 at 01:25:59PM +0200, Rana wrote:
> >> > I mean, why aren't some exit nodes kept hidden, at least partially 
> >> > and temporarily, like bridges? This would mitigate web services 
> >> > denying service to Tor users (Gmail is the most recent example), 
> >> > plus would increase security.
> >> 
> > I'll simply refer you to the FAQ:
> 
> >That was rude of me, answer below. Do you disagree with the reasoning?
> 
> That was not rude at all, thank you for the reference to the FAQ. I largely 
> got a satisfactory explanation there although points (b) and (c) might be 
> controversial. 
> 
> The one point I find difficult to agree with is "(a) We can't help but make 
> the information available, since Tor clients need to use it to pick their 
> paths." If bridges can be hidden and provided to clients on as-needed basis, 
> so can exits.

Yes, this is true, and it's a topic that comes up every couple years. But,
there are significant differences between bridges and exits. First, choosing
your circuit's exit manually is a usability nightmare and could destroy your
anonymity. Even if you give your tor client a small set of "hidden" exits,
over time traffic from these nodes will be linked to your connections and they
will be linked to Tor. It's not easy for users know when this happens. Tor
tries extremely hard at preventing users from hurting themselves.

Research has shown that bridges (and guards) should be used for longer periods
of time, but if you use an exit for too long then you risk leaking too much
information about your behavior (to both the exit and the destination server).

Similarly, using a hidden exit becomes more risky if the user is already using
a bridge because there is (currently) less oversight of the bridges than there
is for the public network. This would likely be true for hidden exits, as well.
This presents the problem that traffic analysis attacks against a small subset
of Tor users become incredibly easy.

When it comes to hidden nodes, they never remain hidden forever. Some
adversaries already crawl the list of bridges and block them, other adversaries
would do the same if some exit nodes were not public.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Peter Ludikovsky]

>> How would that work? First of all, the clients need to know which exit nodes 
>> exist, so that they can build circuits. That list, as well as that of the 
>> middle nodes, is public, otherwise you'd >have to manually request exits by 
>> email/web service/… As a result you'd be limited to a few exits, which might 
>> not necessarily have an exit policy matching your needs, or might be 
>> offline, >or simply overloaded on account of there being less than regular 
>> exits.
> The same way bridges work. They are not published.

See the answer by Matthew about that, apparently that question has
already been answered in the FAQ.


>> By the way, I just checked, Gmail works without problems over Tor (both Web 
>> and IMAPS).
> Using Gmail over Tor when they already know who you are is self-defeating. 
> Try to register an anonymous Gmail account using Tor.

Doable. They require a phone number for verification, but that's the
same with and without Tor. Besides, if you want an anonymous email, use
_anything but Gmail_, eg. ProtonMail.



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Rana]

On Wed, Dec 07, 2016 at 11:51:34AM +, Matthew Finkel wrote:
>> On Wed, Dec 07, 2016 at 01:25:59PM +0200, Rana wrote:
>> > I mean, why aren't some exit nodes kept hidden, at least partially 
>> > and temporarily, like bridges? This would mitigate web services 
>> > denying service to Tor users (Gmail is the most recent example), 
>> > plus would increase security.
>> 
> I'll simply refer you to the FAQ:

>That was rude of me, answer below. Do you disagree with the reasoning?

That was not rude at all, thank you for the reference to the FAQ. I largely got 
a satisfactory explanation there although points (b) and (c) might be 
controversial. 

The one point I find difficult to agree with is "(a) We can't help but make the 
information available, since Tor clients need to use it to pick their paths." 
If bridges can be hidden and provided to clients on as-needed basis, so can 
exits.

Rana



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Rana]

>How would that work? First of all, the clients need to know which exit nodes 
>exist, so that they can build circuits. That list, as well as that of the 
>middle nodes, is public, otherwise you'd >have to manually request exits by 
>email/web service/… As a result you'd be limited to a few exits, which might 
>not necessarily have an exit policy matching your needs, or might be offline, 
>>or simply overloaded on account of there being less than regular exits.
The same way bridges work. They are not published.

>By the way, I just checked, Gmail works without problems over Tor (both Web 
>and IMAPS).
Using Gmail over Tor when they already know who you are is self-defeating. Try 
to register an anonymous Gmail account using Tor.


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Peter Ludikovsky]

How would that work? First of all, the clients need to know which exit
nodes exist, so that they can build circuits. That list, as well as that
of the middle nodes, is public, otherwise you'd have to manually request
exits by email/web service/… As a result you'd be limited to a few
exits, which might not necessarily have an exit policy matching your
needs, or might be offline, or simply overloaded on account of there
being less than regular exits.

By the way, I just checked, Gmail works without problems over Tor (both
Web and IMAPS).

Regards
/peter

On 12/07/2016 12:25 PM, Rana wrote:
> I mean, why aren’t some exit nodes kept hidden, at least partially and
> temporarily, like bridges? This would mitigate web services denying
> service to Tor users (Gmail is the most recent example), plus would
> increase security.
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Matthew Finkel]

On Wed, Dec 07, 2016 at 11:51:34AM +, Matthew Finkel wrote:
> On Wed, Dec 07, 2016 at 01:25:59PM +0200, Rana wrote:
> > I mean, why aren't some exit nodes kept hidden, at least partially and
> > temporarily, like bridges? This would mitigate web services denying service
> > to Tor users (Gmail is the most recent example), plus would increase
> > security.
> 
> I'll simply refer you to the FAQ:

That was rude of me, answer below. Do you disagree with the reasoning?


  *You should hide the list of Tor relays, so people can't block the exits.*
  There are a few reasons we don't:

a. We can't help but make the information available, since Tor clients
need to use it to pick their paths. So if the "blockers" want it, they can
get it anyway. Further, even if we didn't tell clients about the list of
relays directly, somebody could still make a lot of connections through Tor
to a test site and build a list of the addresses they see.

b. If people want to block us, we believe that they should be allowed to do
so. Obviously, we would prefer for everybody to allow Tor users to connect
to them, but people have the right to decide who their services should
allow connections from, and if they want to block anonymous users, they can.

c. Being blockable also has tactical advantages: it may be a persuasive
response to website maintainers who feel threatened by Tor. Giving them the
option may inspire them to stop and think about whether they really want to
eliminate private access to their system, and if not, what other options 
they
might have. The time they might otherwise have spent blocking Tor, they may
instead spend rethinking their overall approach to privacy and anonymity.


> 
> https://www.torproject.org/docs/faq.html.en#HideExits
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is there a reason for all exit nodes being public?

[Matthew Finkel]

On Wed, Dec 07, 2016 at 01:25:59PM +0200, Rana wrote:
> I mean, why aren't some exit nodes kept hidden, at least partially and
> temporarily, like bridges? This would mitigate web services denying service
> to Tor users (Gmail is the most recent example), plus would increase
> security.

I'll simply refer you to the FAQ:

https://www.torproject.org/docs/faq.html.en#HideExits
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Rana]

There's an alternative interpretation but mentioning in reply to your message 
would be... rude :-)

-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of 
Ralph Seichter
Sent: Wednesday, December 07, 2016 12:59 PM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

On 07.12.2016 10:56, Rana wrote:

> Calling "rude" people who, to make a point, use a bit of obvious and 
> harmless humor, is rude.

Your getting on other people's nerves must *obviously* be the fault of other 
people. Welcome to Trump World. :-)

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Is there a reason for all exit nodes being public?

[Rana]

I mean, why aren't some exit nodes kept hidden, at least partially and
temporarily, like bridges? This would mitigate web services denying service
to Tor users (Gmail is the most recent example), plus would increase
security.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Ralph Seichter]

On 07.12.2016 10:56, Rana wrote:

> Calling "rude" people who, to make a point, use a bit of obvious and
> harmless humor, is rude.

Your getting on other people's nerves must *obviously* be the fault of
other people. Welcome to Trump World. :-)

-Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Rana]

Calling "rude" people who, to make a point, use a bit of obvious and harmless 
humor, is rude.

-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of 
Duncan Guthrie
Sent: Wednesday, December 07, 2016 11:41 AM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

On 07/12/16 05:32, Rana wrote:
> I can just imagine someone panting while dragging a sub-$35 old desktop 
> computer up the stairs after physically searching for it in a nearby 
> junkyard. A considerable level of destitution and a commendable commitment to 
> the cause of Tor  would be required.
This is hardly the case. Computers are so widespread that an old desktop system 
with even twice the power of the Pi can be had for buttons.
There is no need to be rude about the suggestions that people on this list make.

Duncan
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[Duncan Guthrie]

On 07/12/16 05:32, Rana wrote:

I can just imagine someone panting while dragging a sub-$35 old desktop 
computer up the stairs after physically searching for it in a nearby junkyard. 
A considerable level of destitution and a commendable commitment to the cause 
of Tor  would be required.
This is hardly the case. Computers are so widespread that an old desktop 
system with even twice the power of the Pi can be had for buttons.
There is no need to be rude about the suggestions that people on this 
list make.


Duncan
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relays with dynamic IP - here Rasp2

[Roman Mamedov]

On Wed, 7 Dec 2016 11:13:54 +0200
"Rana"  wrote:

> But is it possible to tell Tor on which cores to run? I mean, install a 2nd
> instance of Tor and tell it to run on the two cores not used by the first
> instance?

The Linux kernel will sort it out automatically. Deciding optimally which
programs get to run on which cores is the kernel's job.

It's also possible to pin programs to specific cores using "schedtool", but
that's more of an advanced tuning trick: not something you should need as the
first thing you do, but you could look into that if you get to the point when
both of them use 100% CPU, and you want to micro-optimize things a bit further.

-- 
With respect,
Roman
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relays with dynamic IP - here Rasp2

[Roman Mamedov]

On Wed, 7 Dec 2016 11:02:59 +0200
"Rana"  wrote:

> >> Wow nice bandwidth you are pushing through Paul! You mean two Raspi 2's 
> >> sharing an Internet connection, each relaying 27 Gbytes per day at 5.4 
> >> Mbit/s on the average?? Total 10.8 Mbit/s?? Or 2.7 Mbit/s each?
> > 
> > It is just 1 single Rasp2 - running 2 tor instances on 1 IP, details 
> > here 
> > https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt
> 
> Any specific reason you have for running 2 instances of Tor on the same Raspi 
> instead of one?

It has 4 cores, and a single instance of Tor cannot utilize all of them. It
only uses one core and maybe 20-30% at most of another.

Ideally you would run 3-4 Tor instances on a 4-core machine (if RAM allows),
but the maximum allowed by the Tor authority servers is 2 per IPv4.

-- 
With respect,
Roman
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relays with dynamic IP - here Rasp2

[Rana]

>> Wow nice bandwidth you are pushing through Paul! You mean two Raspi 2's 
>> sharing an Internet connection, each relaying 27 Gbytes per day at 5.4 
>> Mbit/s on the average?? Total 10.8 Mbit/s?? Or 2.7 Mbit/s each?
> 
> It is just 1 single Rasp2 - running 2 tor instances on 1 IP, details 
> here 
> https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt

Any specific reason you have for running 2 instances of Tor on the same Raspi 
instead of one?

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays