Re: [tor-relays] Cheap Servers? There MUST be a catch
Hi Gerry and all, On Sun, 2020-11-08 at 22:21 +, Dr Gerard Bulger wrote: > Of course set DNS of the machines not to be Google’s Just a digression for privacy understanding - I'm not sure about the following, confirmation needed. (Google) DNS would even not be triggered in the context of running a non-exit Tor relay, as only IPs seems to be shared by relays, authorities, and final Tor users. I only see a DNS reference in torrc at "Address" field but (I would bet this is first option): - either it is resolved by your machine, so as a non privacy related data (because it is yourself related) - either it is resolved once (or many times) by the network but is no more Google DNS related. Moreover Google (as any provider) could even evesdrop (uncyphered) DNS messages you exchange with your DNS provider, or list any IP address which exchanged with your host. So my point was that DNS does not matter as: 1/ Tor does not use DNS (confirmation needed) 2/ It is pointless to try to keep DNS private when you entrust all your machine to them (but using encyphered DNS would be slightly better) Moreover, Google already has a lot of information and I would just advice not to correlate any of their services with Tor. OVH is bad choice because of dominating bandwidth, but to my mind using Google would be worst. -- Croax signature.asc Description: This is a digitally signed message part ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Questions About The Traffic Of My Tor Relay
On November 3, 2020 4:25:29 PM GMT+01:00, "h.c2233" wrote: > Hi I am wandering why my middle relay download much more trafic than upload.. You're bandwidth is dramatically low so asymmetric transmission would be caused by tor protocol which is not restricted to pure traffic forwarding. 1/ check torrc config bandwidth allocation 2/ if just started your relay, watch every day on Tor Metrics for your consensus weight to grow at https://metrics.torproject.org/rs.html 3/ check ports are reachable. -- Croax___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I bumped out some more bad relays
Hi all On Fri, 2020-10-30 at 23:05 -0400, Roger Dingledine wrote: > I spent some time this week refining a new exit scanner, and today we > pushed some new reject rules to kick out some relays that we > confirmed > were running mitmproxy to do more sslstrips. Good. Does this mean it will be check and bumped more regularly? I see that lots of relays are running for more than one month from now. > Expect some upcoming next steps that aim to change the fundamental > arms > race, including experiments to use https by default in Tor Browser, > either > via HTTPS Everywhere's "Encrypt All Sites Eligible" option (you can > turn > that on right now) or via Firefox's upcoming built-in version of the > idea: > https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/19850 Yes. From the browser perspective, HTTPS should be enforced whatever the context. We may blame final Tor users or website administors for not following security guidance (eg. HSTS preload) but in the end it is the Tor user privacy that is compromised. This is lasting for months and could have been easily prevented. This game of cat and mouse is not good for Tor reputation. Thanks -- Croax signature.asc Description: This is a digitally signed message part ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays