My relay was harvesting .onion addresses and I apologize if that breaks any
rule or ethical guideline.

I'm a Junior Researcher at the Laboratory of Security and Cryptography at
University of Campinas. We were conducting some research on malicious
Hidden Services to study their behavior and how we could design a tool that
could tell malicious and benign Hidden Services apart.

Because we focus mainly on web pages, we use a crawler to get almost all of
the data we need. However, there are some statistics (such as the size of
the Tor network, how many HSs run HTTP(s) protocol, how many run other
protocols and which protocols do they run, etc) which cannot be obtained
through a crawler. That's why we were harvesting .onion addresses.

We would run a simple portscan and download the index page, in case it was
running a web server, on a few random addresses we collected. We would also
try and determine the average longevity of those few HSs. However, after
collecting the data we needed for statistical purposes, the .onion
addresses we collected would be deleted and under no circumstances we would
disclose the information we collected on a specific .onion address we
harvested. In addition, we would never target specific harvested HS, but
only a random sample.

We would like to keep running our relay. We can make this process as
transparent as possible without disclosing any information that would harm
the anonymity of any user. We could also comply with any demands that the
Tor authorities might have. In case that's not possible, we will completely
respect your decision and will no longer harvest .onion addresses. However,
I'd like to ask for our IP address range to be unbanned so that other
people at my university can conduct some other research in the future and
so we can run a regular relay :)

I appreciate the time you took to address this issue and I'm willing to
answer any questions you may have.

Much obliged,

2017-08-24 12:16 GMT-03:00 David Goulet <dgou...@torproject.org>:

> On 24 Aug (12:11:47), Marcus Danilo Leite Rodrigues wrote:
> > Hello.
> >
> > I was running a Tor Relay for the past month (fingerprint
> > 71BEBB61D0D35234D57087D035F12971FA315168)
> > at my university and it seems that it got banned somehow. I got messages
> on
> > my log like the following:
> >
> > http status 400 ("Fingerprint is marked rejected -- please contact us?")
> > response from dirserver ''. Please correct.
> >
> > I was hoping to get some information regarding this ban and how I could
> > correct whatever was done wrong in order to get my relay up and running
> > again.
> Hello Marcus,
> You relay has been found to be harvesting .onion addresses which is
> strictly
> prohibited on the network.
> See https://blog.torproject.org/blog/ethical-tor-research-guidelines
> Were you conducting some research or ?
> Thanks for running a relay!
> David
> >
> > Best wishes,
> > Marcus Rodrigues.
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> --
> dI6qBwjRAsZuHbMRuPaXkArKESn4fYnY9Gcn/UW8Dlc=
> _______________________________________________
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list

Reply via email to