Re: [tor-relays] Comcast blocks ALL traffic with tor relays

[Livingood, Jason via tor-relays]

>As to the blog post you mention… Your statements are very generic: now you 
>talk about "not blocking tor", but tor is not just one webpage, one server, a 
>monolithic entity. I would appreciate details: If your customer has "advanced 
>security" activated, can he connect to any ORPort of any tor  middle relay?

Fair enough. That post was in any case from 2014 and the questions are 
different today (I just used it as an example that we’re not against Tor). 
Honestly, I’m a little surprised that someone running a Tor exit node would not 
be using their own cable modem and running their own router (whether open 
source a la Openwrt or commercial). If someone wants to do stuff like run a Tor 
exit node or run a MASQUE relay or whatever, I’d recommend they turn off 
Advanced Security and manage their routing & firewall rules themselves.

>Sorry if I am a bit repetitive, but 
>https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security<https://urldefense.com/v3/__https:/www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security__;!!CQl3mcHX2A!GL-M865o8Ul6VQiGJSAHwue9MmlLnlCkSlez2kSjTpTq91B5S2TV_6hpdIS3pBMgjK8UBjTiRgcW8Hu1XzhBRik$>
> mentions "Blocks remote access to smart devices from known dangerous 
>sources.". What do you mean by dangerous sources, and does it include tor 
>relays or exits?

It may be down to the fact that “unknown” users connect to the relay/exit and 
that the average consumer user of the Advanced Security service does not want 
that. I suspect if someone wants this, it’s best to toggle Advanced Security 
off.

> I don't know whether this customer has "Advanced security" turned on, I just 
> assume he has. Do you want me to send you privately more details (my IP and 
> this peer's IP)?

Sure – I am happy to look at that confidentially. But it could be a wide range 
of other things – even basic things like someone’s router timing out external 
connections after X minutes, etc.

> So you remind me of an old joke: who should I believe, you, or my eyes? 
> Sorry, I choose my eyes. I am talking here about direction from my node to 
> Comcast. It is still possible that you don't block connections from Comcast 
> to relays, I have contradictory evidence about this point. So if your "not 
> blocking tor" means "not preventing our customer from connecting to some tor 
> relays", this could be true.

Alternatively, given the large size of our network, if we were in fact blocking 
this, then I’d expect to see this list filled with complaints and social media 
sites 
(Twitter<https://twitter.com/search?q=comcast%20tor=typed_query=top>, 
Reddit, etc.) filled with complaints. But what I see now is a single report. 
That said, I routinely look at such reports when they seem at odds with our 
network policies so as to be certain there’s not some misconfiguration or bug 
someplace.

Jason
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Do they use their own modem/router?

[Livingood, Jason via tor-relays]

BTW, feel free to refer back to my 2014 blog statement on this at 
https://corporate.comcast.com/comcast-voices/setting-the-record-straight-on-tor.

Jason

From: tor-relays  on behalf of 
"Livingood, Jason via tor-relays" 
Reply-To: "tor-relays@lists.torproject.org" 
Date: Wednesday, June 14, 2023 at 14:43
To: "tor-relays@lists.torproject.org" 
Cc: Jason Livingood 
Subject: Re: [tor-relays] Do they use their own modem/router?

This thread mentions “Advanced Security” and you can learn more about that at 
https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security<https://urldefense.com/v3/__https:/www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security__;!!CQl3mcHX2A!HeJfTFO9PYjskQKoX0pF6nd0myfZCjx1gnnXFAKVDpF_x2krlJQcBix015xoehbZcYJK4X2zGQ2b6pvQKA6Wklz1P4hIRSnkraU$>.
 This feature can only be used with a leased Xfinity gateway like the XB7 or 
XB8. There are a great many cable modems that customers can and do buy in 
retail stores that do not have such features – like the Arris S33 cable modem. 
So, a customer that has Advanced Security has in essence (1) chosen to use an 
XB gateway rather than buy their own modem & router in retail and manage it 
themselves, and (2) turned on Advanced Security.

If the customer in question that is using Advanced Security wishes to turn it 
off, they can do so in the Xfinity app (or turn the modem into ‘bridge mode’ 
and use their own router, or use their own modem).

I’m happy to help answer other questions.

Jason Livingood
Technology Policy, Product & Standards
Comcast

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Comcast blocks ALL traffic with tor relays

[Livingood, Jason via tor-relays]

Hi – Dropping into this thread from Comcast to say that we DO NOT BLOCK Tor. 
Feel free to refer back to my 2014 blog statement on this at 
https://corporate.comcast.com/comcast-voices/setting-the-record-straight-on-tor.

Jason Livingood
Technology Policy, Product & Standards
Comcast
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Do they use their own modem/router?

[Livingood, Jason via tor-relays]

This thread mentions “Advanced Security” and you can learn more about that at 
https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security. 
This feature can only be used with a leased Xfinity gateway like the XB7 or 
XB8. There are a great many cable modems that customers can and do buy in 
retail stores that do not have such features – like the Arris S33 cable modem. 
So, a customer that has Advanced Security has in essence (1) chosen to use an 
XB gateway rather than buy their own modem & router in retail and manage it 
themselves, and (2) turned on Advanced Security.

If the customer in question that is using Advanced Security wishes to turn it 
off, they can do so in the Xfinity app (or turn the modem into ‘bridge mode’ 
and use their own router, or use their own modem).

I’m happy to help answer other questions.

Jason Livingood
Technology Policy, Product & Standards
Comcast

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Got my first abuse

[Jason Odoom]

Running an Exit  node from home is asking for trouble. I can't imagine why
anyone would want to. Anyways, /etc/hosts.allow and /etc/hosts.deny can
also be used to limit SSH access. I highly recommend.

Best,
Jason

Sent from my Android device. Please excuse my brevity and any typos that
may occur.

On Thu, Apr 16, 2020, 3:32 PM Volker Mink  wrote:

> Not 100% accurate.
> I was running an exit at my home connection for close to one year. I
> removed it because normal internet usage became absolutely anoying. Capchas
> and DOS-Protections nearly everywhere. No streaming-portal was running. And
> lots of complaints from my provider.
> But no Cop action!
>
> And now i am running 2 exits hosted in datacenters, one in germany, one in
> malaysia. No problems by now.
>
>
> br,
> volker
>
>
> *Gesendet:* Donnerstag, 16. April 2020 um 13:32 Uhr
> *Von:* "NOC" 
> *An:* tor-relays@lists.torproject.org
> *Betreff:* Re: [tor-relays] Got my first abuse
> They raid your home even if the Tor node is run in a datacenter. Sadly
> the police in germany is still stuck in the 90s and most of them don't
> know and/or care what Tor is and how it works.
>
> On 16.04.2020 12:45, Mario Costa wrote:
> > Where you running an exit from home? It’s really discouraged because of
> what happened to you.
> >
> > -m
> >
> >> Il giorno 16 apr 2020, alle ore 04:50, Kolja Sagorski <
> ha...@koljasagorski.de> ha scritto:
> >>
> >> I had a police house search for my exit...
> >> I hate the stupid German police.
> >>
> >>> Am 15.04.2020 um 22:53 schrieb "li...@for-privacy.net" <
> li...@for-privacy.net>:
> >>>
> >>> Hi,
> >>>
> >>> my Family¹ has had an exit for 2 weeks and today the first abuse mail
> has arrived.
> >>>
> >>> First of all, thanks for the templates:
> >>>
> >>> https://www.torservers.net/wiki/abuse/templates
> >>>
> >>> https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates
> >>>
> >>>
> >>> I linked these two from the Tor-project:
> >>>
> >>> - Common Boilerplate (Tor Intro)
> >>>
> >>> - SSH Bruteforce Attempts
> >>>
> >>> and wrote the following myself:
> >>> --
> >>> Another good option that we use ourselves is: fail2ban
> >>> And report to blacklists, which can then be loaded into the router
> firewalls:
> >>> https://www.abuseipdb.com/user/33280
> >>>
> >>> Hope this helps!
> >>> --
> >>>
> >>> I actually wanted to add that the SSH login attempts can be limited.
> (3-6)
> >>> Because the logs from the abuse mail showed 100 attempts pro IP. ;-)
> >>>
> >>> _Are such notes useful or do such instructions cause even more
> problems?_
> >>>
> >>>
> >>>
> >>> ¹https://metrics.torproject.org/rs.html#search/TorOrDie4privacyNET
> >>>
> >>> --
> >>> ╰_╯ Ciao Marco!
> >>>
> >>> Debian GNU/Linux
> >>>
> >>> It's free software and it gives you freedom!
> >>> ___
> >>> tor-relays mailing list
> >>> tor-relays@lists.torproject.org
> >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >> ___
> >> tor-relays mailing list
> >> tor-relays@lists.torproject.org
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Turning down my relay from DigitalOcean

[Jason Odoom]

Hello Vadim,

How long have you been running a relay with OVH? I know they've stated that
they do not allow Tor relays on their network.

