A link to the DMCA Archive for those who want to see them:
https://github.com/GreyPony/dmca
On Fri, Aug 10, 2018 at 4:38 PM wrote:
> I'm gathering them for all of the Greypony relays...if you're interested
> in that information, I can give you some charts if you want. I plan to
> start
Interesting. Is there any reason to not use an obfuscated bridge?
On Mon, Aug 20, 2018 at 2:16 PM David Fifield wrote:
> On Sun, Aug 19, 2018 at 07:41:26PM -0400, Nathaniel Suchy wrote:
> > Is China successfully probing OBFS4 bridges? Or does this apply more to
> non
> > obfs
Except perhaps the directory authorities?
On Mon, Aug 20, 2018 at 7:19 PM, Alec Muffett
wrote:
> One point that's been completely missed in the hyperbolic fear-mongering
> so far:
>
> Even if Cloudflare onionified a bazillion domain names, there are still
> only a few million people who use Tor
dth /
> connections they are expecting to route?
>
> Having a sense of scale in a ratio of current numbers I think would let
> everyone plan for what they're currently seeing multiply by X as a
> baseline.
>
>
> On 2018-08-20 11:23 AM, Nathaniel Suchy wrote:
> > As some of you m
,
Nathaniel Suchy
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Imagine if Cloudflare adds CAPTCHAs to Onion services. Now that’d be
something
On Tue, Aug 21, 2018 at 1:18 PM grarpamp wrote:
> On Mon, Aug 20, 2018 at 7:19 PM, Alec Muffett
> wrote:
> > Even if Cloudflare onionified a bazillion domain names, there are still
> only
> > a few million people
Is there a way to switch my current relays to use offline keys and
invalidate the old keys without losing current stats?
On Tue, Aug 28, 2018 at 7:28 AM nusenu wrote:
> Jordan:
> > I'd be much more supportive of the typical "donate x to have a relay
> > hosted for you" [1][2] rather than "host
Thanks for the heads up.
On Tue, Aug 28, 2018 at 8:42 PM teor wrote:
>
> > On 29 Aug 2018, at 05:38, nusenu wrote:
> >
> > Signed PGP part
> >
> >
> > Nathaniel Suchy:
> >> Is there a way to switch my current relays to use offline keys and
>
Hi Ralph,
Writing to you off-list. I'm sorry to hear you had a bad experience with
GreyPony IT Services.
Cordially,
Nathaniel
On Mon, Aug 27, 2018 at 1:59 PM Ralph Seichter
wrote:
> On 27.08.18 19:11, zimmer linux wrote:
>
> > Well done to Conrad - I say. The more, the merrier.
>
> I
ust. Although, better path selection could play in
here :)
Cordially,
Nathaniel Suchy
On Mon, Aug 27, 2018 at 8:37 PM Jordan wrote:
> >> No, because Digital Ocean doesn't market itself as a relay hoster-- the
> >> percentage of relay-hosting clients wouldn't even near 0.1%.
> &g
everything about the circuit most of the time.
Everyone on the list has a had very insightful and helpful thoughts on this
discussion so far and I'm looking forward to getting more discussion of the
broader issue.
Cordially,
Nathaniel Suchy
___
tor-relays
read regarding Conrad and
I's services as that's been discussed enough. Let's discuss path
selection among the same hosting provider in general.
On Mon, Aug 27, 2018 at 10:09 PM teor wrote:
> > On 28 Aug 2018, at 10:47, Nathaniel Suchy wrote:
> >
> > Tor will already avoid
Hi David,
Couldn't I firewall the non-obfs port so only looback addresses may access
it?
Cordially,
Nathaniel Suchy
On Tue, Aug 21, 2018 at 11:37 AM David Fifield
wrote:
> On Mon, Aug 20, 2018 at 02:25:40PM -0400, Nathaniel Suchy wrote:
> > Interesting. Is there any reason t
as possible until they get
too many to ever hope to respond to and then try to get them to terminate
your account. Depending on the ISP it'll work.
Cordially,
Nathaniel Suchy
On Wed, Aug 29, 2018 at 8:49 AM Ralph Seichter
wrote:
> On 29.08.2018 12:48, John Ricketts wrote:
>
> > For the n
If you were required to hand over your relay keys be sure to switch over to
new ones to avoid future traffic from being affected by MITMs.
On Mon, Jul 23, 2018 at 12:26 PM IPfail (Tor Admin)
wrote:
> Vasilis,
>
> It turned out to be a pretty "non-event". The jurisdiction was a
> relatively
) situation A could happen. The odds might not be in your favor. Don't
risk that!
Cordially,
Nathaniel Suchy
On Thu, Aug 30, 2018 at 3:25 PM grarpamp wrote:
> This particular case receiving mentions for at least a few months...
> D1E99DE1E29E05D79F0EF9E083D18229867EA93C kommissarov 185.125.
8229867EA93C kommissarov 185.125.33.114
>
>
> On Thu, 30 Aug 2018 at 22:11, Nathaniel Suchy wrote:
>
>> So this exit node is censored by Turkey. That means any site blocked in
>> Turkey is blocked on the exit. What about an exit node in China or Syria or
>> Iraq? The
Hi Livak,
Yes OFTC Webchat works over Tor. Also you can run “torify irssi” in bash if
you’re about the command line life. Sometimes OFTC blocks Tor briefly.
Sometimes just webchat, sometimes IRSSI too. You might want to consider
using a VPS as a bouncer so you aren’t locked out of the meetings :)
Recently we've been discussing a Tor Exit in Turkey censoring access to
various websites.
It's less to some err, disagreements on what should and should not be
allowed. I've seen a few opinions:
*) It grants an outside view at what Turkey censors
*) It could push new tor users away
This leads me
> Using an obscure port only prevents attempts being logged, nothing else.
And if you’re going to use an alternate port, pick one under 1024. Make it
so an attacker needs to be root before they replace your sshd process.
If you take that approach, make sure you are using a hardware firewall
For DoS traffic, it'd be nice to have some agreed upon rate limit rules of
obvious syn flood and similar traffic which both stop the attacks, or slow
them down so they don't affect anything and cause complaints, while still
allowing legitimate traffic to flow as normal. Scaleway knows about Tor,
I run a "browser-only" exit relay at Scaleway, by "browser-only" I mean
only ports 53 (DNS), 80 (HTTP), 443 (HTTPS) and so far it's gone well.
Their support recommends if you run "an open proxy" to check your abuse
inbox daily (See: https://cloud.scaleway.com/#/abuses) as they will suspend
after
If your service is automatically terminated, will they reinstate once
you respond?
On Sat, Sep 8, 2018 at 3:52 AM Anders Andersson wrote:
>
> On Tue, Sep 4, 2018 at 11:00 PM, Paul wrote:
> > I made the same experience as you several times in the last few weeks with
> > Scaleway.
> > Usually you
ing it and
> the result is the same than websites blocking the country, users of that
> exit can't access the websites just because the exit is in that country but
> doesn't do any filtering itself.
>
> On Thu, 30 Aug 2018, 16:14 Nathaniel Suchy, wrote:
>
>> That’s a website blockin
ted with a detection addon in Tor Browser? Detect that
> the site may be blocked at the exit and offer to fetch a new circuit for
> the site?
>
>
> On Thu, Aug 30, 2018, 19:22 Nathaniel Suchy wrote:
>
>> The exit is behind a filtered ISP. Opposed to a website blocking exits.
>&g
On 8/30/2018 2:11 PM, Nathaniel Suchy wrote:
>
> So this exit node is censored by Turkey. That means any site blocked in
> Turkey is blocked on the exit. What about an exit node in China or Syria or
> Iraq? They censor, should exits there be allowed? I don't think they
> should.
I live in the United States so they’d need to pass an act here for it to be
enforced, which would be constitutionally challenged with every last legal
measure available. Have you seen the legal shitstorm with social networks
censoring conservatives, can you imagine them hearing the government is
Hi. I would like to run a public OBFS4 Tor Bridge. Digitalocean’s price
changes made running an exit too expensive. In comparison how much
bandwidth would a Tor bridge use per month?
Cheers,
Nathaniel
___
tor-relays mailing list
Scaleway is an option that's worth considering. Hetzner Cloud is also good
but I'd avoid running an exit there. If you try BuyVM make sure you have a
dedicated CPU Core or you could have trouble with the fair share CPU policy
with crypto using too much CPU time.
On Tue, Jul 3, 2018 at 5:36 AM,
make Tor use even stronger keys and such? I want things to be as hard
to hack as possible.
Cordially,
Nathaniel Suchy
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
If your relay restarts it’ll temporarily lose the guard flag or if it has
slower than average bandwidth it won’t be granted the guard flag.
On Mon, Oct 22, 2018 at 7:00 AM Harkirat Virk wrote:
>
> Hi,
>
> I am running an Tor Node nickname 3sKtjMnoiZAIGz07 from ip 59.179.28.221.
> I was given
The Tor relays guide in trac makes that recommendation.
On Fri, Oct 19, 2018 at 11:07 PM Conrad Rockenhaus
wrote:
> Would you make a recommendation of running unbound on the local exit nodes
> to resolve local DNS server congestion to get around this issue?
>
> Thanks,
>
> Conrad
>
> > On Oct
,
Nathaniel Suchy
On Fri, Nov 2, 2018 at 3:38 PM wrote:
> No, I`m not hosting any Tor exits in my apartment. Only Relay without
> exit.
> I have some pool of vmware systems with public ips, they are running doing
> nothing... so I have decided to put some non exit tor traffic to them.
>
That money pays for other costs including but not limited to:
*) Hosting torproject.org and core infrastructure.
*) Paying full time developers
*) Marketing expenses
*) Advocacy expenses
*) Funding research projects
*) Bug bounties? (Can a Tor Project staffer confirm if donation money is
used for
Hi Isaac,
The tool “ifconfig” shows the amount of traffic since last reboot. The tool
vnstat is nice but you should check what data it stores. Any data
collection however small is a fine line with US Federal Wiretapping laws.
Be careful. Running a Tor Exit at your home is dangerous, it might be
A bit confused. Are you running a Tor Exit or the Tor Browser Bundle?
Cordially,
Nathaniel Suchy
On Fri, Nov 2, 2018 at 2:32 PM wrote:
> Hi,
>
> is it secure to run Tor Relay / Tor browser on Vmware ?
> On my Windows 10 desktop I have installed VMware Player where is running
&
be more specific. Are you hosting a Tor Exit in
your home?
Cordially,
Nathaniel Suchy
On Fri, Nov 2, 2018 at 2:52 PM wrote:
> Sorry Nathaniel, my english is not so well.
>
> General I`m using Virtual operating system + Tor Web Browser to browse the
> internet.
> My question i
At that point it might be worth installing Linux on the computer and
running a relay that way :)
On Thu, Oct 4, 2018 at 2:28 AM Keifer Bly wrote:
> Hi all,
>
>
>
> So I am having a bit of a dilemma, the computer I am running my relay on
> is running Mac OS High Sierra, and despite the fact that
.
Whatever we do it turns out negative for someone.
Cordially,
Nathaniel Suchy
On Thu, Oct 4, 2018 at 3:50 PM s7r wrote:
> George wrote:
> > Roman Mamedov:
> >> On Wed, 3 Oct 2018 03:52:24 +0200
> >> niftybunny wrote:
> >>
> >>> A Tor friendly ISP is
Another update:
Conrad hired a contractor to replace a broken switch and fix the cabling so
the redundant switch would take over in the event of a failure again. An
SLA credit will be issued to affected customers.
Cordially,
Nathaniel Suchy
On Wed, Oct 3, 2018 at 7:08 PM Mirimir wrote:
> On
Hi Matt,
That project is now in the works. Meanwhile will other community members
continue creating threads about our organization? It has to stop on both
ends otherwise we’re forced to respond when people create threads about us.
Cordially,
Nathaniel Suchy
On Thu, Oct 4, 2018 at 6:24 PM Matt
.
Cordially,
Nathaniel Suchy
On Tue, Oct 2, 2018 at 4:41 PM Olaf Grimm wrote:
> Yes, since some days. I cancel my accounts and looking forward to other
> provider. greyponyit.com and XOA-Portal are offline. Two weeks ago my
> server in the USA gone offline, two day ago my server in E
,
Nathaniel Suchy
On Mon, Oct 1, 2018 at 4:59 PM wrote:
> Hi,
>
> is it possible to build tor non-exit relay and bridge on the same IP,
> the same tor instance ?
>
> I have running Freebsd non-exit relay instance and I can build more
> instances in different countries, t
I use a platform called time and SSH :)
On Mon, Sep 3, 2018 at 10:12 PM Isaac Grover, Aileron I.T. <
igro...@aileronit.com> wrote:
> Good evening,
>
> For those of you who manage multiple exits and/or relays, what
> program/platform do you use to manage them?
>
> Make your day great,
> Isaac
You have to decide a balance of usefulness to a legitimate operator and
privacy concerns. I could just as easily run Wireshark or TCPDump on my
relays and get client IP Addresses that way. You are trusting most
operators, like me, are the good guys. Of course a client IP isn’t very
useful without
I use Google’s G Suite with my personal domain name for email. They let you
drop emails or send them to spam if they contain certain words or phrases.
Beyond that disable conversation view and press report spam on the
individual emails and hope the spam filter improves to the point you no
longer
traffic,
potentionally being a user's guard, among other things :)
Cordially,
Nathaniel Suchy
Jan 6, 2019, 5:42 AM by toralf.foers...@gmx.de:
> If just 1 port would be opened at an relay, eg. 6697, would this help the Tor
> network or would only spammers and DDoS use tha
It's scary to think there are bad people out there actively trying to harm our
community :(
Cordially,
Nathaniel Suchy
Dec 12, 2018, 10:46 AM by dgou...@torproject.org:
> On 12 Dec (09:33:58), Toralf Förster wrote:
>
>> On 12/11/18 10:54 PM, nusenu wrote:
>> > from thei
I'll add most providers willing to do custom WHOIS records are generally much
more expensive. Is custom WHOIS an absolute requirement? Many providers are
willing to work with you.
Cordially,
Nathaniel Suchy
Dec 20, 2018, 2:04 AM by dns1...@riseup.net:
> Ook, thank you everyb
It looks like they are all running an alpha release with various Gmail
addresses. Maybe they're trying to correlate some traffic. What can be done in
situations like this where the operator is (likely intentionally) being
dishonest about their identity?
Cordially,
Nathaniel Suchy
Dec 11
traffic across
all of your IP Ranges at random and they would have to comply. If this is your
threat model a Private OBFS4Proxy Bridge (not published in BridgeDB and
blocking the ORPort (only allow the OBFS4 Port) might be a better solution for
you :)
Cordially,
Nathaniel Suchy
Dec 4, 2018, 8:43
I disagree with scrambling the IP Addresses. What if you are posting the IP
Address of a Tor Exit or Relay Server and trying to get help with an issue?
Scrambling that would break some discussions.
Cordially,
Nathaniel Suchy
Dec 4, 2018, 9:20 AM by charlyghisl...@gmail.com:
> We have s
from OVH likely without their mercy.
Cordially,
Nathaniel Suchy
Jan 13, 2019, 4:54 PM by grarp...@gmail.com:
>>> communicating with OVH regarding relays without contactinfo
>>>
>> Is it *really* a good idea to poke OVH over this?
>> in their ToS
>> I
experiences with them in the past :)
Cordially,
Nathaniel Suchy
Dec 19, 2018, 2:40 AM by dns1...@riseup.net:
> Hi,
>
> excuse my bad english.
>
> I would run an exit relay on a virtual server. For now i run just a non exit
> relay on my own mini server. I don't like too much do not
Someone likely abused a webmail provider. Respond to them that SMTP isn’t
available from your exit and they’ll have to contact the email service provider
directly.
Cordially,
Nathaniel Suchy
> On Apr 2, 2019, at 5:04 PM, ylms wrote:
>
> Hello fellow Tor-Exit operators,
>
&
considered if the spam starts again. Likewise
my clarifications are over and my request for not name-calling me has
been made.
Cordially,
Nathaniel Suchy
Old Man Tor:
> Sorry to hear that, that's really unfortunate and I would never want to wish
> that upon anyone. I wish you a speedy recover
There has been discussion over the past several years that the Tor network
should not use public DNS resolver as it has security implications on the Tor
network
(https://medium.com/@nusenu/who-controls-tors-dns-traffic-a74a7632e8ca). Should
new Tor Exit Relays be probed and not included in the
It’s not a threat model issue. It’s more of a let’s make Tor less dependent on
a few public resolvers. Running our own resolvers just makes more sense at such
a scale.
Cordially,
Nathaniel Suchy (they/them)
Sent from ProtonMail Mobile
On Thu, Mar 5, 2020 at 1:59 AM, Alec Muffett wrote
This is more of a message to the directory authorities. After a
discussion with Digitalocean - they will not relent on the bandwidth
policy. The server tor-exit-us-1.lunorian.is (Tor Metrics link below)
has been turned off for now - if the directory authorities would like
further proof to confirm
I started to run a few Tor Exit Relays (My exit policy only allows ports
80 and 443 only to minimize the amount of abuse) a few days ago.
Currently Tor Metrics shows the relays are only advertising 700Kb/s
despite the fact the minimum port speed on the VPSes I host on is
100Mb/s. I've been told by
,
Nathaniel Suchy
> On Apr 27, 2018, at 3:00 PM, Matt Traudt <pas...@torproject.org> wrote:
>
>> On 4/27/18 14:34, Nathaniel Suchy (Lunorian) wrote:
>> I started to run a few Tor Exit Relays (My exit policy only allows ports
>> 80 and 443 only to minimize the a
Thanks for the clarification. Once my last relay gets listed in the
consensus I will update the family again :)
Cheers,
Nathaniel Suchy
On 4/28/18 11:31 AM, nusenu wrote:
>
>
> Nathaniel Suchy (Lunorian):
>> While setting up my fleet of Tor Relays, one relay IP Address
>>
I don't know how everyone else feels about this - rather than using a
secondary resolver in the event Unbound fails - why not let the query
fail and the user have to try again? Is there any reason to risk letting
a third party resolver possibly log exit node DNS queries?
nusenu:
>
>
> Andrew
Like OpenDNS, Quad9 is a censoring DNS resolver and exits using it are / should
be considered bad exits. I haven’t seen any exits using it yet however I
thought I’d bring it up. Thoughts?
Cheers,
Nathaniel
Sent from my iPhone
___
tor-relays mailing
I’m quite worried about the number of relays using Google DNS. With Google DNS,
Google gets to know a Tor exit proxied X website at X time. I don’t think they
can be trusted with this information.
As for privacy concerns: Google claims these logs are only stored for up to 48
hours. It worries
You have a very good point - we could all run our own resolver(s) with a
fallback. This idea sounds much better than just reassigning trust.
On 5/11/18 8:52 AM, Ralph Seichter wrote:
> On 11.05.18 13:55, Nathaniel Suchy (Lunorian) wrote:
>
>> My first thought is to use ISP DNS if it
I dislike OpenNIC as they are operating their own TLDs - this would end
up being confusing as some Tor Exits would allow access to OpenNIC TLDs
and others would not.
On 5/11/18 8:18 AM, Famicoman wrote:
> OpenNIC is always an option, https://www.opennic.org
>
> On Fri, May 11, 2018, 8:12 AM
As long as their alternate resolvers do not censor any queries it's
(probably) allowed and will (probably) not get you flagged as a bad exit
for censoring traffic.
On 5/11/18 12:24 PM, nusenu wrote:
>
>
> Toralf Förster:
>> On 05/11/2018 01:41 PM, Nathaniel Suchy (Lunorian)
If Verizon is suddenly worried about malware, why not block at the DNS level
with something like Quad9 where it’s managed by more competent professionals?
(Of course still allowing alternate DNS Servers) Does Tor bootstrap by IP
Address directly?
Sent from my iPhone
> On May 16, 2018, at
Can you still use Tor on Verizon with bridges?
Sent from my iPhone
> On May 16, 2018, at 11:05 AM, Roger Dingledine wrote:
>
>> On Tue, May 15, 2018 at 08:12:50PM -0400, Neel Chauhan wrote:
>> Hi tor-relays mailing list,
>>
>> I have noticed that the Tor consensus server tor26
They are slowly becoming an AWS Clone - they keep adding more and more
services making the UI Confusing. Now they've even copied AWSs bill per
GB. What's next?
Ralph Seichter:
> On 02.05.18 18:17, mick wrote:
>
>> Following this I went back to Rafael Rosa, the Product Manager at
>> DigitalOcean
> can i set in my "torrc" file what ip i dont want/want to connect me?
You can use your exit policy to control what your exit connects to. As far as
I’m aware you can’t control who uses your exit.
Sent from my iPhone
> On May 3, 2018, at 10:09 AM, Matt Traudt wrote:
>
Hi,
The Tor relay
https://metrics.torproject.org/rs.html#details/B0BF533DA3BC09DEEB4AF2BEC16FA21063216FE4
of mine is marked as hibernating however I have not set a bandwidth
limit. Any idea on why this is happening?
Cheers,
Nathaniel Suchy
signature.asc
Description: OpenPGP digital signature
73 matches
Mail list logo