Re: [tor-relays] Any known Tor relay seizures (in Germany)?

2016-02-28 Thread Jesse V 
On 02/28/2016 06:57 PM, Moritz Bartl wrote:
> The risks for seizures of exit relays are also minimal. What can happen
> if you run them as individual is that the police comes with a warrant
> and raids you because they assume you were the criminal (and then later
> return everything and the case against you is dropped since running an
> exit itself is legally just fine), but I haven't heard of any case like
> that in the past years. They have all seemed to have learned what Tor
> is, and all they do sometimes is ask for 'subscriber information' (which
> you don't have).

Exactly. They all seem to have a general understanding of what Tor is
and maybe a bit about how it works. It's been my experience that law
enforcement will send an inquiry, be told by the ISP that it's an exit
node, they realize the difficulty of tracing the original source, and
then nothing more (at least from our perspective) will happen. That of
course depends on the country, its laws, and the technical skills of any
interested law enforcement.

Follow that blog post that shows how to set up your exit to minimize
harassment. The ISP can easily set a reverse DNS entry, and you
eliminate a significant amount of spam and attacks by using a reduced
exit policy, especially if you get rid of the standard ports for SSH and
Telnet traffic. A custom landing page doesn't hurt either; mine looks
like this: http://198.50.200.131/

-- 
Jesse V



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Netflix overblocking non-exit Tor relays

2016-02-28 Thread Jesse V 
On 02/28/2016 11:42 AM, Jamis Hartley wrote:
> Because the support people in the call center are not IT people. They
> don't understand computers and were never trained with tor nodes. They
> were literally given cookie cutter responses to tell you when you come
> and say that you are being blocked because of a proxy. They don't have
> any knowledge of the tech behind it.

I'll disagree to that. A few hours ago, Netflix's tech support guided me
through a completely unrelated technical issue, but the technician was
highly knowledgeable in IT, security, and the workings of the Internet.
Obviously, I was only chatting with him for a few minutes while my
equipment was rebooting and I have a sample size of one, but I don't
think it's fair to dismiss the technical capacities of people in call
centers just because they work in call centers.

For an issue like this, you probably need to try to talk to someone
above the average tech support responder, since they are trained to how
to diagnose and repair common issues, and "Netflix is blocking non-exit
Tor relays" certainly isn't high on that list.

-- 
Jesse V



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Any known Tor relay seizures (in Germany)?

2016-02-28 Thread Thomas Braun 

On Montag, 29. Februar 2016 00:47:47 CEST, Thomas wrote:

Hello everybody,

do you know of any relay seizures of non-exit relays?
In the legal FAQ [1] this "risk" is only listed below exit relays.
Have there been any of such events in Germany (either exit- or 
any other nodes)?


Would I have to worry about seizures if I run a guard or middle relay
in Germany?


Hi Thomas,

I'm operating a non-exit tor relay from my home in Germany since more than 
a year.
I can't imagine a situation where the authorities would be interested in 
the fact that I'm operating a non-exit relay.


The only interested party might be your ISP due to the additional traffic.

Thomas
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 61, Issue 43

2016-02-28 Thread stealth 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, 28 Feb 2016 20:21:45 +, you wrote:
>
> > On 28 Feb 2016, at 21:17, stea...@nym.mixmin.net wrote:
> >
> > > Is your OpenSSL compiled optimised for your processor and for the 
> > > encryption that Tor uses?
> > >
> >
> > I am using the OpenSSL that was compiled for my version of
> > Mixmaster as I am running a middle remailer on the same VPS. It is
> > OpenSSL: 1.0.1e
>
> Does Tor log a message when it starts recommending an optimised version of 
> OpenSSL?
>
There are no references in my notices.log and my .log file is
empty. I will temporarily change my log level to debug and see what
it shows.

> > > How much RAM does your VPS have?
> > 512KB
>
> This is likely to be your issue. 512 MB is not enough for a large relay.
> Tor will limit its memory and connections to stay under about 3/4 of the 
> memory you have.
> Try 1GB.
>
> Tim
Thanks for advice. Unfortunately upgrading to 1gb is not an option
for me. Right now it appears that Tor is not using anywhere near
what is available in memory as evidenced by my top command.

top - 12:49:36 up 5 days, 20:32,  2 users,  load average: 0.05,
0.09, 0.08
Tasks:  70 total,   1 running,  69 sleeping,   0 stopped,   0 zombie
%Cpu(s):  1.3 us,  0.5 sy,  0.0 ni, 98.2 id,  0.0 wa,  0.0 hi,  0.0
si,  0.0 st
KiB Mem:524288 total,   198400 used,   325888 free,0
buffers
KiB Swap:   524288 total,0 used,   524288 free,37620
cached

  PID USER  PR  NI  VIRT  RES  SHR S  %CPU %MEMTIME+
COMMAND
 2535 debian-t  20   0 99116  69m 2980 S   3.3 13.5 125:37.86 tor
 2422 root  20   0  131m 5108 1080 S   0.3  1.0   5:04.66
fail2ban-server
16014 debian-t  20   0  107m  22m 2516 S   0.3  4.5   6:21.65 arm
>
> Tim Wilson-Brown (teor)
>
No response necessary. Thanks for your feedback Tim.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (MingW32)

iQIcBAEBAgAGBQJW01+NAAoJEH1gNwhiMDZuctQQAKtZM7sQpue4+SpW+o0hdvpO
I6XLk9YWHTszJehj5Gk3ik01yBdBiOgD2SJ2rx/cjR4AnRkRyjN6LOt3g/KxnTYI
4FNGo4fygYn4Oeu+HXmtEey3wyCVxWAzsmCXGNO6LhZhupfdmlv/ftcvcGI9VrJQ
wNZTW7QeHpUCJLBt9fbh7Drw+MNwLycwHdmV5kvCWWGK1vqzpWOK44Wmk4lz5+lv
ung5/HRHpt865SkXp0l/+w+p4qgTSgZ3thXpqtH1mHQPt52n4PKdUDF3Mf1yXYuf
JdOTBNThzZ4s4KNj3cdWH4Wf3wPwpIZ5zCZQ2O+osMpTeOSTOZHwPmStNFdM/CuH
OtLxJQb5TaVoUjOqzfcetMbx/5JlT1cutDOL5fVCiGSJ7j6q+FekknkrtKxtIKdU
gUobGBJ1u8Ei7axaR7rwcL3egouugQYfDHEEFZdYBBW0tgeNx8l6SCEt7IfqEqhW
Fmy58WUBs27ei9dnl9I/xq2V9FYBjdN4tpis22wctife/hth8hJWsMTLJYqP7qj9
9jqcJCgs7b7tkQsem72ApWMAgYnXVCMYscnPKTWdCEw9rdiarmArgPfE0AYuo6Lq
NIVg4IADmc/X4Y1SUKq/bYW5vkfIhHKA4aoZUZRj2AL6dcLtj5clAL9MnmyKDB7a
1Ie9DF8NEKkTldYHh5IN
=o3VV
-END PGP SIGNATURE-

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Any known Tor relay seizures (in Germany)?

2016-02-28 Thread Moritz Bartl 
On 02/29/2016 12:47 AM, Thomas wrote:
> do you know of any relay seizures of non-exit relays?
> In the legal FAQ [1] this "risk" is only listed below exit relays.
> Have there been any of such events in Germany (either exit- or any other 
> nodes)?
> 
> Would I have to worry about seizures if I run a guard or middle relay
> in Germany?

Highly unlikely. A non-exit relay only forwards encrypted traffic
'within' the Tor network. To my knowledge, nobody has ever received any
(law enforcement or even other) inquiry regarding a non-exit relay anywhere.

The risks for seizures of exit relays are also minimal. What can happen
if you run them as individual is that the police comes with a warrant
and raids you because they assume you were the criminal (and then later
return everything and the case against you is dropped since running an
exit itself is legally just fine), but I haven't heard of any case like
that in the past years. They have all seemed to have learned what Tor
is, and all they do sometimes is ask for 'subscriber information' (which
you don't have).

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Any known Tor relay seizures (in Germany)?

2016-02-28 Thread Thomas 
Hello everybody,

do you know of any relay seizures of non-exit relays?
In the legal FAQ [1] this "risk" is only listed below exit relays.
Have there been any of such events in Germany (either exit- or any other nodes)?

Would I have to worry about seizures if I run a guard or middle relay
in Germany?

Regards,
Thomas

[1] https://www.torproject.org/eff/tor-legal-faq.html.en
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Netflix overblocking non-exit Tor relays

2016-02-28 Thread Nenad Marjanovic 
Hi,

I got ya, but what i do is running VPN on VPS and all home traffic is
going over that IP, not ISP. I don't know if you can route your traffic
in your home in this way, but I don't see why not. Only ..

I don't have Netflix and I don't know if you have box only for it or you
have one box for all, router, phone, tv and netflix. In that case, you
don't have much of the choice, new hardware on no more Netflix.

;)

Le 28/02/2016 08:08, Jamis Hartley a écrit :
> I seriously doubt it's hostility. The likeliest thing is they were
> looking to stop people from using Tor to bypass country restrictions. So
> when they found a public list of all the Tor nodes, they blocked them
> all. Not realizing that only a few of them are actually capable of
> proxying.
> 
> For them to continue their "attack on unblockers" while allowing legal
> Tor users to watch, they need to simply read the flags of each node to
> find if they are exit or not. Then block only exit.
> 
> This should fix almost all problems. As very very few people will run an
> exit node from home. So blocking the exit ips will not block legitimate
> Netflix users.
> 
> We just need to contact the right people.
> 
> On Feb 27, 2016 7:53 PM, "Markus Koch"  > wrote:
> 
> I dont think its hostility. For the normal support assistant security
> and/or TOR is like a black hole
> and they do not know anything about it or know stuff from the
> mainstream press which is mostly
> complete bullshit. I would not blame the support person, try to get a
> supervisor who knows what we
> are doing. Good luck!
> 
> Markus
> 
> 
> >
> > from this tread, i don't get the sense that netflix is interested in
> > changing anything. it is only speculation, but i'd guess there's a
> > financial incentive provided to netflix for hostility to tor.
> >
> > do i have to say anything other than cloudflare?
> >
> > well, there are many things to do with my time besides watching
> teevee.
> > although i just started watching occupied [okkupert] which i liked
> a lot ...
> >
> > --
> > \js: !
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> 
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Process Being Killed on VPS

2016-02-28 Thread Moritz Bartl 
On 02/26/2016 11:22 PM, Random Tor Node Operator wrote:
>> I have a VPS with 512 MB RAM. [...] The relay is an entry guard 
>> and moves about 20 MB/s.
> Is that really 20 MegaByte per second?
> If so, I fear 512 MB RAM won't cut it.
> According to my experience, for a 100 Mbit/s relay you need at least 1
> GB RAM.

Yes, that is also my experience.

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Network Bandwidth Fine Tuning

2016-02-28 Thread Moritz Bartl 
>> I ran the speedtest on my VPS which gave the results below: [...]
>> My Bandwidth results are averaging around 1.5mbs to 3.0mbs via the
>> Tor Globe Stats page.
>>
>> Can someone tell me how to increase my network bandwidth based on
>> what I am capable of uploading and downloading. I am allocated 2TB
>> of bandwidth per month from my VPS

According to
https://atlas.torproject.org/#details/A290A9E71ADFC2FB1C80E64EF851A4B905450105
, the relay has only been around for some short time and is still
building up speed; it is currently at 4.5 MByte/s advertised bandwidth.

It can take up to roughly a month before a new relay reaches its 'final'
throughput levels. See
https://blog.torproject.org/blog/lifecycle-of-a-new-relay for details.

4.5 MByte/s per direction means that it will reach 2TB within less than
three days. You don't want that; you should actually throttle your relay
to be around for some more days. I would suggest something like 800 KB/s
and a cap on total amount of data per month, which means it will be
pushing data for ~15 days per month.

RelayBandwidthRate 800KB
AccountingMax 2000GB
AccountingRule sum

-- 
Moritz Bartl
https://www.torservers.net/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Process Being Killed on VPS

2016-02-28 Thread Sean Greenslade 
On Fri, Feb 26, 2016 at 04:03:14PM -0500, Steven Jones wrote:
> clearing the memory cache with a cron job cant hurt

Yes it can. There is no reason to clear the vm cache manually unless you
are testing cache-related code paths. The kernel will automatically
reclaim cache memory for program memory should the need arise, and uses
the otherwise idle/free memory for disk cache. Clearing cache will only
degrade the performance of your machine while the cached material is
re-read from disk.

--Sean

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 61, Issue 41

2016-02-28 Thread Tim Wilson-Brown - teor 

> On 28 Feb 2016, at 21:17, stea...@nym.mixmin.net wrote:
> 
> > Is your OpenSSL compiled optimised for your processor and for the 
> > encryption that Tor uses?
> >
> 
> I am using the OpenSSL that was compiled for my version of
> Mixmaster as I am running a middle remailer on the same VPS. It is
> OpenSSL: 1.0.1e

Does Tor log a message when it starts recommending an optimised version of 
OpenSSL?

> > How much RAM does your VPS have?
> 512KB

This is likely to be your issue. 512 MB is not enough for a large relay.
Tor will limit its memory and connections to stay under about 3/4 of the memory 
you have.
Try 1GB.

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 61, Issue 41

2016-02-28 Thread stealth 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Sun, 28 Feb 2016 13:49:20 +, you wrote:
>
>
> Message: 2
> Date: Sun, 28 Feb 2016 12:02:13 +0100
> From: Tim Wilson-Brown - teor 
> To: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] Network Bandwidth Fine Tuning
> Message-ID: 
> Content-Type: text/plain; charset="us-ascii"
>
>
> > On 28 Feb 2016, at 02:14, stea...@nym.mixmin.net wrote:
> >
>
> What processor is on your VPS?
Here is my lscpu output:

root$ lscpu
Architecture:  i686
CPU op-mode(s):32-bit, 64-bit
Byte Order:Little Endian
CPU(s):8
Vendor ID: GenuineIntel
CPU family:6
Model: 58
Stepping:  9
CPU MHz:   3300.152
BogoMIPS:  6600.30
Virtualization:VT-x

> How fast is it?
See above

> Does it have AES-NI?
I believe so. Here's the output from:

grep -o aes /proc/cpuinfo
aes
aes

and here's the output from:

grep -ml -o aes /proc/cpuinfo
aes

> Is your OpenSSL compiled optimised for your processor and for the encryption 
> that Tor uses?
>

I am using the OpenSSL that was compiled for my version of
Mixmaster as I am running a middle remailer on the same VPS. It is
OpenSSL: 1.0.1e

> How much RAM does your VPS have?
512KB
>
> Have you read the torservers.net Tor tuning advice? Yes I have made several 
> modifications to my RelayBandwidthRate and RelayBandwidthBurst. I have also 
> modified my AccountingMax number. Here's the pertinent information from my 
> torrc file:

 RelayBandwidthRate 50 MB  # Throttle traffic to 100KB/s (800Kbps)
 RelayBandwidthBurst 80 MB # But allow bursts up to 200KB/s
(1600Kbps)
 AccountingMax 100 GB

> (And similar articles?)

Any additional links would be welcomed.

>
> Tim
>
> Tim Wilson-Brown (teor)
>

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.15 (MingW32)

iQIcBAEBAgAGBQJW00AMAAoJEH1gNwhiMDZu2wYQAImPETHwRvlxrlAclulMlB+n
WwPB/fMSjiVwA9Rllb7w8NvSbf2Tu9FmeGoYOUDYTWuq93RsUuQFtVvcw3MXkzBR
X/TXAdP9WSDlNiOZajaRNR1hcYQJ0gJqJ9/6oyC1XoDNTK7bcE3FOY5ui10M+fFL
rXgM/qBmu+toaqA2vL4DKp3eFYMYDgVmesQLEI6edUvHjK4+itdV9pRwXAvQaFjJ
M7We374Siw6izM6cJqXtW3XytUCfIbVyzL+Al93fEJnJDaO5V3kIlHDkjcWJn9ev
Ogvg1/zZouwfFFJfC1p29NTsEzy8aF+w3obtq6NWQ0/pzTXJ/sPYIE21EHRIuMJo
J2Rk9YPVwp5ckIKH48Eg6jdGjNCI6rs59hhNJfvismvJES+NjgLoqJ+Y59ZnhMjr
q4rUssRxyzDFqDdBM60llXfTOh0qEFeHDkeBMfR+F4TJH8SZeEBXW3kyFnG6TH6R
D/BoV9ItHi7qXiP9zDIMHTSCz7NNJ210uVdHbMUkMH1He+5bB/auCNRcjXmPwbYg
kwbzJlgumSSd4kKufEnvC9KQComniYph90yDr8pOBnCE5E/o8+yVfB7XmTLidNEG
Ii/xhSKpdt+E7wQX3ISR2pbJ73tk+FaSd2iPVK0jPWab/zoGqVzZr41VFAWi8n6S
tuuLxJ5Lum3gu7EH6M0X
=h78g
-END PGP SIGNATURE-

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Netflix overblocking non-exit Tor relays

2016-02-28 Thread john saylor 
On 02/28/16 11:42, Jamis Hartley wrote:
> Because the support people in the call center are not IT people. They
> don't understand computers and were never trained with tor nodes. They
> were literally given cookie cutter responses to tell you when you come
> and say that you are being blocked because of a proxy.

but no one ever said that it even might be a tor node [or even a
"proxy"] on my network to me. it was just all about my local hardware,
and account and so on ...

when i called i said netflix worked yesterday and not today. there were
no changes to my network in this time period.

so then what changed? [answer: netflix policy]

the error message was vaguely about proxies, but since my tor node is
only a relay, i am not using it as a proxy at all. and it was never
brought up in the support call in any way ...

in fact, after my initial statement about the message on the screen, i
don't think proxies were mentioned ever again. i was told just remove
netflix from roku, sign in, sign out, put your right foot in, put your
right foot out, and that's what it's all about

also, someone besides the support engineer i spoke with wrote the cookie
cutter responses and *they* must have a clue. if tor nodes are being
blocked someone knows enough to figure out how to block them.

if their policy is to block tor nodes, then say it. netflix has gobs of
cash and customer support is important to any company that makes money
with network services.

but it was never said. in fact i was instructed to do just about
everything else ...

-- 
\js: !
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Netflix overblocking non-exit Tor relays

2016-02-28 Thread Jamis Hartley 
Because the support people in the call center are not IT people. They don't
understand computers and were never trained with tor nodes. They were
literally given cookie cutter responses to tell you when you come and say
that you are being blocked because of a proxy. They don't have any
knowledge of the tech behind it.
On Feb 28, 2016 9:38 AM, "john saylor"  wrote:

> On 02/28/16 02:08, Jamis Hartley wrote:
> > I seriously doubt it's hostility.
>
> you may be right. as i said, it was only speculation on my part ...
>
> but why didn't netflix support say it's your tor node when i was
> chatting with netflix support for an hour? or even- we are detecting a
> proxy on your network?
>
> the support person left we with instructions to call roku and ask about
> the DNS configuration of my hardware.
>
> and she was not kidding.
>
> so it's this indirectness that make me suspicious. also- the ip that my
> roku uses is clearly located in MA USA. as i said, i sent her the whois
> info for my ip.
>
> maybe i am just paranoid- but it just doesn't add up.
>
> anyway, i'm looking forward to taking more walks and naps and reading
> more books now that i've cancelled netflix- ymmv!
>
> if this every gets "fixed" i might re-subscribe- but maybe even not ...
>
> --
> \js: !
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Netflix overblocking non-exit Tor relays

2016-02-28 Thread john saylor 
On 02/28/16 02:08, Jamis Hartley wrote:
> I seriously doubt it's hostility.

you may be right. as i said, it was only speculation on my part ...

but why didn't netflix support say it's your tor node when i was
chatting with netflix support for an hour? or even- we are detecting a
proxy on your network?

the support person left we with instructions to call roku and ask about
the DNS configuration of my hardware.

and she was not kidding.

so it's this indirectness that make me suspicious. also- the ip that my
roku uses is clearly located in MA USA. as i said, i sent her the whois
info for my ip.

maybe i am just paranoid- but it just doesn't add up.

anyway, i'm looking forward to taking more walks and naps and reading
more books now that i've cancelled netflix- ymmv!

if this every gets "fixed" i might re-subscribe- but maybe even not ...