Best,
Jason

On Mon, Jul 2, 2018, 11:06 AM Vadim Tsesko  wrote:

> Hello everybody,
>
> I am using OVH.ie for my Tor relay. They don't limit traffic.
>
> Good luck!
>
> On 07/02/2018 04:41 PM, Jason Odoom wrote:
> > Guillermo,
> >
> > Sorry to read you've also had an issue with this. Please do share if you
> > are able to find a host that is open to allowing Tor Exit nodes!
> >
> > Best,
> > Jason
> >
> >
> > On Mon, Jul 2, 2018, 9:28 AM Guillermo Narvaez  > <mailto:guille...@nrvz.net>> wrote:
> >
> > Hello everyone,
> >
> > Sadly I'm stoping the tor daemon in my relay due high cost of
> > bandwidth ($100), in the meantime I start to search an optional
> hosting.
> >
> > My apologies!
> > -Guillermo
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org  tor-relays@lists.torproject.org>
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
> >
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
>
> --
> Best regards,
>Vadim Tsesko
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Turning down my relay from DigitalOcean

[Jason Odoom]

Guillermo,

Sorry to read you've also had an issue with this. Please do share if you
are able to find a host that is open to allowing Tor Exit nodes!

Best,
Jason


On Mon, Jul 2, 2018, 9:28 AM Guillermo Narvaez  wrote:

> Hello everyone,
>
> Sadly I'm stoping the tor daemon in my relay due high cost of bandwidth
> ($100), in the meantime I start to search an optional hosting.
>
> My apologies!
> -Guillermo
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Exit Node Winter Shutdown

[Jason Odoom]

Thanks Paul. I will be sure to keep a backup.

Best,
Jason

- Jason Odoom
GPG 9031B50D


On Thu, Jun 28, 2018 at 6:55 PM Paul Templeton  wrote:

>
> > I regret to inform you all that I will be shutting down my Tor Exit
> node  - Winter [0] after more than five years.
>
> Makes me sad :-(
>
> Keep a backup - you may find hope else where... You never know.
>
> P
>
>
> 609662E824251C283164243846C035C803940378
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Tor Exit Node Winter Shutdown

[Jason Odoom]

Hello relay operators,

I regret to inform you all that I will be shutting down my Tor Exit node  -
Winter [0] after more than five years.  Digital Ocean's new bandwidth
policy has made it incredibly expensive to keep this online. I incurred
almost $200 of usage. I was lucky enough to have received a deduction off
of my bill. I also believe that in this case asking for donations will do
little to help. I did not host this Exit node for accolade but because I
truly believe in what the Tor project is doing. I will allocate my budget
for the Exit node towards monthly contributions to Tor as an alternative.
Hopefully in the future I will be able to return. It's been fun.

0:
https://metrics.torproject.org/rs.html#details/9EC5E097663862DF861A18C32B37C5F82284B27D

Best,
Jason

- Jason Odoom
GPG 9031B50D
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] how to distribute pgp public key?

[Jason Odoom]

On Dec 7, 2016 1:28 AM, "Univibe"  wrote:

If I want to include a reference to my public PGP key on Atlas using the
ContactInfo field on my relays, what's the best way to do it? Should I
upload my key to some of the public keyservers and then list the
fingerprint on Atlas?


Yes. I use the MIT Keyserver at http://pgp.mit.edu

If so which keyservers are recommended?

I had a thought to publish it on my relay's DirPort (using DirPortFrontPage
and a simple html doc containing the public key). Then I could just provide
a link to the DirPort in ContactInfo.


It's better to just use a fingerprint. I don't know how efficient or useful
that would be. It is also not necessary.


Is there a better way to do this?

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961

[Jason Ross]

Hi David,
Thanks for the heads up! It turns out that my relay is in the list of
affected hosts, however, the kernel I was running (3.16.36-1+deb8u1)
is claimed by Debian to be fixed (see:
https://security-tracker.debian.org/tracker/CVE-2016-5696).

Since your script determines whether the host is affected or not based
on the actual TCP comms (rather than banner grabbing a kernel version
or something), I'm not sure what to make of that - it would seem to
indicate that either the weighting you've devised doesn't fit Debian
hosts, or it could indicate perhaps that the patch Debian maintainers
applied to address the issue wasn't sufficient. I won't pretend to be
clueful enough about low-level TCP stack programming to be able to
tell for sure which is the case, but wanted to mention it in case
others see the same thing.

For my part, I've since updated the kernel on my relay to
3.16.36-1+deb8u2, and applied the sysctl work-around as an additional
measure.
I checked the ACK count using netstat both before and after, and have
included those results here:

Before:
TCPChallengeACK: 1107
TCPSYNChallenge: 7

After:
TCPChallengeACK: 2
TCPSYNChallenge: 2


Thanks!

--
Jason

On Thu, Nov 17, 2016 at 2:30 AM, dawuud <daw...@riseup.net> wrote:
>
> Hi.
>
> I added the scan output to the repo, this includes the output csv file
> and a list of vulnerable relays:
>
> https://github.com/david415/scan_tor_rfc5961/blob/master/scan_archive/nov17_2016/probe_out.csv
> https://github.com/david415/scan_tor_rfc5961/blob/master/scan_archive/nov17_2016/vulnerable_tor_relays
>
>
> Upgrade your Linux kernel and reboot your tor relays!
>
> Cheers,
> David
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Linux kernel vulnerability

[Jason Jung]

I don't think it would be a terrible idea but it is always possible that
your server will fail to reboot after a kernel upgrade.  This leaves it
offline without a general idea of why it is offline.  I do use
unattended-upgrades to automatically restart most services though.

On Sat, Oct 22, 2016 at 07:02:21PM -0500, Tristan wrote:
>Would it be acceptable to configure unattended-upgrades to
>automatically reboot the system when required? I already have it
>configured to check for and install all updates to Ubuntu and Tor once
>a day, but I still need to manually reboot to apply kernel upgrades.
> 
>On Sat, Oct 22, 2016 at 6:26 PM, Petrusko <[1]petru...@riseup.net>
>wrote:
> 
>  [2]https://security-tracker.debian.org/tracker/CVE-2016-5195
>  Remember,
>  to know your current debian linux kernel : uname -a
>  If your kernel is not up to date :
>  apt-get update && apt-get dist-upgrade && reboot
>  I :
>  > Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability
>  in the Linux Kernel
>  >
>  > [3]http://dirtycow.ninja/
>  --
>  Petrusko
>  PubKey EBE23AE5
>  C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
>  ___
>  tor-relays mailing list
>  [4]tor-relays@lists.torproject.org
>  [5]https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
>--
>Finding information, passing it along. ～SuperSluether
> 
> References
> 
>1. mailto:petru...@riseup.net
>2. https://security-tracker.debian.org/tracker/CVE-2016-5195
>3. http://dirtycow.ninja/
>4. mailto:tor-relays@lists.torproject.org
>5. https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


-- 
Jason Jung
7942 B145 5E45 1D53 37C8  1204 8DA4 A1DB CBE6 35AE
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] 'No space left on device' glitch causing log failure

[Jason Jung]

Is it possible you have a disk or user quota setup?

On October 10, 2016 9:15:46 AM CDT, Geoff Down <geoffd...@fastmail.net> wrote:
>Hi all,
> these are the last entries in my log, but my bridge is still listed on
> Atlas and client functionality is fine. Latest stable version on
> OSX10.4.
>Needless to say, the disk is not full and 'tor' can write to that
>directory just fine now.
>
>Oct 05 22:52:09.000 [warn] Couldn't open "/Users/tor/tor/state.tmp"
>(/Users/tor/tor/state) for writing: No space left on device
>Oct 05 22:52:09.000 [warn] Unable to write state to file
>"/Users/tor/tor/state"; will try again later
>Oct 05 23:10:27.000 [warn] Couldn't open
>"/Users/tor/tor/cached-consensus.tmp" (/Users/tor/tor/cached-consensus)
>for writing: No space left on device
>Oct 05 23:11:32.000 [warn] Error writing to
>"/Users/tor/tor/cached-descriptors.new": No space left on device
>Oct 05 23:11:32.000 [warn] Unable to store router descriptor
>{more of the same until Oct 05 23:11:34.000}
>
>GD
>
>-- 
>http://www.fastmail.com - Access all of your messages and folders
>  wherever you are
>
>___
>tor-relays mailing list
>tor-relays@lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Jason Jung
7942 B145 5E45 1D53 37C8 1204 8DA4 A1DB CBE6 35AE
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Guard/Middle/Exit Hosting

[Jason Jung]

Maybe we are limited to only one promo code of that nature?  I used
DIVEIN10 about two years ago and using LOWENDBOX says "Sorry, this promo
cannot be applied to your account. Most promos are valid for new
customers only."

Tristan:
> It's in the billing settings after you log in.
> 
> On Sep 15, 2016 3:28 PM, "Ralph Seichter" <tor-relays...@horus-it.de> wrote:
> 
>> On 15.09.16 21:43, Markus Koch wrote:
>>
>>> DigitalOcean has a new Promo: $15 free aka 3 months free droplet.
>>
>> I have tried creating an additional Droplet, but it seems that promo codes
>> cannot be entered anywhere in this process. Probably only when registering
>> a new customer account, I suppose?
>>
>> -Ralph
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

-- 
Jason Jung
7942 B145 5E45 1D53 37C8  1204 8DA4 A1DB CBE6 35AE
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Guard/Middle/Exit Hosting

[Jason Jung]

That code only works with new registrations. 

On September 15, 2016 3:28:19 PM CDT, Ralph Seichter 
<tor-relays...@horus-it.de> wrote:
>On 15.09.16 21:43, Markus Koch wrote:
>
>> DigitalOcean has a new Promo: $15 free aka 3 months free droplet.
>
>I have tried creating an additional Droplet, but it seems that promo
>codes
>cannot be entered anywhere in this process. Probably only when
>registering
>a new customer account, I suppose?
>
>-Ralph
>___
>tor-relays mailing list
>tor-relays@lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Jason Jung
7942 B145 5E45 1D53 37C8 1204 8DA4 A1DB CBE6 35AE
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Bridge Authority closure

[Jason]

I could run one here in Iceland if it would help.

-Jason


On 7/21/2016 4:22 PM, simon wrote:

On 21.07.2016 17:36, Marina Brown wrote:

Maybe i am out of line for suggesting this but i will suggest anyway.
Might i suggest that the next bridge authority be hosted on tor inc ip
space and perhaps be 2 hosts instead of one.

It looks like this was a single point of failure. It would be easy
enough to have a volunteer bgp announce a specific ip address. If they
decided to drop out then it would not cause this type of consternation
in the future. Having more than one bridge auth has obvious benefits.

While hijacking the bridge authority does not directly and immediately
harm the Tor network, and an evil BGP entry could most probably not be
upheld for more than 24h worst-case, I still support the idea of
introducing more authority nodes than just a single one.

But then again, I don't have much knowledge about the related source
code either.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Weather has been discontinued

[Jason]

Oi!

I found it extremely useful for notifications on my exits.

Is it safe to assume the code is FOSS and repo'd somewhere?

-Jason

On 6/2/2016 5:21 PM, Greg Moss wrote:

*Again, sorry for any inconvenience -

Oh no worries. No one used it anyway-

-Original Message-
From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf
Of Karsten Loesing
Sent: Thursday, June 2, 2016 7:56 AM
To: tor-relays@lists.torproject.org
Subject: Re: [tor-relays] Tor Weather has been discontinued

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Dear relay operators,

I learned today that Tor Weather is already offline since May 24 due to
problems with our hosting company.

We briefly thought about recreating it from backups, but it seems that we'd
rather spend that effort on other things.

Again, sorry for any inconvenience.

All the best,
Karsten


On 04/04/16 16:48, Karsten Loesing wrote:

Dear relay operators,

as of April 4, 2016, Tor Weather has been discontinued.

Tor Weather [0] provided an email notification service to any user who
wanted to monitor the status of a Tor node.  Upon subscribing, they
could specify what types of alerts they would like to receive.
The main purpose of Tor Weather was to notify node operators via email
if their node was down for longer than a specified period, but other
notification types were available, including one where operators would
be informed when their node was around long enough to qualify for a
t-shirt.

The main reason for discontinuing Tor Weather is the fact that
software requires maintenance, and Tor Weather is no exception.
Tor Weather was promising t-shirts for relays that have not been
around long enough or that provided too little bandwidth to be useful
to the network, and it was almost impossible to deny a t-shirt after
Tor Weather has promised it.  Apart from that, Tor Weather was likely
not offering t-shirts to people who have long earned it, thereby
confusing them.  An unreliable notification system is worse than not
having a system at all.  Relay operators shouldn't rely on Tor Weather
to notify them when their relay fails.  They should rather set up
their own system instead.

We have tried to find a new maintainer for Tor Weather for years, but
without success.  We started rewriting Tor Weather [1] using Onionoo
[2] as data back-end in 2014, and even though that project didn't
produce working code, somebody could pick up this efforts and finish
the rewrite.  The Roster developers said that they're planning to
include an email notification function in Roster [3].
And we developed a simple Python script that provides information
about a relay operator's eligibility for acquiring a t-shirt [4].
None of these alternatives is a full replacement of Weather, though.

We encourage you, the community of Tor relay operators, to step up to
start your own notification systems and to share designs and code. Tor
Weather is still a good idea, it just needs somebody to implement it.

Tor Weather is discontinued in two steps.  For now, new subscriptions
are disabled, new welcome messages are not sent out anymore, and
existing subscriptions continue working until June 30, 2016.  From
July 1, 2016 on, Tor Weather will not be sending out any emails.

Sorry for any inconvenience caused by this.

All the best, Karsten


[0] https://weather.torproject.org/

[1]
https://trac.torproject.org/projects/tor/wiki/doc/weather-in-2014

[2] https://onionoo.torproject.org/

[3] http://www.tor-roster.org/

[4]
https://gitweb.torproject.org/metrics-tasks.git/tree/task-9889/tshirt.
py




-BEGIN PGP SIGNATURE-
Comment: GPGTools - http://gpgtools.org

iQEcBAEBAgAGBQJXUEjoAAoJEC3ESO/4X7XBd/4IALwN5pOft2AleZNM2JVEpIcE
lG+NaGWp+SfbAQ1Y94UEC69Z417/OWLcRk2eBpxEUia8PBschqiJYG39HLOzoet6
lFbz/l6oxG3dbYpO5Y46TrCt/HlgGUAFuljH4Z9VyGEg4IkW8OgSieg+c/PtKPS6
/ri0kCfc6MEoK605MexvzUnXTUsi9fk0dRvG49mKNnIe6s+j7PXbJH+QDqvp5KVS
SFj+C2Zvi19QOXjPcbn5qjb4Bql6htoesDuKbyUIrSI2Tfe0awSkgSYNfc5Xnhqg
ui8E4SG1wKLHCzWZtkUWnGdq0y74dHqUL+U/aFihKP+eIaq1HpSKBbEntg68AWc=
=RpHg
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relays by AS Names

[Jason]

Iceland checking in here, I'm not sure where you're getting that 
information but we have quite a number of other ISP's here that offer 
VPS service. The problem you may be referring to is that since we're 
only connected by three submarine cables (two of which are effectively 
government owned) ip transit prices are very high.

There's also different pricing schemes for ISP's vs Telecom services.
-Jason

On 4/8/2016 10:05 PM, Xza wrote:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512



On April 8, 2016 7:13:17 PM GMT+02:00, ng0 <n...@libertad.pw> wrote:

Tristan <supersluet...@gmail.com> writes:


I think https://compass.torproject.org has all the info I need. After
grouping by AS name for the United States, I decided to go with

Hostwinds.

They say 100Mbps unmetered for $7.50 a month, but the management page

says

10TB per month.

Sometimes countries definitions of "unmetered" are like that.
See the descriptive texts of ISPs who provide virtual machines or
even dedicated servers for you.
In iceland most if not all iceland based (legal entity in
iceland, not just the servers) ISPs somehow depend on advania
datacenter, and for advania in the retail, non-customized sale of
their VMs and dedicated servers are very low in monthly traffic
compared to the fair-use policy of the non-profit ISP I am at
currently.


Fun fact, US has quite a lot of exit relays, but France holds the

highest

consensus weight.

Another interesting fact - the person does not share these
analysis of course, or at least it's hard to get in touch
currently - is that in Netherlands a very large number of relays
is run by government agencies.

So how do you know that for sure ?
Have they confirmed that somewhere ?

- --
PGP : 29A4CE52
-BEGIN PGP SIGNATURE-

iQI4BAEBCgAiGxxEbyA8eWFuZGVyZXNvbkByaXNldXAubmV0PgUCVwgq+QAKCRBI
of/XNyszSmLUEACpxxgbtBQWy2MjEL9Q2N7f2iuFG+5uE+6r+fuqoWu9IKgrXc5H
KfZVn8tBEw6OAwP0Hnwcj2J0SRJkG2No38jeaJn1mnX2VZg3EKs8AdiauNouMk2g
eYo5HrP2puMlGukQxTEFKOo4H3f5Gr7bKpsz+baCGkzUplKGIMkLecAsB23EJdRC
5i4/tZY7xRoRT1af5HHXT9TiRmi89qHhOQlU0kAgwUiOA10TZXmeUVUsjyP4e5ZE
SFB+mx14wGq167/4k2pdZZ7MZHpDO91eN81ZhCvd1VWExY3aVF88inP0+00KCPur
c9/9cqa6fNeHYq118l3xiDCIkhqkjPww9F9ZtYtfwlSHO/aaMlZFoeANKeCfdvss
IE8C+LiTYICVUttH9x1pVLaIwAwXD5TAqRqLU3GI6gjHPgnh6aMYVb1Yk8BWesDN
VG8Vb3DXLTrGODy4ELaMqW70Ftq7NCMk921ZWDdmffjCJE5qLybEQcVFUKRzPNCD
ilUqK3ac4k2QD2Z10WnJQn4rTMJueyZl3lgEAqzv/fIqJs0Zt94XIt+yWnMQzhC0
L4xNfedbDBq62UT+GTzjy8wUCicyz5Kb0uoRPSTEiH7qH0nYVaMpRxSUQqdMCm0h
SVjC8juQo5uu1AyYHAIk5D4MKSMBqMaRJ/7uUC8/O6zwCVwqwMXgC242Pg==
=qHwg
-END PGP SIGNATURE-

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Bridges

[jason]

No


 Original message 
From: Roots Babilonia  
Date:23/01/2016  02:59  (GMT+00:00) 
To: tor-relays@lists.torproject.org 
Cc:  
Subject: [tor-relays] Tor Bridges 

Please send me bridges___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] 7 relays gone because of spammers

[jason]

This++

On 02/25/2015 07:32 PM, Pascal wrote:
 If you paid with a credit card, give them a choice: they can either
 refund your money or you will initiate a chargeback.  Either way you get
 your money back, but with the chargeback you will probably get all of
 your money back instead of a prorated refund, they have to pay a fee,
 and may have their merchant account terminated if they get enough of them.
 
 -Pascal
 
 
 On 2/25/2015 12:35 PM, Speak Freely wrote:
 This has cost me hundreds of dollars, as I foolishly decided to prepay
 on an annual basis. None of the servers were older than 2 months. Some
 were only a few weeks old.
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Fast Exit Node Operators - ISP in US

[jason]

Someone may wish to look into Rokubear, I remember them being mentioned
as Tor Exit friendly a few years back.
-Jason

On 11/28/2014 01:54 AM, Syrup-tan wrote:
 Turns out the colocation costs $672/year for the network, and another
 $780/year for power, so I don’t think Voxility is very feasible for an
 exit node without bargaining with them.
 
 If anyone knows of a good way of finding high-bandwidth budget
 dedicated servers (a search term or a list of providers, for example),
 please share. I expected there to be more of a market for this kind of
 thing than I've found.
 
 I recently rented a dedi from Online.net
 http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc)
 which offers unmetered b/w, but I’ve heard bad things about the network.
 I’ll do some testing this weekend on whether or not I can get the full
 150Mb/s link.
 
 On Nov 27, 2014, at 5:39 PM, Libertas liber...@mykolab.com
 mailto:liber...@mykolab.com wrote:

 On 11/25/2014 02:29 PM, Syrup-tan wrote:

 The colocation isn’t cheap to say the least, and it only gives
 5TB/month unless we want to pay more per month;

 
 This may the largest logistical problem I've encountered when looking
 for dedicated servers intended to be exit nodes. For most providers,
 even expensive and powerful servers (16+ GB of RAM, 8+ cores) will
 come with 2-10 TB of monthly bandwidth. Because much cheaper servers
 can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those
 limits, buying such packages just doesn't make sense. The additional
 bandwidth prices are usually strangely high, too. The pricing is often
 progressive - each additional terabyte costs more than the last.
 
 If anyone knows of a good way of finding high-bandwidth budget
 dedicated servers (a search term or a list of providers, for example),
 please share. I expected there to be more of a market for this kind of
 thing than I've found.
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Fast Exit Node Operators - ISP in US

[jason]

sorry was https://www.rokabear.com/ not roku
-Jason

On 11/28/2014 01:56 AM, ja...@icetor.is wrote:
 Someone may wish to look into Rokubear, I remember them being mentioned
 as Tor Exit friendly a few years back.
 -Jason
 
 On 11/28/2014 01:54 AM, Syrup-tan wrote:
 Turns out the colocation costs $672/year for the network, and another
 $780/year for power, so I don’t think Voxility is very feasible for an
 exit node without bargaining with them.

 If anyone knows of a good way of finding high-bandwidth budget
 dedicated servers (a search term or a list of providers, for example),
 please share. I expected there to be more of a market for this kind of
 thing than I've found.

 I recently rented a dedi from Online.net
 http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc)
 which offers unmetered b/w, but I’ve heard bad things about the network.
 I’ll do some testing this weekend on whether or not I can get the full
 150Mb/s link.

 On Nov 27, 2014, at 5:39 PM, Libertas liber...@mykolab.com
 mailto:liber...@mykolab.com wrote:

 On 11/25/2014 02:29 PM, Syrup-tan wrote:

 The colocation isn’t cheap to say the least, and it only gives
 5TB/month unless we want to pay more per month;


 This may the largest logistical problem I've encountered when looking
 for dedicated servers intended to be exit nodes. For most providers,
 even expensive and powerful servers (16+ GB of RAM, 8+ cores) will
 come with 2-10 TB of monthly bandwidth. Because much cheaper servers
 can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those
 limits, buying such packages just doesn't make sense. The additional
 bandwidth prices are usually strangely high, too. The pricing is often
 progressive - each additional terabyte costs more than the last.

 If anyone knows of a good way of finding high-bandwidth budget
 dedicated servers (a search term or a list of providers, for example),
 please share. I expected there to be more of a market for this kind of
 thing than I've found.
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Loki1 and Loki2 closed

[jason]

Hey fellow ops,

Just an FYI today that Icetor lost two of it's fastest two exits that
were hosted with Greenqloud here in Iceland, obviously would not
recommend them as an ISP in the future regarding exit hosting.
About two weeks ago we got notification that abuse notices were
breaking their EULA and would be the reason for the termination.
Today they shut down the nodes about 5 hours earlier than indicated, no
ability to do data migration or save keys.
Needless to say I'm not very happy with the entire situation and how it
was handled. We'll soldier on with our remaining two exits and ifanyone
is thinking of spinning up an exit in the future Icetor is still able to
handle abuse contact for the relay.
-Jason
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Oniontip

[jason]

Considering the operators opt in to the system via changing their
contact info (by appending a bitcoin address) merely checking that the
bitcoin donation go to those addresses would seem very easily verified.
A site like blockchain.info allows you to track bitcoin flows from
address information.
-Jason

On 09/27/2014 11:36 PM, Thomas White wrote:
 My concern (which has been highlighted before by Mike Perry) is that the
 site lacks accountability and transparency. There is no way to verify
 the donations actually reach the operators.
 
 -T
 
 On 28/09/2014 00:33, justaguy wrote:
 So, https://oniontip.com is a great help for tor-relay runners
 We do need more donations imho
 Whoever made it, thank you

 - Justaguy
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Good hosting location for exit relay

[jason]

I couldn't agree more with this statement, IMHO there's more importance
in bringing exits to diverse locales that spread the jurisdictional
problems over a wide geographic space. The more exits running in various
places the more of a normalizing effect this has on what Tor is, how it
functions and how useful it is. It also acts as a subtle indicator about
when there's regional resistance to tools like Tor, possibly due to it's
censorship bypass abilities, and avoidance of national surveillance
programs. It would be very nice to get a weighted list of which
countries need more exits, balanced against common reasons there aren't
more there already.
-Jason

 
 This issue has been discussed a few times before. In my opinion, even if
 there was an ISP that happily accepts Tor exit nodes, we should not
 place more and more nodes in their network. Remember that Tor network
 needs diversity.
 
 So, i think the goal is to expand the list of Tor-friendly ISPs rather
 than picking an entry from that list. You need to contact the ISP
 beforehand, explain what a Tor relay is and what is not. Also it helps a
 lot to handle yourself the abuse reports rather than letting your ISP do
 that.
 
 More information can be found here:
 https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
 
 Greetings
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] exit relay not receiving flag

[jason]

Hey All,
I'm a bit embarassed here but I don't see what I'm doing wrong. I've
recently inherited a VPS donation from an anonymous donor. I've
configured it up like the rest of Icetor's exit relays but it never
receives the exit flag. The exit in question is loki4:
https://atlas.torproject.org/#details/44DB05F3AEDA5DA34BC713201DD0394418C7DD97

An external Nmap scan of the IP shows the DirPort and ORPort open and
accessible, so what gives?

-Jason
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] fingerprint info propogation

[jason]

Sorry if asked before,
made a stupid oversight restarting one of my exits yesterday, had
duplicated the fingerprint file from another node. Changed the file to
the correct nickname today (I know nicknames are depreciated now) and
reset tor, how long will it take this change to propogate to the network?
-Jason
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] icetor's loki2 update status (CVE-2014-5117)

[jason]

I'm not sure why atlas hasn't updated yet but currently loki1 is running
2.4.23. As well as loki2 and loki3.
-Jason

On 08/18/2014 07:02 PM, Nusenu wrote:
 ja...@icetor.is:
 yep you're correct, I should have taken note of the version
 numbers better. All exits have been updated now.
 
 is atlas wrong/not up to date yet about loki2 having an uptime of 60
 days and still running tor v0.2.4.22?
 
 https://atlas.torproject.org/#details/5CECA69D0D91B5B38376B98B761BE18938297E8D
 
 
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] reaching out to relay ops that run outdated versions

[jason]

Let it never be said that public shaming doesn't work, I'll update our
exits tonight!
-Jason

On 08/17/2014 10:45 AM, Nusenu wrote:
 FYI: I just sent out the email bellow to ~160 relay operators - I hope
 this results in some actual improvements.
 
 It is a bit disappointing to see even torservers.net, DFRI, icetor,
 Frenn vun der Enn, Calyx, Cymru in the recipients list.
 
 The recipient list is based on the following output (limited to relays
 faster than 999KB/s):
 
 grep -v 0.2.5.6 Tor_query_EXPORT.csv |grep -v 0.2.4.23|grep -v
 0.2.6.0|head -n 344
 (csv is from torstatus.blutmagie.de)
 
 Hello,
 
 you are receiving this email because you are using an outdated tor 
 version on your tor relay. (your email address was taken from your
 relay's contact info field)
 
 Tor v0.2.4.23 has been released on 2014-07-28 [1] to address a 
 security issue that makes de-anonymization attacks easier [2] -
 please update to Tor v0.2.4.23 or v0.2.5.6.
 
 To find out your current version run the following command on your
 relay: tor --version
 
 If you are using Linux: Package managers can be used to
 automatically update Tor without requiring manual admin
 intervention.
 
 
 It is recommended to use the official APT/YUM repos from 
 torproject.org to get timely updates: APT: 
 https://www.torproject.org/docs/debian.html.en YUM: 
 https://www.torproject.org/docs/rpms.html.en
 
 
 thanks for running a relay and making the tor network safer!
 
 
 [1] 
 https://lists.torproject.org/pipermail/tor-announce/2014-July/93.html
 
 
 [2]
 https://lists.torproject.org/pipermail/tor-announce/2014-July/94.html
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] reaching out to relay ops that run outdated versions

[jason]

actually after poking at this for a bit tonight it looks like newer
packages haven't been rolled out for deb.torproject.org repo's yet.
I'll be waiting for them first.
-Jason

On 08/18/2014 02:55 AM, ja...@icetor.is wrote:
 Let it never be said that public shaming doesn't work, I'll update
 our exits tonight! -Jason
 
 On 08/17/2014 10:45 AM, Nusenu wrote:
 FYI: I just sent out the email bellow to ~160 relay operators - I
 hope this results in some actual improvements.
 
 It is a bit disappointing to see even torservers.net, DFRI,
 icetor, Frenn vun der Enn, Calyx, Cymru in the recipients list.
 
 The recipient list is based on the following output (limited to
 relays faster than 999KB/s):
 
 grep -v 0.2.5.6 Tor_query_EXPORT.csv |grep -v 0.2.4.23|grep -v 
 0.2.6.0|head -n 344 (csv is from torstatus.blutmagie.de)
 
 Hello,
 
 you are receiving this email because you are using an outdated
 tor version on your tor relay. (your email address was taken
 from your relay's contact info field)
 
 Tor v0.2.4.23 has been released on 2014-07-28 [1] to address a
  security issue that makes de-anonymization attacks easier [2]
 - please update to Tor v0.2.4.23 or v0.2.5.6.
 
 To find out your current version run the following command on
 your relay: tor --version
 
 If you are using Linux: Package managers can be used to 
 automatically update Tor without requiring manual admin 
 intervention.
 
 
 It is recommended to use the official APT/YUM repos from 
 torproject.org to get timely updates: APT: 
 https://www.torproject.org/docs/debian.html.en YUM: 
 https://www.torproject.org/docs/rpms.html.en
 
 
 thanks for running a relay and making the tor network safer!
 
 
 [1] 
 https://lists.torproject.org/pipermail/tor-announce/2014-July/93.html



 
[2]
 https://lists.torproject.org/pipermail/tor-announce/2014-July/94.html



 
___
 tor-relays mailing list tor-relays@lists.torproject.org 
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 
 
 ___ tor-relays mailing
 list tor-relays@lists.torproject.org 
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] reaching out to relay ops that run outdated versions

[jason]

yep you're correct, I should have taken note of the version numbers
better. All exits have been updated now.
-J

On 08/18/2014 03:48 AM, JT Allison wrote:
 0.2.4.23 has been on the repo for awhile now.
 
 ---
 GPG/PGP Fingerprint
 E129 722B A512 105C E8BE
 4705 8046 EA48 2C82 1339
 https://arlen.io/key
 
 On Aug 17, 2014 11:40 PM, ja...@icetor.is mailto:ja...@icetor.is wrote:
 
 actually after poking at this for a bit tonight it looks like newer
 packages haven't been rolled out for deb.torproject.org
 http://deb.torproject.org repo's yet.
 I'll be waiting for them first.
 -Jason
 
 On 08/18/2014 02:55 AM, ja...@icetor.is mailto:ja...@icetor.is wrote:
  Let it never be said that public shaming doesn't work, I'll update
  our exits tonight! -Jason
 
  On 08/17/2014 10:45 AM, Nusenu wrote:
  FYI: I just sent out the email bellow to ~160 relay operators - I
  hope this results in some actual improvements.
 
  It is a bit disappointing to see even torservers.net
 http://torservers.net, DFRI,
  icetor, Frenn vun der Enn, Calyx, Cymru in the recipients list.
 
  The recipient list is based on the following output (limited to
  relays faster than 999KB/s):
 
  grep -v 0.2.5.6 Tor_query_EXPORT.csv |grep -v 0.2.4.23|grep -v
  0.2.6.0|head -n 344 (csv is from torstatus.blutmagie.de
 http://torstatus.blutmagie.de)
 
  Hello,
 
  you are receiving this email because you are using an outdated
  tor version on your tor relay. (your email address was taken
  from your relay's contact info field)
 
  Tor v0.2.4.23 has been released on 2014-07-28 [1] to address a
   security issue that makes de-anonymization attacks easier [2]
  - please update to Tor v0.2.4.23 or v0.2.5.6.
 
  To find out your current version run the following command on
  your relay: tor --version
 
  If you are using Linux: Package managers can be used to
  automatically update Tor without requiring manual admin
  intervention.
 
 
  It is recommended to use the official APT/YUM repos from
  torproject.org http://torproject.org to get timely updates: APT:
  https://www.torproject.org/docs/debian.html.en YUM:
  https://www.torproject.org/docs/rpms.html.en
 
 
  thanks for running a relay and making the tor network safer!
 
 
  [1]
 
 https://lists.torproject.org/pipermail/tor-announce/2014-July/93.html
 
 
 
 
 [2]
 
 https://lists.torproject.org/pipermail/tor-announce/2014-July/94.html
 
 
 
 
 ___
  tor-relays mailing list tor-relays@lists.torproject.org
 mailto:tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 
 
  ___ tor-relays mailing
  list tor-relays@lists.torproject.org
 mailto:tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] OnionTip.com distributes Bitcoin donations to all BTC addresses set in ContactInfo

[jason]

An answer might be to use bitcoin multisig transactions () so that
OnionTip AND the relay is necessary to finalize the transaction.
-J

On 08/10/2014 04:48 PM, Tom van der Woerdt wrote:
 Tim Semeijn schreef op 10/08/14 17:33:
 On 8/10/14, 4:32 PM, b...@unseen.is wrote:
 Hi,

 apparently this hasn't been discussed here yet. About a month ago,
 Donncha O'Cearbhaill build https://oniontip.com/ during the Dublin
 Bitcoin Hackathon. It is a webapp which automatically extracts all
 Bitcoin addresses set in the ContactInfo variable of the torrc and
 distributes Bitcoin donations based on the consensus weight.

 There are already 100+ relays listed which represent around 5% of
 the total consensus weight. In just a few weeks they distributed
 around 125 US$.

 There are many other theoretical ways to provide compensation to
 tor relay operators (see
 https://blog.torproject.org/blog/tor-incentives-research-roundup-goldstar-par-braids-lira-tears-and-torcoin)



 but I really like this very simple and practical approach.

 Thoughts? ___
 tor-relays mailing list tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


 I myself added a bitcoin address to the ContactInfo variable of my
 nodes when I saw a tweet about this initiative. It is a nice way to
 offer a way to donate to multiple node running volunteers instead of
 donating to a specific person or organization.

 My nodes take up 20% of the current donations based on consensus so it
 would be nice if more relay operators take part in this project to
 make it resemble the current Tor network better.
 
 I really like this and I've added an address to my exits (4.2% of total
 exit consensus). However, for this to really kick off I'd recommend
 adding visibility on how many donations were received and how it was
 distributed across relays. There should be safeguards to prevent
 oniontip.com from taking a part of the money, etc.
 
 Tom
 
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] multisig link

[jason]

sorry meant to include relevant link to multisignature documentation
https://github.com/bitcoin/bips/blob/master/bip-0010.mediawiki
-J
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Reliable way to gauge tor throttling?

[jason]

What would be a good method to determine if tor traffic is being
throttled on a exit relay vs normal internet traffic?
-J
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relays or exits: which is needed?

[Jason Odoom]

Hi Michael,

Exits are needed most.[1] But if you want to run an Exit be prepared to
deal with complaints. That link should answer your question in depth
although the stats are four years old. It also includes tips to make sure
you run an Exit with minor issues. Although the stats are outdated and the
percentage of Exits have increased over the years, as it states in the post
it is still one of the scarcest nodes. Hopefully others will be able to
provide more information concerning updated statistics. But I believe it
was covered at 30C3 last-year. [2]

Regards,

Jason Odoom

[1]
https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
[2] http://youtube.com/watch?v=CJNxbpbHA-I

Sent from my Android, please excuse my brevity and any typos.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] bitcoin adopt a node idea

[jason]

Sorry perhaps I didn't explain well enough. What I was pointing to was
that tor could benefit from the idea of cheaply crowd sponsored relays
that use ansible, chef or  puppet to spin up for a month. That the
article is about bitcoin is merely coincidental.
-J
On 06/26/2014 05:35 AM, Scott Bennett wrote:
 ja...@icetor.is wrote:
 
 This seems pretty damn similiar to something we should be offering for
 Tor relays, possibly even exits and bridges (if they only run for a
 month at a time). Possibly co-ordinated through the EFF?

 http://www.coindesk.com/adopt-node-project-aims-bolster-bitcoin-network-security/

  Assuming that the relevant bitcoin programs could be taught to talk
 SOCKS, then it seems that tor hidden services would, in principle if not
 in performance, be an ideal solution.  Running those bitcoin full nodes
 as hidden services might well make them less vulnerable to being shut
 down by currency counterfeiters (e.g., the Federal Reserve and the central
 banks of other states, U.S. Dept. of the Treasury).  Performance of hidden
 services, however, are severely constrained by the hidden services protocol,
 which can slow connection times enough to make one consider USnail as a
 possible alternative, and the need for circuits of 2n-1 relays, which makes
 access even slower than normal tor circuits of n relays.
 
 
   Scott Bennett, Comm. ASMELG, CFIAG
 **
 * Internet:   bennett at sdf.org   *or*   bennett at freeshell.org   *
 **
 * A well regulated and disciplined militia, is at all times a good  *
 * objection to the introduction of that bane of all free governments *
 * -- a standing army.   *
 *-- Gov. John Hancock, New York Journal, 28 January 1790 *
 **
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] CLI tool like Atlast

[jason]

Here's the code for anyone interested:
https://github.com/woeisme/torchart
pretty basic json query to php and pchart
-Jason

On 06/18/2014 03:17 PM, Kali Tor wrote:
 Hi,
 
 
 
 On Wednesday, June 18, 2014 11:26 AM, ja...@icetor.is ja...@icetor.is 
 wrote:
 I fooled around with some php json parsing in order to get my metrics
 charts working on icetor.is . I can send you the code if you'd like.
 -Jason
 
 That would be much appreciated!
 
 Thanks,
 KaliTor
 

 On 06/18/2014 10:15 AM, Lukas Erlacher wrote:
  Hi,

  I'm working on that. The onion.py script in OnionPy [1] has some
  rudimentary atlas-like functionality that I hope I can soon make
  complete as soon as I find some free time.

  If you know python, it shouldn't be too hard to do that, PR's 
 welcome!

  Best,
  Luke

  [1] https://github.com/duk3luk3/onion-py

  On 06/18/2014 12:01 PM, Kali Tor wrote:
  Hi all,

  Is there a CLI client/tool that does what
  https://atlas.torproject.org/ does? Basically provide an output based
  on a node's fingerprint?

  e.g.

 https://atlas.torproject.org/#details/7EDE11A41D1C7DF4F9103ABAA4F0A31E42CB0C02


  Thanks,
  KaliTor
  ___
  tor-relays mailing list
  tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays





  ___
  tor-relays mailing list
  tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] CLI tool like Atlast

[jason]

there you go:
https://github.com/woeisme/torchart

On 06/18/2014 03:17 PM, Kali Tor wrote:
 Hi,
 
 
 
 On Wednesday, June 18, 2014 11:26 AM, ja...@icetor.is ja...@icetor.is 
 wrote:
 I fooled around with some php json parsing in order to get my metrics
 charts working on icetor.is . I can send you the code if you'd like.
 -Jason
 
 That would be much appreciated!
 
 Thanks,
 KaliTor
 

 On 06/18/2014 10:15 AM, Lukas Erlacher wrote:
  Hi,

  I'm working on that. The onion.py script in OnionPy [1] has some
  rudimentary atlas-like functionality that I hope I can soon make
  complete as soon as I find some free time.

  If you know python, it shouldn't be too hard to do that, PR's 
 welcome!

  Best,
  Luke

  [1] https://github.com/duk3luk3/onion-py

  On 06/18/2014 12:01 PM, Kali Tor wrote:
  Hi all,

  Is there a CLI client/tool that does what
  https://atlas.torproject.org/ does? Basically provide an output based
  on a node's fingerprint?

  e.g.

 https://atlas.torproject.org/#details/7EDE11A41D1C7DF4F9103ABAA4F0A31E42CB0C02


  Thanks,
  KaliTor
  ___
  tor-relays mailing list
  tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays





  ___
  tor-relays mailing list
  tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] CLI tool like Atlast

[jason]

I fooled around with some php json parsing in order to get my metrics
charts working on icetor.is . I can send you the code if you'd like.
-Jason

On 06/18/2014 10:15 AM, Lukas Erlacher wrote:
 Hi,
 
 I'm working on that. The onion.py script in OnionPy [1] has some
 rudimentary atlas-like functionality that I hope I can soon make
 complete as soon as I find some free time.
 
 If you know python, it shouldn't be too hard to do that, PR's welcome!
 
 Best,
 Luke
 
 [1] https://github.com/duk3luk3/onion-py
 
 On 06/18/2014 12:01 PM, Kali Tor wrote:
 Hi all,

 Is there a CLI client/tool that does what
 https://atlas.torproject.org/ does? Basically provide an output based
 on a node's fingerprint?

 e.g.
 https://atlas.torproject.org/#details/7EDE11A41D1C7DF4F9103ABAA4F0A31E42CB0C02


 Thanks,
 KaliTor
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 
 
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] abuse handling

[jason]

Hello all,
With the upsurge of new users running relays this list has picked up a
fair amount activity. I run one of torservers.net partner organizations
called Icetor (icetor.is). In addition it handles abuse notifications
for other individuals who choose to run exit relays. This is done in
addition to the exit relays I run via the partner organization. I'm
willing to extend this service to other individuals who are running high
speed exits but perhaps would prefer to run them under an organization
and not their personal names. Write me back privately if interested.
-Jason
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DigitalOcean starting Exit node crackdown

[Jason Odoom]

Hi Shawn,

 I also run an exit on DO's infrastructure and have been for the past six
months. I have received some complaints as well. Besides the usual
blacklisting, DO support has contacted me twice about my exit which I've
had to explain as well:

My email is not relevant to this IP address. There is no information in the
whois that identifies me. However, I am the owner and operator of
xxx.xxx.xxx. If you access that IP directly you can see that it is a Tor
Exit Router.

ln which I received the response:

We strongly recommend against running tor exit nodes on our droplets for
this reason. Please be aware that you are responsible for any abuse
generated from your droplet including that that comes across the Tor exit
node you are running. Failure to resolve these issues could result in
account suspension.

l responded assuring them I would take care of all issues. But for them to
shut down your exit is shocking. Were there any issues that needed
resolving that you ignored probably?

Regards,

Jason




On Thu, May 15, 2014 at 1:44 PM, Shawn Nock n...@aphr.asia wrote:


 Hello friends,

 As I recall, there are several exits running on DigitalOcean's
 infrastructure. This is presented FYI:

 Background: I've run an exit on DigitalOcean for about a year without
 issues (lost track of uptime duing heartbleed key regen). It wasn't
 hidden (the droplet name was 'tor-exit') and it had valid reverse DNS
 and the standard informational page was hosted there. At the time of
 droplet creation, tor exits were not prohibited by their ToS. I've
 mentioned to DigitalOcean staff during support tickets that it was a Tor
 exit.

 Today the exit was shutdown, the message received was this:

 Hello
 
 We do see that you are running an exit node for the TOR network.
 
 Unfortunately we are unable to resume services to this droplet and ask
 you that you please not run any other TOR exit nodes.
 
 Please get back to us as soon as possible so we can resolve this.
 
 Thanks
 Support

 I sent the following response:

 Hello,
 
 My droplet has been running for months (perhaps a year) with no
 significant incidents. It is well managed, allows only a strict subset
 of traffic to exit and the very few complaints that have been lodged
 have been dealt with quickly and professionally (as said by your
 support team). The droplet has been configured to limit the rate of
 traffic below the droplet's monthly network transfer quota.
 
 It's well established that under US law ISPs are excluded from
 liability under the safe-harbour provisions of the DCMA for any
 copyright infringing traffic. More generally, the probability under US
 law that an ISP would be held liable carrying user-generated traffic is
 extremely low. Tor exits have been operated by Universities, Churches,
 and corporations (large and small) for slightly more that 10
 years. During this time not a single criminal or civil complaint has
 been brought against an operator's ISP (to my knowledge).
 
 While it is surely your right to operate your business in the manner of
 your choosing; I politely request an explanation for your apparent
 policy against Tor exit nodes. If there is some way I might change the
 parameters of the exit to suit a policy against specific traffic (to
 certain IP blocks, port ranges); I'd surely comply.
 
 Finally, in this time where repressive regimes are cracking down on
 Internet traffic and persecuting their countrymen and where free access
 to the internet is nearing the stature of 'human right': if your policy
 is indeed a general one against all Tor exits, I urge you to reconsider
 your policy. It would be a great service to tens-of-thousands of Tor
 users (refugees, political activists, religious minority, abused
 spouses, law enforcement, c) to revise your policy to allow
 well-maintained exits to remain on your network.
 
 I appreciate any attention you could give to this serious matter.

 --
 n...@aphr.asia (OpenPGP: 0x6FDA11EE 3BC412E3)

 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A few questions about my setting up my first Tor relay.

[Jason Jung]

Blob = proprietary binary package.  Packages where no source code is
available so you can't readily be 100% sure they do only what you expect
them to do.


On Fri, Apr 18, 2014 at 7:35 PM, I beatthebasta...@inbox.com wrote:

 What the heck does blob free mean?

 Beaglebone Blacks are impossible to get for some reason. They seem good
 for the job with more stability for equal power consumption.
 Has anyone got Tor running on something similar in price?

 Robert


  I don't know if someone else already tried that, but you could use a
  BeagleBone Black [0] as well. It's a bit more powerful (1 GHz, newer ARM
  processor generation) than the Pi. The advantage I see is that it's blob
  free, which is a concern with the Pi for some people (please correct me
  if I'm wrong!).


 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays




-- 
Jung
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] using Arm to manage nodes

[jason]

Hello all,
This is something that's bothered me for quite some time. I often use
arm (https://www.torproject.org/projects/arm.html.en) for monitoring my
relays and to keep a quick eye on things like overall bandwidth
consumed, traffic stats and my favorite client locale statistics. I run
it in a screen session and often when I re-attach the session often the
keymapping is all messed up and the arrow keys will offer to close arm.
Usually it will correct after I shift-m to get to the menu and switch
around a few times. Has anyone else experienced this and how did you
solve it?
-Jason
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] using Arm to manage nodes

[jason]

I've noticed this also on a CentOS system that I manage for someone else.

On 02/07/2014 08:00 PM, MacLemon wrote:
 I haven't experienced garbled keymappings yet. The only thing that doesn't 
 seem to work for me is the graphs which don't get painted on OS X. Everything 
 else seems to work just fine.
 Best regards
 MacLemon
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] using Arm to manage nodes

[jason]

Additionally does anyone know what effects the client locale statistics
on page 2? I've had those statistics come and go and I can't figure out
what causes them to disappear.
-J

On 02/07/2014 06:24 PM, ja...@icetor.is wrote:
 Hello all,
 This is something that's bothered me for quite some time. I often use
 arm (https://www.torproject.org/projects/arm.html.en) for monitoring my
 relays and to keep a quick eye on things like overall bandwidth
 consumed, traffic stats and my favorite client locale statistics. I run
 it in a screen session and often when I re-attach the session often the
 keymapping is all messed up and the arrow keys will offer to close arm.
 Usually it will correct after I shift-m to get to the menu and switch
 around a few times. Has anyone else experienced this and how did you
 solve it?
 -Jason
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] System Time

[jason]

Hello Fabiano,
You should try unsubscribing from the mailing list, I'm not certain M15
can help you with this though.
-J

On 01/18/2014 07:08 AM, Fabiano London wrote:
 Please! I am not participate in this forum anymore! Any e mail that coming 
 after this will be reported to Uk intelligence police (M15) 
 Be aware pls with all posts or e mails here !
 Have a nice weekend to all  
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor-relays Digest, Vol 36, Issue 23

[jason]

Jack I'd be happy to help you,
we could chat over xmpp using otr if you're able. my username is
kupoj...@gmail.com. I'll help you set up your machine as a relay.
-J

On 01/18/2014 06:05 PM, Jack Wilborn wrote:
 I have an extra machine that I was hoping to configure for a Tor relay.
 I'm not a wizard with Linux (Debian), but if there are some more, specific
 instructions to ensure everything is working, I'd love to do it.  My
 current ISP is Cox and I have about 30 MB/sec Down and about 24 MB/sec up.
 I understand this is wide enough.  If anyone can assist please e-mail me.
 
 Thanks
 
 Jack
 
 
 On Sat, Jan 18, 2014 at 5:00 AM, 
 tor-relays-requ...@lists.torproject.orgwrote:
 
 Send tor-relays mailing list submissions to
 tor-relays@lists.torproject.org

 To subscribe or unsubscribe via the World Wide Web, visit
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 or, via email, send a message with subject or body 'help' to
 tor-relays-requ...@lists.torproject.org

 You can reach the person managing the list at
 tor-relays-ow...@lists.torproject.org

 When replying, please edit your Subject line so it is more specific
 than Re: Contents of tor-relays digest...


 Today's Topics:

1. dutch operators and experience with dutch providers (Rejo Zenger)
2. VPS ports impassable (I)


 --

 Message: 1
 Date: Sat, 18 Jan 2014 10:22:49 +0100
 From: Rejo Zenger r...@zenger.nl
 To: tor-relays@lists.torproject.org
 Subject: [tor-relays] dutch operators and experience with dutch
 providers
 Message-ID: 20140118092249.gd24...@ix.home
 Content-Type: text/plain; charset=us-ascii

 Hi,

 Are you a Dutch relay operator or do you have experience with hosting a
 Tor node with a Dutch ISP? Please get in touch with me!

 I'm colaborating with a journalist from one of the leading technology
 media websites on one or more stories that will describe the environment
 for Dutch Tor relay operators. What are the main problems you are
 facing, are Tor relays a problem to the average Dutch ISP, etc?


 --
 Rejo Zenger . r...@zenger.nl . 0x21DBEFD4 . https://rejo.zenger.nl
 GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger
 -- next part --
 A non-text attachment was scrubbed...
 Name: not available
 Type: application/pgp-signature
 Size: 931 bytes
 Desc: not available
 URL: 
 http://lists.torproject.org/pipermail/tor-relays/attachments/20140118/1cf624db/attachment-0001.sig


 --

 Message: 2
 Date: Sat, 18 Jan 2014 02:22:15 -0800
 From: I beatthebasta...@inbox.com
 To: tor-relays@lists.torproject.org
 Subject: [tor-relays] VPS ports impassable
 Message-ID: 20b3d1b2d3f.062abeatthebasta...@inbox.com
 Content-Type: text/plain; charset=US-ASCII

 Hej,

 [WARNING - if you don't want to see another Tor relay get going stop
 reading now.]

 After installing Tor on a VPS running Ubuntu 12.04.4 LTS it reports

 [warn] Your server (173.208.211.179:9030) has not managed to confirm that
 its DirPort is reachable. Please check your firewalls, ports, address,...

 The VPS operator is trying his best but says the ports are open and is
 asking others.

 In the meantime does anyone have anything to offer?

 Robert




 --

 Subject: Digest Footer

 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


 --

 End of tor-relays Digest, Vol 36, Issue 23
 **

 
 
 
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Weather getting T-shirt email. Problem

[Jason Odoom]

I agree there should be another way. I just recently had to start
overhttps://atlas.torproject.org/#details/9748228B9BC40C154F74AA9EDFDF698B902C986Fbecause
I updated Tor. I don't plan on updating again until two months have
passed.

Jason


On Mon, Dec 30, 2013 at 1:14 PM, Thomas Hand th6...@gmail.com wrote:

 I've run several middle relays for over a year but they keep getting
 knocked down due to circuit creation storms (on RPIs) or powercuts or
 updates or some other issue. Yes uptime is important, but 100% is not
 practical for most relay operators. Also, if you want a  shirt so badly,
 donate to Tor! In fact, I just realised I do want a shirt!
 Tom


 On 30 December 2013 11:48, Random Tor Node Operator 
 t...@unterderbruecke.de wrote:

 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 On 12/28/2013 01:26 AM, I wrote:
  I think two months is a bit short to be rewarded with a t-shirt
  from donated resources.
 
  It makes more sense to extend the time but include the total time
  running ignoring minor disruptions.

 I agree with that point, because currently, relay operators have the
 incentive to not update to the latest Tor version whenever a new
 version is released, in order to keep the consecutive uptime high.
 That is probably not in the best interest of Tor.

 Maybe Tor Weather could look at the flags instead of the consecutive
 uptime instead. For example, you typically don't lose your Guard or
 Stable flag due to a reboot.



 
  Robert
 
 
  : i noticed a problem with tor weather. I should have recieved a
  email : -Uptime is nearly 100%,
 
  Tor weather needs some updating, however it continues to email
  plenty of relay operators. The reason you didn't get an email is
  tor weather didn't see your relay matching the uptime
  requirement,
 
   GET
  FREE SMILEYS FOR YOUR IM  EMAIL - Learn more at
  http://www.inbox.com/smileys Works with AIM®, MSN® Messenger,
  Yahoo!® Messenger, ICQ®, Google Talk™ and most webmails
 
 
  ___ tor-relays mailing
  list tor-relays@lists.torproject.org
  https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.11 (GNU/Linux)
 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

 iQIcBAEBAgAGBQJSwV11AAoJEJe61A/xrcOQbPUP/RtgN4CQSJeUC8ZPt1/r0ryU
 rc8ssBWHcmZBj513UaIes2HcmL72RMUXaaRtzDxrZR3F0gd7eRLWfBYXZw3M4XF+
 6SFVkesG2Mb5L41rRyqwHlIw/Cj9y9ilH6loQfAWDTaQJVtd9JQ8UQuVzIqTcAfd
 /ZNJnC4lZGzmH+Iih0nS0hTb+NG9jEN/32pMFc4eh7fHDg4/A6TVKftHeAcjnnv1
 eIeY8kOELT3U8Dd2OV0j8tpWbvC/Rz5KYnLA2EMQLdifhSMCtbXv0a3fr58Ph8JS
 BfFKNFd+YvQNRUSPvkiUrCdjr8btPKYsNb9OPaNjUVkum6K1m8U/+z1OssdiGIxM
 IDMKmxNpQ6xlmaaWh+KegVtvV/azo51PbMlj2f/8PmqAxeJokFBaHx5V07InaA62
 OKtpcLhb3zrJNmLdjp2GQ5tuRJwnXc+B2ulCO1OtjWq3Snl04quMr6GL2IPbnUMB
 UO8b3uN5tZp9IrO2rDTjlPLYNMLWhlgvaCKNpMDL83s1CzBJIzq2980fdd8KpSlY
 ThTe2DfLM3uXgbHu77ff1NXLK9UCTQZ9jMhk7UUg9pPYpjeYIZwuB9F7fZN4lr/h
 cdnFTJlo7P9n2MESfxzAshNg0fzSz3daTj524NnFvkl9W/ew+YqEocPkf/7Wn9xi
 2M2t1wC0QeFzdhMkXGqq
 =IPcb
 -END PGP SIGNATURE-
 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



 ___
 tor-relays mailing list
 tor-relays@lists.torproject.org
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Outbound Address differing from exit address

[jason]

Greetings all,
I'm in the process of setting up a few Exits on a Cloud provider here in
Iceland (one that I used to work at actually). Since they use Cloudstack
it means each address per account gets multiple inbound address per
instance and share the same address for outbound traffic. I'm worried
that abuse notices will be coming in for this outbound address even
though I've got 80 on the exit node's IP showing the standard Tor Exit
disclaimer. I've tried to set OutboundBindAddress to the outbound IP
using arm but this just causes arm to complain about:
[WARN] Error binding network socket: Cannot assign requested address
Any advice would be appreciated.
-J
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Minimum Requirements for a fast exit relay

[jason]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In the process of shopping round for some fast exit hosting and
realized I had some unanswered questions.
What's the minimum system requirements people would consider for
hosting a fast exit relay?
Does doing it on a KVM host alter these answers at all?
How linked our system resources and bandwidth capacity?
- -Jason

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSk9PmAAoJEJJlIjlYdaGY5AsIAIDnJZl1IvUOR5Eo62iYyXjM
IPVF8gzwYCnxG6EGsGQflyyhfuy6S+yR3cDrw/0pftnZEWgukkt6Ma3r2ZrEK00r
dhajLhmeuLoBhJ8LS8mjCCnmS7YRa7M3zKVAjalFs+ngZraugyc7rvIj2hKee76o
2f4fxKsDXBN6v6oKGqCjqTA4My2bF2ogUZr/yLzGqX5M40srM2ugA5UX33hpNbKd
p7l3GNXy7vDems+JCpMZad+ux0EtcDv9/GTKreNkAC4gzPlJXPGnEy5JDxgIPHyJ
WXS6NJizrTCFCUobvKvd7tiePsn1q12MBe/3WE3zMnzLah/g12CmFW1Vl6vbnow=
=EyAa
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] hardware accelerated crypto

[jason]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I'm not sure why I missed this first post but I'm very interested in
working on this project with whomever is interested. I  bought a
pogoplug v2 specifically to test it's usefulness as a tor exit or relay.
- -Jason

On 10/01/2013 06:39 PM, Andy Isaacson wrote:
 On Fri, Sep 13, 2013 at 12:25:47AM +0200, Sarah Vigote wrote:
 I would like to run a 100Mb/s tor exit node, but I have issues
 wrt power consumption.
 
 reading 
 http://ortizaudio.blogspot.fr/2011/10/using-dreamplugs-crypto-chip.html

 
it seems dreamplugs has *fast* aes-128-ecb.
 
 Does anyone have any experience running a node based on cheap
 crypto chip (dreamplug, marvell 88F6282, sheeva-core, padlock,
 ...) ? What performance can I expect out of these ?
 
 Unfortunately AES is not the primary CPU consumer on Tor nodes
 right now; we spend a lot more time doing bignum computation for
 TAP circuits.  Crypto accelerators don't work very well for
 bignums.
 
 It's not a perfect equivalence, but openssl speed rsa should give
 a reasonable estimate of how well your chip will do for TAP
 circuit creation.  Here's a dual-core Westmere at 2.1 GHz (should
 be fairly close to a modern Xeon core):
 
 signverifysign/s verify/s rsa  512 bits 0.000105s 0.07s
 9548.7 137778.7 rsa 1024 bits 0.000340s 0.21s   2941.1
 48539.0 rsa 2048 bits 0.002205s 0.70s453.4  14362.8 rsa
 4096 bits 0.016398s 0.000260s 61.0   3840.3
 
 A single Xeon core can currently handle most of a 100 Mbps exit
 node's traffic, so you should look for a dual-core chip that
 delivers at least 1500 sign/s on rsa-1024.  Unfortunately I doubt
 there are any ARM chips that can compete.
 
 -andy ___ tor-relays
 mailing list tor-relays@lists.torproject.org 
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSSxhfAAoJEOXtwcWdKrpuG4cP/04KspbxenNkcLXvXWPdiUTi
UJlg2EOphyHlMp8lUPQPcHprYAWEQUjTpUevxZXNhjhr6oGrw/OVem1Ht74DpjA/
9rg+0z4m/YiRCUCSLtl5aLqE65z8bN9NM00qyppDLCEsu/ogR3qXDibUNjIAjmfg
8qRcoA28xJ3hn0eo21AB1aZ/clkUF5REAPoLeG2K7Nmz1sBznky0NxtdgHx+bPP/
utQg5n797pIUx3PjWsV/PnebeJ2VPFCkM6ZI06jINcYHXVLGn1B/2NklGSUrwNLf
4W7vIWptENHjcsM4XBLcnPt8DzrtNEPKOemKLRledWFOE2Kha/nBqMRoExXjEgbA
1VNE1gbwNIsUEbr1uEuAu2cbfvHXw1wPMWvn9dV+4Kh4srhARiq+4xZ7qRAGxrbr
uf2klMY+brrwf6nLJsbPxAdKWZCLNCe1CIrpb9mX/SJVCb8qWGMXSxnDbpqfZsYU
CxJy2JQ9VeVaPCNypjm2PQprBz2vt/QGlaXELiL446QVveSZIv6e4QCGSSmHPvww
TeqCRkvgGj5tE43On2cj0YBmuLjJXnsA2K3+KrZtshVp1qBQIf3FevhHCzKljdW4
QYn7v/kBWRlko/79iJMp9FP7jL6gsfiHj9NkEjAer04Esnyych5aXpNEv2GXDKyr
8omA70GBANyUybmIk7aW
=hL5v
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] hardware accelerated crypto

[jason]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

I would love to do all this actually but I never managed to get the hw
accelerated crypto (ssl/tls) bits working to experiment with. I'd be
up for restarting this if I knew I could consult with one or two
others who had a genuine interest in this.
- -Jason

On 10/01/2013 08:26 PM, Jeroen Massar wrote:
 On 2013-10-01 21:20, Andy Isaacson wrote:
 On Tue, Oct 01, 2013 at 06:45:52PM +, jason wrote:
 I'm not sure why I missed this first post but I'm very
 interested in working on this project with whomever is
 interested. I  bought a pogoplug v2 specifically to test it's
 usefulness as a tor exit or relay.
 
 First step is, run openssl speed rsa and post the output to the
 list. While you're at it you may as well post the AES and SHA
 results as well. Heck, just run the whole openssl speed test
 (should take less than 20 minutes) and post the whole thing. :)
 
 Also details on what CPU/RAM it has, and information about the
 kernel and OpenSSL package you are testing, would be useful.
 dmesg output and the contents of /proc/cpuinfo may be helpful.
 
 Maybe a good idea to put the output in the wiki somewhere?
 
 Greets, Jeroen
 
 ___ tor-relays mailing
 list tor-relays@lists.torproject.org 
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
 

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBAgAGBQJSSzIUAAoJEOXtwcWdKrpuw1oP/RW+ZvMVTDAL0PrKniMB+skZ
gZf/G2grWaGHzOyo3rC0er8iZdfFY1lN6SB/NWUR7K1xAIvnARRv5Y/N62f9T5O4
a3bOu61T0XtZ3CeGVtA9Op9QmCOC/UOMebVh4Fa1/Ksb7eEpcne7JcCpW4wnGLHO
iL+nHDEhyfCjYtBQHa471RaIha+D25yKMIaEhjol9daEbW3PdryzHH7F7mVOYwiT
W+cCeu5NnHRp9FIwOXTPWwaTLro4XsORLcuJzXjF2Gz6k/HXF1yi1eBv9ljvsa5y
/ZrpzYqk6gE6zr51GolIypIMm4bLnuzs5ld4XsXT2rdJUSgBKpzydqdn0UZplVKa
4Tes7s/8WQCK0CGQvguhQYxUTzF9J/5PtWRBtb9UBM7Zzz1YLFEesQH4kGtevviO
K8wInsAXcJjAYiPY51eoMXCz38qqHlhy9v/20cg8erJrC7K/r4OlmtDGBegrNI7G
joHi+HsthFHcGs7AZb2dxSozO9+jt26gtG4u7XDdoEzF5hOJZBopjilERuNRUxSZ
QHhUdPMh7UFOmYDNkrisF6qPImuuKtQf5NLQ0NaeOrXCwzgJTc4vMk9brAE2kZ0P
lv389MO7d7AnvtMwr/fIjoZHTCgGuCQU0iA5baeid/FlfWsaHudkAI+7w77qRLCN
dj7XKgeHH8XghTToTxaB
=TTnt
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Final Warning Notice

[Jason Self]

Chris Sheats said:

 this isn't a good precedent for TorProject/Seattle volunteers
 considering that they provide 100 and 1000 Mbps service.

But are not the only ones [0]. Their position regarding TOR remains to
be seen.

[0] http://gigabitseattle.com/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays