[tor-relays] Tor Relays Network Survey
Hello everyone, I am doing a research project called “Understanding Anonymous Network” conducted at the University of Illinois at Urbana-Champaign. The purpose of this project is to investigate what motivates people to participate in Tor project and to run the relay nodes. We also want to know what obstacles may hinder people to run relay(s). Our aim is to increase people’s participation in Tor network through understanding motivation. Your participation will help us have a better understanding about this issue. This survey will take approximately 15 minutes of your time. If you run Tor nodes and are willing to participate in this research project, please click the following link and start the survey! *https://uiuc.qualtrics.com/SE/?SID=SV_9GkkX5zGEkjQhx3* https://uiuc.qualtrics.com/SE/?SID=SV_9GkkX5zGEkjQhx3 Thank you very much!! ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor-relays Digest, Vol 52, Issue 1
Date: Sat, 2 May 2015 15:52:07 +0800 From: Geo Rift tim.cochrane.lap...@gmail.com To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] Determining geographical locations for a new exit relay would help most Message-ID: cao3znmfdf9q6fuhxhztyay1ors607da_syduqi08p9z7ykj...@mail.gmail.com Content-Type: text/plain; charset=utf-8 I would love to see some more nodes in Australia. I'm located in Perth and the speed of the network it horrible. Not usable for day to day internet which is unfortunate, hopefully it will pick up soon. Unless you've been really messing with your configuration, you're likely to end up hopping out of your home country at least once per circuit anyway. And if the network is slow, you'd want your traffic to get out of there as soon as possible; no/little sense adding a relay in a slow network area. Exit relay positioning is more dependent on filtering and network diversity rather than geographical proximity; I can only see that being helpful for guard relays. That said, if we're low on Australian relays it'd be good to get more there. I believe both UK and Australia keep bouncing around ideas for legally-required net filtering; that's the only thing I'd keep in mind other than speed when choosing between them. -- PGP key available on request signature.asc Description: Digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] HW-Accelerated OpenSSL Tor not playing nicely.
Yawning, Oh, I think I see what's going on. So, to shorten this, there are three points: #1: Where do I get this patch and how do I apply it? #2: Where is this testing suite. #3: How do I delete the library so I can install it completely new? On 2.5.15 10:46, Yawning Angel wrote: On Sat, 02 May 2015 09:42:42 -0400 12xBTM 12x...@gmail.com wrote: Step 1: Getting OpenSSL to become Hardware-Accelerated sudo apt-get install linux-image-3.14.39-ti-r61 sudo apt-get install linux-headers-3.14.39-ti-r61 wget http://download.gna.org/cryptodev-linux/cryptodev-linux-1.7.tar.gz tar zxf cryptodev-linux-1.7.tar.gz cd cryptodev-linux-1.7/ sudo make sudo make install sudo depmod -a sudo modprobe cryptodev lsmod sudo sh -c 'echo cryptodev/etc/modules' cd ~ wget https://www.openssl.org/source/openssl-1.0.2a.tar.gz tar zxf openssl-1.0.2a.tar.gz cd openssl-1.0.2a/ You left out, patching OpenSSL's cryptodev support to function. ls ./config -DHAVE_CRYPTODEV -DUSE_CRYPTDEV_DIGESTS shared sudo make sudo make install And you left out running the test suite, which according to the bug in OpenSSL's bugtracker, would have failed. Both of these dastardly details are hidden in the depths of the file misleadingly titled README in cryptodev-linux-1.7.tar.gz, under the heading * OpenSSL:. Regards, ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] HW-Accelerated OpenSSL Tor not playing nicely.
Hey Igor, sudo make uninstall didn't work no rule to make target 'uninstall'. Remember, there are two versions of OpenSSL involved, the normal OpenSSL, that came with Jessie, which no one cares about. And this self-compiled one in /usr/local/ssl/ that we're trying to get to work with cryptodev and Tor. Should I just delete the /ssl/ folder in /usr/local/? I have no idea where Cryptodev is installed because it's a mod that's loaded. But, from what I understand, the problem lies in OpenSSL needing a patch or something to play nicely with Cryptodev in the first place. So, for now, I don't see the need to reinstall Cryptodev. Naturally, I could be completely mistaken. On 2.5.15 11:19, Igor Chelnokov wrote: FYI: sudo make install is bad, use checkinstall -D sudo make uninstall should do the trick, but I'm not sure On Sat, May 2, 2015 at 6:15 PM 12xBTM 12x...@gmail.com mailto:12x...@gmail.com wrote: Yawning, Oh, I think I see what's going on. So, to shorten this, there are three points: #1: Where do I get this patch and how do I apply it? #2: Where is this testing suite. #3: How do I delete the library so I can install it completely new? On 2.5.15 10:46, Yawning Angel wrote: On Sat, 02 May 2015 09:42:42 -0400 12xBTM12x...@gmail.com mailto:12x...@gmail.com wrote: Step 1: Getting OpenSSL to become Hardware-Accelerated sudo apt-get install linux-image-3.14.39-ti-r61 sudo apt-get install linux-headers-3.14.39-ti-r61 wget http://download.gna.org/cryptodev-linux/cryptodev-linux-1.7.tar.gz tar zxf cryptodev-linux-1.7.tar.gz cd cryptodev-linux-1.7/ sudo make sudo make install sudo depmod -a sudo modprobe cryptodev lsmod sudo sh -c 'echo cryptodev/etc/modules' cd ~ wgethttps://www.openssl.org/source/openssl-1.0.2a.tar.gz tar zxf openssl-1.0.2a.tar.gz cd openssl-1.0.2a/ You left out, patching OpenSSL's cryptodev support to function. ls ./config -DHAVE_CRYPTODEV -DUSE_CRYPTDEV_DIGESTS shared sudo make sudo make install And you left out running the test suite, which according to the bug in OpenSSL's bugtracker, would have failed. Both of these dastardly details are hidden in the depths of the file misleadingly titled README in cryptodev-linux-1.7.tar.gz, under the heading * OpenSSL:. Regards, ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] HW-Accelerated OpenSSL Tor not playing nicely.
So, I deleted the /usr/local/ssl/ folder and went from there. I got the sudo make test going again, and it failed D: . So the last thing remains: How do I get/install that patch that supposedly corrects this? On 2.5.15 11:19, Igor Chelnokov wrote: FYI: sudo make install is bad, use checkinstall -D sudo make uninstall should do the trick, but I'm not sure On Sat, May 2, 2015 at 6:15 PM 12xBTM 12x...@gmail.com mailto:12x...@gmail.com wrote: Yawning, Oh, I think I see what's going on. So, to shorten this, there are three points: #1: Where do I get this patch and how do I apply it? #2: Where is this testing suite. #3: How do I delete the library so I can install it completely new? On 2.5.15 10:46, Yawning Angel wrote: On Sat, 02 May 2015 09:42:42 -0400 12xBTM12x...@gmail.com mailto:12x...@gmail.com wrote: Step 1: Getting OpenSSL to become Hardware-Accelerated sudo apt-get install linux-image-3.14.39-ti-r61 sudo apt-get install linux-headers-3.14.39-ti-r61 wget http://download.gna.org/cryptodev-linux/cryptodev-linux-1.7.tar.gz tar zxf cryptodev-linux-1.7.tar.gz cd cryptodev-linux-1.7/ sudo make sudo make install sudo depmod -a sudo modprobe cryptodev lsmod sudo sh -c 'echo cryptodev/etc/modules' cd ~ wgethttps://www.openssl.org/source/openssl-1.0.2a.tar.gz tar zxf openssl-1.0.2a.tar.gz cd openssl-1.0.2a/ You left out, patching OpenSSL's cryptodev support to function. ls ./config -DHAVE_CRYPTODEV -DUSE_CRYPTDEV_DIGESTS shared sudo make sudo make install And you left out running the test suite, which according to the bug in OpenSSL's bugtracker, would have failed. Both of these dastardly details are hidden in the depths of the file misleadingly titled README in cryptodev-linux-1.7.tar.gz, under the heading * OpenSSL:. Regards, ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] HW-Accelerated OpenSSL Tor not playing nicely.
Thanks for your help. I left it out of my email, but I actually did do it. Except for the ls bit. I originally ran the config without shared, encountered an error later down the road, deleted the extracted directory, and redid the config correctly, and then just simply did sudo make and then sudo made install without doing anything about the original library, which i assume was overwritten. But maybe I just corrupted it? Do I just delete the library's directory and retry, or is there something more? The DUSE_CRYPTODEV_DIGESTS is seen in the Tor error log because cryptodev digests are giving errors. I also don't see an entry about the running the test suite in the README. I see mention of a patch for Crytodev for OPENSSL, but, when on the site it links, I have no idea how to apply the patch for it says nothing patching it. (Sorry, I'm a total linux newb) Also, on the cryptodev-linux page: https://github.com/cryptodev-linux/cryptodev-linux/blob/master/NEWS , it says 1.7 was released in 07 Feb, 2015, which is long after the release of the patch that is talked about in the readme. Likewise, the patch linked is a whole year older than the version of OpenSSL I'm using, but it may not be part of the standard distribution of OpenSSL. Also, I see the mention of GnuTLS in Crypodev, if there's a better way to go about having HW-accelerated crypto for Tor (excluding Intel aes-ni), please let me know. On 2.5.15 10:46, Yawning Angel wrote: On Sat, 02 May 2015 09:42:42 -0400 12xBTM 12x...@gmail.com wrote: Step 1: Getting OpenSSL to become Hardware-Accelerated sudo apt-get install linux-image-3.14.39-ti-r61 sudo apt-get install linux-headers-3.14.39-ti-r61 wget http://download.gna.org/cryptodev-linux/cryptodev-linux-1.7.tar.gz tar zxf cryptodev-linux-1.7.tar.gz cd cryptodev-linux-1.7/ sudo make sudo make install sudo depmod -a sudo modprobe cryptodev lsmod sudo sh -c 'echo cryptodev/etc/modules' cd ~ wget https://www.openssl.org/source/openssl-1.0.2a.tar.gz tar zxf openssl-1.0.2a.tar.gz cd openssl-1.0.2a/ You left out, patching OpenSSL's cryptodev support to function. ls ./config -DHAVE_CRYPTODEV -DUSE_CRYPTDEV_DIGESTS shared sudo make sudo make install And you left out running the test suite, which according to the bug in OpenSSL's bugtracker, would have failed. Both of these dastardly details are hidden in the depths of the file misleadingly titled README in cryptodev-linux-1.7.tar.gz, under the heading * OpenSSL:. Regards, ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] HW-Accelerated OpenSSL Tor not playing nicely.
FYI: sudo make install is bad, use checkinstall -D sudo make uninstall should do the trick, but I'm not sure On Sat, May 2, 2015 at 6:15 PM 12xBTM 12x...@gmail.com wrote: Yawning, Oh, I think I see what's going on. So, to shorten this, there are three points: #1: Where do I get this patch and how do I apply it? #2: Where is this testing suite. #3: How do I delete the library so I can install it completely new? On 2.5.15 10:46, Yawning Angel wrote: On Sat, 02 May 2015 09:42:42 -0400 12xBTM 12x...@gmail.com 12x...@gmail.com wrote: Step 1: Getting OpenSSL to become Hardware-Accelerated sudo apt-get install linux-image-3.14.39-ti-r61 sudo apt-get install linux-headers-3.14.39-ti-r61 wgethttp://download.gna.org/cryptodev-linux/cryptodev-linux-1.7.tar.gz tar zxf cryptodev-linux-1.7.tar.gz cd cryptodev-linux-1.7/ sudo make sudo make install sudo depmod -a sudo modprobe cryptodev lsmod sudo sh -c 'echo cryptodev/etc/modules' cd ~ wget https://www.openssl.org/source/openssl-1.0.2a.tar.gz tar zxf openssl-1.0.2a.tar.gz cd openssl-1.0.2a/ You left out, patching OpenSSL's cryptodev support to function. ls ./config -DHAVE_CRYPTODEV -DUSE_CRYPTDEV_DIGESTS shared sudo make sudo make install And you left out running the test suite, which according to the bug in OpenSSL's bugtracker, would have failed. Both of these dastardly details are hidden in the depths of the file misleadingly titled README in cryptodev-linux-1.7.tar.gz, under the heading * OpenSSL:. Regards, ___ tor-relays mailing listtor-relays@lists.torproject.orghttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Relays Network Survey
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I gave it a shot, one thing I noticed. I haven't participated in any conferences when I tried to leave the question blank it spat back asking me to fill one in. Tim -BEGIN PGP SIGNATURE- Version: Mailvelope v0.13.1 Comment: https://www.mailvelope.com wsFcBAEBCAAQBQJVROscCRC8Tq5FO2jmKgAAZqgP+gKQaRCr8OS+vNJl9Nor unDGhwG520PAEwsWm8IcTBX75+RV1XUhJtm6DeYD2G2mF9med8iMB/+uCrv7 qS7eyD0b9wQMU2lm0RK2TutFKuzG3iGeUv3rcv91J/dGbWKbxnyFG6vbdQH5 eHWugqODz3ZhXlzNalmI4TA6AdCOaM0OY/ysVrJ98J4c78FsZ6AyuF1hrWrA 29hRQBERd3rsEavRMgUqmo5tIHMf7v6I2ew3LCGrpe1GgpkZU8ZTLHgChVmV wvP7lECnpKMcR4/KQJufDAKI/q655ebh5j+pCOU6ec0az3uWi0s4QUoV8hRI zQv8mfP2tdCL+tX+o4axl6Kl3t6ZfGC5TCN1EI9v704c7Rosucqk+FQ0QSOd D29FoZtLz9CJrHiUlq7IKN/TKtgYFPG39d0WXozN8ytvNIF7IGhNBu7x69W9 lFvD9RC/vZfUM6nr06BWBAYSl3gVPBiyEnQqlEP2TD6JGFPmsCv1dzqNCfDU zrtGD0Rsp/j+bdQcaDwK4iHspM+dBrxQ1abZZ1ROxJ2IEwNyaLNlKU+ZyyGF W1aaEpiitYiyuIPwwhLHLPGQX6VfR8fM0QcJtzQlxARawVJdc/dX+uJAOgx5 yJDmTYpNvIPlHP3yOv3x2MTLn6pGt+NkzWtyWIOcY/IFnORyPag+vbVL048H KMyy =oEq9 -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Relays Network Survey
Hi Tim, Thanks for the notification! I will change the the choice! On Sat, May 2, 2015 at 10:20 AM, Geo Rift tim.cochrane.lap...@gmail.com wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I gave it a shot, one thing I noticed. I haven't participated in any conferences when I tried to leave the question blank it spat back asking me to fill one in. Tim -BEGIN PGP SIGNATURE- Version: Mailvelope v0.13.1 Comment: https://www.mailvelope.com wsFcBAEBCAAQBQJVROscCRC8Tq5FO2jmKgAAZqgP+gKQaRCr8OS+vNJl9Nor unDGhwG520PAEwsWm8IcTBX75+RV1XUhJtm6DeYD2G2mF9med8iMB/+uCrv7 qS7eyD0b9wQMU2lm0RK2TutFKuzG3iGeUv3rcv91J/dGbWKbxnyFG6vbdQH5 eHWugqODz3ZhXlzNalmI4TA6AdCOaM0OY/ysVrJ98J4c78FsZ6AyuF1hrWrA 29hRQBERd3rsEavRMgUqmo5tIHMf7v6I2ew3LCGrpe1GgpkZU8ZTLHgChVmV wvP7lECnpKMcR4/KQJufDAKI/q655ebh5j+pCOU6ec0az3uWi0s4QUoV8hRI zQv8mfP2tdCL+tX+o4axl6Kl3t6ZfGC5TCN1EI9v704c7Rosucqk+FQ0QSOd D29FoZtLz9CJrHiUlq7IKN/TKtgYFPG39d0WXozN8ytvNIF7IGhNBu7x69W9 lFvD9RC/vZfUM6nr06BWBAYSl3gVPBiyEnQqlEP2TD6JGFPmsCv1dzqNCfDU zrtGD0Rsp/j+bdQcaDwK4iHspM+dBrxQ1abZZ1ROxJ2IEwNyaLNlKU+ZyyGF W1aaEpiitYiyuIPwwhLHLPGQX6VfR8fM0QcJtzQlxARawVJdc/dX+uJAOgx5 yJDmTYpNvIPlHP3yOv3x2MTLn6pGt+NkzWtyWIOcY/IFnORyPag+vbVL048H KMyy =oEq9 -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Determining geographical locations for a new exit relay would help most
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 You might also want to consider the exit probability and use that in addition or instead of CW. I don't know if VULTR has multiple ASes but if they do you might also want to have a look at the group by AS results (if they allow you to choose). Thanks for the breakdown, that helps. The only hitch with the Sydney and Toyko locations is that instead of 1000GB/mo of bandwidth, you only get 200GB/mo. Would it be better (all things considered) to go with the UK location at 1000GB/mo vs Tokyo or Sydney at 200GB/mo? Is there a specific reason why you limit yourself to vultr? -BEGIN PGP SIGNATURE- iQIcBAEBCgAGBQJVRUN/AAoJEFv7XvVCELh0NEUP/ivTdXDkW5l3i/E3laRXH/gB E3M82GljSJlU2rMh1tlAQejaGkxXp+UTtmAQ/fpeiBvPWZ5GstfTeRt+06tVc0Gz Pz26NKP0e+yxc2zODhNjBPWMppJgklGAu1IY1/9j78DdJPUSwKE2q2CzZ/ro3YRv U/HEAcK31JklkmtNHWydbF3Wzw+C1shXGx+UmwK33L6Kn3S/iHIuUeieC27N3Yco OIBl0zit5bjeLQdSfz37WPhrxPkr3xKaGwmvDaNPDK2kz8X6yBAdARnWzdXnMXsr P3FTm7eywcdEm5DpU7RYzkLp4Gh1MO2vfTu3jhaJRd/wX0++L/vynfPlxTTNEsCj 3RcXpgdwidrK8+aCgSxG+WVgS91F2VQd+Md9iLxQRaF7aOtg7zJ3uB8wCzVMlCnJ mb7VTM4Kkam/1Ugtwtv5O8UHSFrulMyIUXiqlHMMjHLW+icjCDhPOe9F9TchyN+o vC/iYNxEEfgcG4bx7Xu3mS6cXzN11MD3sEm5V9nPvo9PVXV+/Mi9eK/PUGE0rUpX 88LNVx4ZHqgy5jyKUBDjQrm4yGcVUAg8QqzbL+rFUonIcCgUbhKGJ8o4PdPmVDh4 XS8RG4qYFvftkjeGQYgXWGMXfTPMiVAal55L+pG7EcP3LnASiyd5fr+EzqAIwEM8 jJKAnR08+dVcThPMOhH/ =9Z5S -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] HW-Accelerated OpenSSL Tor not playing nicely.
On Sat, 02 May 2015 12:10:33 -0400 12xBTM 12x...@gmail.com wrote: So, I deleted the /usr/local/ssl/ folder and went from there. I got the sudo make test going again, and it failed D: . So the last thing remains: How do I get/install that patch that supposedly corrects this? ... Quoting from the README file: Note that OpenSSL's cryptodev implementation is outdated, and there are issues with it. For that we recommend to use the patches below, that we have provided to the openssl project. http://... You're making it sound as if the patches are on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying 'Beware of the Leopard'. Anyway... * I haven't bothered to check if the patches apply cleanly, only that they weren't ever merged. Shouldn't be that hard to fix the patches if they've rotted. * According to one of the writeups linked, in 2013 cryptdev wasn't exposing a CTR-AES EVP engine. If this is still the case, the bulk of tor's AES calls will not benefit from the acceleration (Skimming the cryptdev code quickly, this would ultimately be a kernel issue). * The SHA acceleration will only help TLS, because the bulk of the SHA calls in tor don't use the EVP interface (For good reasons in the case of SHA1, and it's a good idea, someone should do it reasons for SHA256). I'd expect in a lot of cases that the gains would be fairly minimal anyway, since using hardware acceleration with this configuration requires a syscall. if there's a better way to go about having HW-accelerated crypto for Tor (excluding Intel aes-ni), please let me know. Instead of some garbage TI part, use something that supports ARM-v8's AES, SHA1, SHA256, and VMULL instructions. Regards, -- Yawning Angel pgp0uhdF2rE_Y.pgp Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays