Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
On 13.08.2013 15:04, Sindhudweep Sarkar wrote: Over the past month I've been running a tor exit relay in a spare VPS machine that I am not using. It occurs to me know that this was probably a very poor idea, as I can't control the physical access to the machine or encrypt private key. This is a very valid question. So far, we have weighted in favor of more exit capacity. If you require all exits to be on dedicated machines, you lose a lot of diversity and thus, potentially, anonymity. Of course, you should prefer dedicated machines over virtual machines, and own hardened hardware over off-the-shelf servers. We're not yet in a (well-funded?) state where we can expect everyone to do this. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
On 08/13/2013 09:04 AM, Sindhudweep Sarkar wrote: Hi, Over the past month I've been running a tor exit relay in a spare VPS machine that I am not using. It occurs to me know that this was probably a very poor idea, as I can't control the physical access to the machine or encrypt private key. Running an exit node in a VM is better than not running an exit node at all. That said, not all virtualization is created equally. An OpenVZ container (which is really not virtualization at all) leaves all your files being just files on the host disk. Anyone on the host console can just do a locate fingerprint to see those files in all containers and can list the processes running to see your relay. At least with Xen/KVM/VMware you're running on your own virtual disk, and are running all processes in a self-contained environment. The traffic can still be sniffed by the host, of course, but you get more privacy than you would in an OpenVZ container. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Question about TOR bandwidth management
Hello, Is it possible to configure a TOR node to have different bandwidth limits at different times of day and on different days of the week? Thank you. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Raspberry Pi Relay Node Performance and future Plans on Documentation and more
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Roman Mamedov: On Tue, 13 Aug 2013 12:02:35 + tor_bri...@mail.md wrote: I'm wondering, is there any other method for running a tor bridge/relay on the raspberry pi, other than downloading the source and compiling it yourself? Raspbian has it in the repositories[1]. apt-get install tor Done. No need to build anything from the source. [1] http://archive.raspbian.org/raspbian/pool/main/t/tor/ This is 0.2.3.x, as one other poster explained; not only is it missing some useful features, but it appears that 0.2.4.x is much faster (= more usable, less crashy) on the Pi. Best, - -Gordon M. -BEGIN PGP SIGNATURE- iQEcBAEBCgAGBQJSCksyAAoJED/jpRoe7/ujtSEH/jphtWSs+Uxo5MDpTo8QyvdE EN0AOeXD0akfKIc0PRFGPIGCRuzOHpKLLppSzBp66jtSoglIjkIojZgwdkd9SDWe 236d1VWRgGHvXAOlpG/Q+nGLKELFbKOEhIaZg9xSI8Py07kCWwop5gDTozG0CI87 eyCJY7lQHDKNZqgqtLJim+oocSlj436b8KE4dRZ2dQ/rmfXjZzqu5vDk0fevPHnL vwvR7RuzDMiM6m4Wvp+aEaKmjj1Oyy1IziZ+yckzkVAu+OOxylp3BlDMCIVSIJx7 bqDkBMNn5QjZgTGH+q/hSyTyUJ9+Lmzpu8LiPTdgIA+ujl4VAZRgxvHN4wl9g/M= =dOSh -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
Apologies if the reply goes to the wrong location in the thread. ... At least with Xen/KVM/VMware you're running on your own virtual disk... Can't the virtual disk just be mounted by whoever has access? I don't think this is a large barrier to entry for anyone or a script looking for private keys. I could argue that pretty much every mac user has been getting software in the form of disk images, and these possibly non-technical users seem to have no issues. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
On 08/13/2013 11:10 AM, Sindhudweep Sarkar wrote: Apologies if the reply goes to the wrong location in the thread. ... At least with Xen/KVM/VMware you're running on your own virtual disk... Can't the virtual disk just be mounted by whoever has access? I don't think this is a large barrier to entry for anyone or a script looking for private keys. I could argue that pretty much every mac user has been getting software in the form of disk images, and these possibly non-technical users seem to have no issues. Well, any VM host can mount and read an unencrypted disk image. I guess the difference is ease of snooping. While access to disk contents and process info can be gotten by any hypervisor, some platforms make it easier than others. Again, though: running an exit node in a VM is better than not running an exit node at all. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
Hello, I would like to propose that you take a look from a different perspective (and I thought from the mail subject the question will be about that) on this. To run an exit node from a VPS provider is not safer -- TO YOU -- than running an exit node from your personal home connection. This man[1] had his house raided and his computers confiscated because of a Tor Exit node that he was running **NOT EVEN AT HOME** but in a datacenter, in a different country, on a server that he was renting (of course in his name). From what I gather from discussions surrounding that incident, the only reasonably safe way (again - to you) to run an Exit Node, is to do so on an IP range that's SWIPed to an LLC or a similar company, and not just has one physical person (you) responsible for it. [1] http://www.zdnet.com/austrian-man-raided-for-operating-tor-exit-node-708133/ -- With respect, Roman signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
On 13 August 2013 11:51, Steve Snyder swsny...@snydernet.net wrote: Well, any VM host can mount and read an unencrypted disk image. I guess the difference is ease of snooping. While access to disk contents and process info can be gotten by any hypervisor, some platforms make it easier than others. Exactly, that's the name of the game here. Let's raise the bar. (Same with censorship bypassing - it's always going to be an arms race.) What one person I respect does is In my case, I keep all the keys and [other sensitive data] on a partition that's created with a random key at boot time. If the machine dies, the keys and messages are lost but, such is the reliability of Debian, this hasn't happened yet. I probably reboot about once a year on average and have to remember to take copies of these files prior to doing it. So the hypervisor can, as always, look into the memory* of the running guest and get that data, but if they shut down the node or machine unexpectedly, you gain a little bit more security. All that said... Tor nodes don't store state. You aren't keeping people's email, or even a pool of data for a couple of hours. So this level of security for a tor exit node is nice, but IMO you shouldn't _not_ do an exit node because you aren't ready to set up a complicated encrypted filesystem just yet. -tom * Steve Weis is a cryptographer who's working on a (commercial) product that encrypts memory. http://privatecore.com/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
On 13.08.2013 18:52, Tom Ritter wrote: In my case, I keep all the keys and [other sensitive data] on a partition that's created with a random key at boot time. If the machine dies, the keys and messages are lost but, such is the reliability of Debian, this hasn't happened yet. I probably reboot about once a year on average and have to remember to take copies of these files prior to doing it. For Tor specifically, you can shred/delete the keys from disk completely, and only retain the copy in memory. For further hardening and details on this, see https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Planningon running bridge with bw limitation - config help
Gordon eo, On Tue, 13 Aug 2013 08:08:52 -0700, Gordon Morehouse gor...@morehouse.me wrote: Currently on one of my bridges I run all three - the normal bridge protocol, obfs2 and obfs3 on different ports. In the hope to help others with a Pi, here my experiences with setting up obfs2 and obfs3. While running/using Tor 0.2.4.16-rc build from source, I wanted the obfs2 and obfs3 'extensions'. I could have tried to follow the instructions for Debian based systems: https://www.torproject.org/projects/obfsproxy-debian-instructions.html.en#instructions but I didn't, I started with the 'build from source' plan: https://www.torproject.org/projects/obfsproxy-instructions.html.en#instructions This didn't work for me. Although Python 2.7 was already installed on Raspbian, after getting apt-get to install python-pip, apt also installed python2.6-minimal and python2.6. So, I tried to make the binary with `pip install obfsproxy`. The result was there was no binary (forgot the error message). I pulled the source from git (git clone https://git.torproject.org/pluggable-transports/obfsproxy.git) and created the binary (python setup.py install). The binary was there, but after setting up Tor (ServerTransportPlugin obfs2,obfs3 exec /usr/bin/obfsproxy managed) I noticed that the binary was broken. What I then did was removing Python 2.6 (dpkg -P python2.6-minimal python2.6 python-pip) , removed the source files (rm -Rf /var/log/tor/build/ /usr/src/obfsproxy/) , did a new git clone and created the binary again (python setup.py install). Then, all was OK and the obfs2 and obfs3 bridges work! Best regards ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is it safe to run an exit node from a VPS provider?
I would like to propose that you take a look from a different perspective (and I thought from the mail subject the question will be about that) on this. To run an exit node from a VPS provider is not safer -- TO YOU -- than running an exit node from your personal home connection. This man[1] had his house raided and his computers confiscated because of a Tor Exit node that he was running **NOT EVEN AT HOME** but in a datacenter, in a different country, on a server that he was renting (of course in his name). From what I gather from discussions surrounding that incident, the only reasonably safe way (again - to you) to run an Exit Node, is to do so on an IP range that's SWIPed to an LLC or a similar company, and not just has one physical person (you) responsible for it. Some providers accept Bitcoin, cash, MO's and the like. Alternatively, companies in general (even small LLC's) often have lawyers, who have formal business offices, and will often let/encourage all business registration, whois, banking, etc... the use of that physical address while they are on retainer under concerns as to legitimate privacy, mobile convenience, and proper familiar and legal response to process of service. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
