>
> Thank you for your reply. I can now see that 4 big + 1 small (or 5 big)
> providers is definitely better than only 4 big ones for diversity, but it
> leads to another diversity question which needs some background:
> For a while, earlier this year during the spectre / meltdown vulnerability
> commotion I ran a couple of relays in VM's using Amazon Web Services (AWS). I
> was confident in the knowledge that the AWS provided kernels / VM's switched
> to the spectre mitigation measures. Sure they slowed down a bit for a while,
> but they speeded up again when after AWS tweaked it a little. Because I know
> my VM's were using the mitigation I know other VM's can't spy on the tor
> traffic & what ever encryption keys happens to been in the VM's memory at
> that time (the really paranoid can supply their own kernel / boot image to
> run).
All major operating systems provided mitigation/and or patches to correct this
vulnerability. Just because you were using Amazon Linux doesn’t mean that
Amazon did anything special. All the major Linux distributions had mitigation
measures and/or patches, as well as FreeBSD. If you had automatic updated
turned on for your respective OS they were brought online automatically, but
most people I know don’t have automatic updates turned on because they like
being able to control when updates are installed. There’s nothing special about
what AWS does that major OS distributions aren’t doing already.
Plus, I’m sorry, but I don’t consider CPU meltdown attacks are great in theory
and all, but your greatest threat is always going to be password compromise,
social engineering, or something of that sort. It’s the small stuff that
typically matters more than some major thing that looks like the end of the
world on paper.
> My VM's were probably running in a rack containing hardware that also runs
> websites, web applications, corporate cloud email and backup systems the list
> could go on, but it importantly it is about diversity.
>
So are mine. I don’t just provide Tor related services.w
> If one person were to run a hardware rack full of VM's that ALL run tor -
> that is a prime target for, for example, some spying government or
> international hacker group. For an admittedly far fetched example, some
> government can fly in, flash a court warrant to an underpaid security guard
> and do whatever they want to the rack, and then ALL the tor relays that are
> hosted there are compromised. Yes thats unlikely to happen but its still a
> risk.
>
Who said they all run Tor? You’re just making an assumption here. There’s a
variety of services that are ran, in fact, I host a high traffic website within
the same rack; it was the excess capacity from that project that led to the
donation driven project that is Greypony. The Government can do this anyway,
and they’ve raided places before, even places that were running operations
other than Tor at that location. It could be one server or 100 servers, if
there’s governmental interest, the government will use their means to get into
that server, It’s not exactly the best example.
> I am interested to hear your opinion on the diversity question of - How does
> having many relays in one place not damage diversity, even if they are
> connected to different networks / AS's are are technically controlled by
> different people.
I’m interested in how that damages any sort of diversity, other than the fact
that you have a concentrated number of relays in one location, which has been
going on for a long time, prior to GreyPony putting up high bandwidth relays.
People only started having concerns when Greypony came along with our high
bandwidth relays, even though we have significant technical safeguards in place
to prevent snooping of traffic (especially within our rack) or obtaining any
discernible data off of the drives, which are encrypted. (Some of our users
encrypt their data data on top of that as well, so, anyway.) You need to really
look at the definition of diversity, because it seems according to you, I could
setup a new datacenter that no existing tor services exist in and that would be
damaging to Tor’s diversity for some reason…..which a significant amount of
people would disagree.
>
> Again I want to point out what you are doing is good - I apologise if I
> appear to be "trolling" you, I am genuinely interested in learning the
> technical pro's and con's relating to this topic.
I don’t consider this trolling, but this is the real world. There normally
isn’t a huge grand conspiracy and someone’s not out there waiting to melt
processors. It’s all fun to discuss in theory, but in the end, that’s not
what’s happening in the real world.
Conrad
>
> Thanks again,
>
> Gary.
>
> On Sun, 2 Sep 2018 at 02:26, Conrad Rockenhaus wrote:
> Gary,
>
> It’s bad in the same way it’s bad as the other numerous other exit relays
> that run under the OVH umbrella. I am not my own