https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac <https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac>
There are multiple indicators that suggest that the attacker still runs >10% of the Tor network exit capacity (as of 2020–08–08) And on this one: I trust nusenu who told me we still have massiv malicious relays. > On 14. Aug 2020, at 19:12, Roger Dingledine <[email protected]> wrote: > > On Thu, Aug 13, 2020 at 03:34:55PM +0200, niftybunny wrote: >> This shit has to stop. Why are the relays in question still online? > > Hm? The relays are not online -- we kicked them in mid June. > > We don't know of any relays right now that are attacking users. > > Or said another way, if anybody knows of relays that are doing any attacks > on Tor users, ssl stripping or otherwise, please report them. I believe > that we are up to date and have responded to all reports. > > That said, there is definitely the uncertainty of "I wonder if those > OVH relays are attacking users -- they are run by people I don't know, > though there is no evidence that they are." We learned from this case > that making people list and answer an email address didn't slow them down. > > I still think that long term the answer is that we need to shift the > Tor network toward a group of relay operators that know each other -- > transparency, community, relationships, all of those things that are > costly to do but also costly to attack: > https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001 > https://lists.torproject.org/pipermail/tor-relays/2020-July/018656.html > https://lists.torproject.org/pipermail/tor-relays/2020-July/018669.html > > But the short term answer is that nobody to my knowledge has shown us > any current relays that are doing attacks. > > Hope that helps, > --Roger > > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