-- 
\js: !
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] biggest guard operator apparently left the tor network

2016-02-28 Thread Tim Wilson-Brown - teor 

> On 28 Feb 2016, at 15:46, SuperSluether  wrote:
> 
> From what I understand, the 3% that was lost should eventually be distributed 
> to the remaining relays, correct?

Within a very short period of time, clients will use other guards.
They'll try guards they have previously chosen, and try new guards if all 
previously chosen guards are down.

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] biggest guard operator apparently left the tor network

2016-02-28 Thread SuperSluether 
From what I understand, the 3% that was lost should eventually be 
distributed to the remaining relays, correct?


On 02/28/2016 08:39 AM, Kurt Besig wrote:

On 2/28/2016 5:00 AM, nusenu wrote:

Looks like SG.GS stopped their guard relays. They had >3% guard probability.

+---++--+
| Con5  | lastseen   | fingerprint  |
+---++--+
| SG.GS | 2016-02-22 | 675C5A2C2EC403B6B583735191042CF489D4E5DA |
| SG.GS | 2016-02-22 | C3D51AAF129FED507053244ADA29353D01AD5C90 |
| SG.GS | 2016-02-22 | B9B927347E005256D5D48007C38208FE8F7CC3BE |
| SG.GS | 2016-02-22 | 075A4D8D7662DF566FCE390FC820C539BFBBA867 |
| SG.GS | 2016-02-22 | 53E2060F64DF258597E738FD5608D2939B92BC1D |
| SG.GS | 2016-02-22 | 963ADC0137505151C1AFA6757DD2367EDEEC7B62 |
| SG.GS | 2016-02-22 | B4697BA6520A17A7F51E613018754BA5FD46D0A0 |
| SG.GS | 2016-02-22 | 951BDBA042A69FE8577129EA301B027A879B985B |
| SG.GS | 2016-02-22 | D905EEADE0A40C7C0E6A8102708CF16AB8ED9A35 |
| SG.GS | 2016-02-22 | 593B6169DA24F3835F0B485317C0DB529B8F3E58 |
| SG.GS | 2016-02-22 | 0519D312F1BD9668B3B43751E0934911E4C79C79 |
| SG.GS | 2016-02-22 | D9BFC55DDD8152F06D87C9DA7D192E86FC628626 |
| SG.GS | 2016-02-22 | 38F423A4320380FFE32DB60B72E7457CD6E3F096 |
+---++--+



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


And what do you think this means to the network as a whole?



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] biggest guard operator apparently left the tor network

2016-02-28 Thread Kurt Besig 
On 2/28/2016 5:00 AM, nusenu wrote:
> Looks like SG.GS stopped their guard relays. They had >3% guard probability.
> 
> +---++--+
> | Con5  | lastseen   | fingerprint  |
> +---++--+
> | SG.GS | 2016-02-22 | 675C5A2C2EC403B6B583735191042CF489D4E5DA |
> | SG.GS | 2016-02-22 | C3D51AAF129FED507053244ADA29353D01AD5C90 |
> | SG.GS | 2016-02-22 | B9B927347E005256D5D48007C38208FE8F7CC3BE |
> | SG.GS | 2016-02-22 | 075A4D8D7662DF566FCE390FC820C539BFBBA867 |
> | SG.GS | 2016-02-22 | 53E2060F64DF258597E738FD5608D2939B92BC1D |
> | SG.GS | 2016-02-22 | 963ADC0137505151C1AFA6757DD2367EDEEC7B62 |
> | SG.GS | 2016-02-22 | B4697BA6520A17A7F51E613018754BA5FD46D0A0 |
> | SG.GS | 2016-02-22 | 951BDBA042A69FE8577129EA301B027A879B985B |
> | SG.GS | 2016-02-22 | D905EEADE0A40C7C0E6A8102708CF16AB8ED9A35 |
> | SG.GS | 2016-02-22 | 593B6169DA24F3835F0B485317C0DB529B8F3E58 |
> | SG.GS | 2016-02-22 | 0519D312F1BD9668B3B43751E0934911E4C79C79 |
> | SG.GS | 2016-02-22 | D9BFC55DDD8152F06D87C9DA7D192E86FC628626 |
> | SG.GS | 2016-02-22 | 38F423A4320380FFE32DB60B72E7457CD6E3F096 |
> +---++--+
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
And what do you think this means to the network as a whole?



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Network Bandwidth Fine Tuning

2016-02-28 Thread nusenu 


nusenu:
>> My Bandwidth results are averaging around 1.5mbs to 3.0mbs via the
>> Tor Globe Stats page.
>>
>> Can someone tell me how to increase my network bandwidth based on
>> what I am capable of uploading and downloading. I am allocated 2TB
>> of bandwidth per month from my VPS
>>
>> Right now the Advertised Bandwidth is 1.7MB/s and when I scroll
>> down further on the page in the Bandwidth section my "mean written
>> bytes" are 226.15 kb/s and my "mean read bytes" are 227.1 kbs/s
>>
>> I see several sites averaging 50MB/s-60MB/s on the Top Ten Relays
>> list
> 
> If your VPS is only allowed to do 2TB/month, than you won't need any
> tuning if you are already doing 1.7MB/s.

Sorry I did not read carefully enough (1.7 *advertised* bw).



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Network Bandwidth Fine Tuning

2016-02-28 Thread nusenu 
> My Bandwidth results are averaging around 1.5mbs to 3.0mbs via the
> Tor Globe Stats page.
> 
> Can someone tell me how to increase my network bandwidth based on
> what I am capable of uploading and downloading. I am allocated 2TB
> of bandwidth per month from my VPS
> 
> Right now the Advertised Bandwidth is 1.7MB/s and when I scroll
> down further on the page in the Bandwidth section my "mean written
> bytes" are 226.15 kb/s and my "mean read bytes" are 227.1 kbs/s
> 
> I see several sites averaging 50MB/s-60MB/s on the Top Ten Relays
> list

If your VPS is only allowed to do 2TB/month, than you won't need any
tuning if you are already doing 1.7MB/s.




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Network Bandwidth Fine Tuning

2016-02-28 Thread Tim Wilson-Brown - teor 

> On 28 Feb 2016, at 02:14, stea...@nym.mixmin.net wrote:
> 
> Signed PGP part
> I ran the speedtest on my VPS which gave the results below:
> 
> root$ speedtest-cli
> Retrieving speedtest.net configuration...
> Retrieving speedtest.net server list...
> Testing from ProServe B.V. (81.4.111.251)...
> Selecting best server based on latency...
> Hosted by NFOrce Entertainment B.V. (Amsterdam) [0.00 km]: 4.817 ms
> Testing download speed
> Download: 711.10 Mbit/s
> Testing upload
> speed..
> Upload: 449.12 Mbit/s
> 
> My Bandwidth results are averaging around 1.5mbs to 3.0mbs via the
> Tor Globe Stats page.
> 
> Can someone tell me how to increase my network bandwidth based on
> what I am capable of uploading and downloading. I am allocated 2TB
> of bandwidth per month from my VPS


What processor is on your VPS?
How fast is it?
Does it have AES-NI?
Is your OpenSSL compiled optimised for your processor and for the encryption 
that Tor uses?

How much RAM does your VPS have?

Have you read the torservers.net Tor tuning advice?
(And similar articles?)

Tim

Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP 968F094B

teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F



signature.asc
Description: Message signed with OpenPGP using GPGMail
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] biggest guard operator apparently left the tor network

2016-02-28 Thread nusenu 
Looks like SG.GS stopped their guard relays. They had >3% guard probability.

+---++--+
| Con5  | lastseen   | fingerprint  |
+---++--+
| SG.GS | 2016-02-22 | 675C5A2C2EC403B6B583735191042CF489D4E5DA |
| SG.GS | 2016-02-22 | C3D51AAF129FED507053244ADA29353D01AD5C90 |
| SG.GS | 2016-02-22 | B9B927347E005256D5D48007C38208FE8F7CC3BE |
| SG.GS | 2016-02-22 | 075A4D8D7662DF566FCE390FC820C539BFBBA867 |
| SG.GS | 2016-02-22 | 53E2060F64DF258597E738FD5608D2939B92BC1D |
| SG.GS | 2016-02-22 | 963ADC0137505151C1AFA6757DD2367EDEEC7B62 |
| SG.GS | 2016-02-22 | B4697BA6520A17A7F51E613018754BA5FD46D0A0 |
| SG.GS | 2016-02-22 | 951BDBA042A69FE8577129EA301B027A879B985B |
| SG.GS | 2016-02-22 | D905EEADE0A40C7C0E6A8102708CF16AB8ED9A35 |
| SG.GS | 2016-02-22 | 593B6169DA24F3835F0B485317C0DB529B8F3E58 |
| SG.GS | 2016-02-22 | 0519D312F1BD9668B3B43751E0934911E4C79C79 |
| SG.GS | 2016-02-22 | D9BFC55DDD8152F06D87C9DA7D192E86FC628626 |
| SG.GS | 2016-02-22 | 38F423A4320380FFE32DB60B72E7457CD6E3F096 |
+---++--+



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Netflix overblocking non-exit Tor relays

2016-02-28 Thread Virgil Griffith 
Netflix engineering should be clueful enough to only block Tor-exit nodes.
We probably just have to find a way to get in touch with one of their
network engineers?

-V

On Saturday, 27 February 2016, Gero Kuehn  wrote:

> tl;dr: Even paying customers sharing IPs with non-exit Tor relays are now
> blocked from accessing Netflix
>
> Hello everyone !
>
> After two very fruitless attempts to get the issue silently resolved
> through
> proper Netflix support channels, the time has come to make this public. As
> some of you have probably already read in the news, Netflix recently
> announced a crackdown on what they call "VPN Pirates" and what I call
> "paying customers using the same benefits of globalization that global
> companies like Netflix (ab)use for their taxes".
>
> They have now obviously changed their strategy regarding the Tor network. I
> am operating (among others) a middle-relay on a German residential fixed-ip
> VDSL-50 line (dc6jgk1/486740353B905AA4731F82C0B4CC25821A62C6E3) behind a
> NAT. Until 2 days ago, none of the devices sharing the same external IP
> address had any problem connecting to Netflix and there never was a Tor
> exit
> relay on that IP as far as I can tell. It is also obviously not possible
> for
> users of the Tor network to connect to Netflix through middle relays. As a
> consequence they should not be classifying such IP addresses as
> VPNs/Proxies
> and they should not be blocking them. This has been escalated and explained
> twice to "technical supervisors" in their callcenters. They did however not
> leave the impression that they a) care or b) intend to fix this at some
> point by parsing the Tor network information properly instead of using
> whatever cheap hack they use now.
>
> The official response from Netflix is that you now need to make a choice
> between operating that Tor relay (of any type) and the ability to watch
> Netflix. They also strictly refuse to refund any remaining credit in the
> customer account.
>
> My personal choice with regards to that blackmailing is as clear my next
> steps (conditional cancellation, 14 day deadline for refund and a legal
> challenge of their German AGB with regards to this issue). I am allergic to
> being blackmailed like that and being called a pirate by a service I
> legitimately paid for.
>
> For those of you who just would like to contribute to the Tor network
> without having trouble like that, please do not let this nonsense stop you.
> A more diversified Tor network is a more healthy network and I would really
> like to see more normal users operating tor relays operating in as many
> different locations as possible - including DSL lines "that are there
> anyways". If you do not want to be put into a position where you have to
> choose between your contribution to the network and some legal and paid-for
> entertainment, you might want to operate only a bridge until the issue has
> been resolved. If you already have the same problem, make it as expensive
> for Netflix as possible and spread the word about why this block (and
> geoblocking in general) is wrong. Thanks !
>
> Kind regards,
>
>   Gero / dc6jgk
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays