Re: [tor-relays] Comcast blocks ALL traffic with tor relays
>As to the blog post you mention… Your statements are very generic: now you >talk about "not blocking tor", but tor is not just one webpage, one server, a >monolithic entity. I would appreciate details: If your customer has "advanced >security" activated, can he connect to any ORPort of any tor middle relay? Fair enough. That post was in any case from 2014 and the questions are different today (I just used it as an example that we’re not against Tor). Honestly, I’m a little surprised that someone running a Tor exit node would not be using their own cable modem and running their own router (whether open source a la Openwrt or commercial). If someone wants to do stuff like run a Tor exit node or run a MASQUE relay or whatever, I’d recommend they turn off Advanced Security and manage their routing & firewall rules themselves. >Sorry if I am a bit repetitive, but >https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security<https://urldefense.com/v3/__https:/www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security__;!!CQl3mcHX2A!GL-M865o8Ul6VQiGJSAHwue9MmlLnlCkSlez2kSjTpTq91B5S2TV_6hpdIS3pBMgjK8UBjTiRgcW8Hu1XzhBRik$> > mentions "Blocks remote access to smart devices from known dangerous >sources.". What do you mean by dangerous sources, and does it include tor >relays or exits? It may be down to the fact that “unknown” users connect to the relay/exit and that the average consumer user of the Advanced Security service does not want that. I suspect if someone wants this, it’s best to toggle Advanced Security off. > I don't know whether this customer has "Advanced security" turned on, I just > assume he has. Do you want me to send you privately more details (my IP and > this peer's IP)? Sure – I am happy to look at that confidentially. But it could be a wide range of other things – even basic things like someone’s router timing out external connections after X minutes, etc. > So you remind me of an old joke: who should I believe, you, or my eyes? > Sorry, I choose my eyes. I am talking here about direction from my node to > Comcast. It is still possible that you don't block connections from Comcast > to relays, I have contradictory evidence about this point. So if your "not > blocking tor" means "not preventing our customer from connecting to some tor > relays", this could be true. Alternatively, given the large size of our network, if we were in fact blocking this, then I’d expect to see this list filled with complaints and social media sites (Twitter<https://twitter.com/search?q=comcast%20tor=typed_query=top>, Reddit, etc.) filled with complaints. But what I see now is a single report. That said, I routinely look at such reports when they seem at odds with our network policies so as to be certain there’s not some misconfiguration or bug someplace. Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Do they use their own modem/router?
BTW, feel free to refer back to my 2014 blog statement on this at https://corporate.comcast.com/comcast-voices/setting-the-record-straight-on-tor. Jason From: tor-relays on behalf of "Livingood, Jason via tor-relays" Reply-To: "tor-relays@lists.torproject.org" Date: Wednesday, June 14, 2023 at 14:43 To: "tor-relays@lists.torproject.org" Cc: Jason Livingood Subject: Re: [tor-relays] Do they use their own modem/router? This thread mentions “Advanced Security” and you can learn more about that at https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security<https://urldefense.com/v3/__https:/www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security__;!!CQl3mcHX2A!HeJfTFO9PYjskQKoX0pF6nd0myfZCjx1gnnXFAKVDpF_x2krlJQcBix015xoehbZcYJK4X2zGQ2b6pvQKA6Wklz1P4hIRSnkraU$>. This feature can only be used with a leased Xfinity gateway like the XB7 or XB8. There are a great many cable modems that customers can and do buy in retail stores that do not have such features – like the Arris S33 cable modem. So, a customer that has Advanced Security has in essence (1) chosen to use an XB gateway rather than buy their own modem & router in retail and manage it themselves, and (2) turned on Advanced Security. If the customer in question that is using Advanced Security wishes to turn it off, they can do so in the Xfinity app (or turn the modem into ‘bridge mode’ and use their own router, or use their own modem). I’m happy to help answer other questions. Jason Livingood Technology Policy, Product & Standards Comcast ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Comcast blocks ALL traffic with tor relays
Hi – Dropping into this thread from Comcast to say that we DO NOT BLOCK Tor. Feel free to refer back to my 2014 blog statement on this at https://corporate.comcast.com/comcast-voices/setting-the-record-straight-on-tor. Jason Livingood Technology Policy, Product & Standards Comcast ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Do they use their own modem/router?
This thread mentions “Advanced Security” and you can learn more about that at https://www.xfinity.com/support/articles/using-xfinity-xfi-advanced-security. This feature can only be used with a leased Xfinity gateway like the XB7 or XB8. There are a great many cable modems that customers can and do buy in retail stores that do not have such features – like the Arris S33 cable modem. So, a customer that has Advanced Security has in essence (1) chosen to use an XB gateway rather than buy their own modem & router in retail and manage it themselves, and (2) turned on Advanced Security. If the customer in question that is using Advanced Security wishes to turn it off, they can do so in the Xfinity app (or turn the modem into ‘bridge mode’ and use their own router, or use their own modem). I’m happy to help answer other questions. Jason Livingood Technology Policy, Product & Standards Comcast ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Got my first abuse
Running an Exit node from home is asking for trouble. I can't imagine why anyone would want to. Anyways, /etc/hosts.allow and /etc/hosts.deny can also be used to limit SSH access. I highly recommend. Best, Jason Sent from my Android device. Please excuse my brevity and any typos that may occur. On Thu, Apr 16, 2020, 3:32 PM Volker Mink wrote: > Not 100% accurate. > I was running an exit at my home connection for close to one year. I > removed it because normal internet usage became absolutely anoying. Capchas > and DOS-Protections nearly everywhere. No streaming-portal was running. And > lots of complaints from my provider. > But no Cop action! > > And now i am running 2 exits hosted in datacenters, one in germany, one in > malaysia. No problems by now. > > > br, > volker > > > *Gesendet:* Donnerstag, 16. April 2020 um 13:32 Uhr > *Von:* "NOC" > *An:* tor-relays@lists.torproject.org > *Betreff:* Re: [tor-relays] Got my first abuse > They raid your home even if the Tor node is run in a datacenter. Sadly > the police in germany is still stuck in the 90s and most of them don't > know and/or care what Tor is and how it works. > > On 16.04.2020 12:45, Mario Costa wrote: > > Where you running an exit from home? It’s really discouraged because of > what happened to you. > > > > -m > > > >> Il giorno 16 apr 2020, alle ore 04:50, Kolja Sagorski < > ha...@koljasagorski.de> ha scritto: > >> > >> I had a police house search for my exit... > >> I hate the stupid German police. > >> > >>> Am 15.04.2020 um 22:53 schrieb "li...@for-privacy.net" < > li...@for-privacy.net>: > >>> > >>> Hi, > >>> > >>> my Family¹ has had an exit for 2 weeks and today the first abuse mail > has arrived. > >>> > >>> First of all, thanks for the templates: > >>> > >>> https://www.torservers.net/wiki/abuse/templates > >>> > >>> https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates > >>> > >>> > >>> I linked these two from the Tor-project: > >>> > >>> - Common Boilerplate (Tor Intro) > >>> > >>> - SSH Bruteforce Attempts > >>> > >>> and wrote the following myself: > >>> -- > >>> Another good option that we use ourselves is: fail2ban > >>> And report to blacklists, which can then be loaded into the router > firewalls: > >>> https://www.abuseipdb.com/user/33280 > >>> > >>> Hope this helps! > >>> -- > >>> > >>> I actually wanted to add that the SSH login attempts can be limited. > (3-6) > >>> Because the logs from the abuse mail showed 100 attempts pro IP. ;-) > >>> > >>> _Are such notes useful or do such instructions cause even more > problems?_ > >>> > >>> > >>> > >>> ¹https://metrics.torproject.org/rs.html#search/TorOrDie4privacyNET > >>> > >>> -- > >>> ╰_╯ Ciao Marco! > >>> > >>> Debian GNU/Linux > >>> > >>> It's free software and it gives you freedom! > >>> ___ > >>> tor-relays mailing list > >>> tor-relays@lists.torproject.org > >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > >> ___ > >> tor-relays mailing list > >> tor-relays@lists.torproject.org > >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Turning down my relay from DigitalOcean
Hello Vadim, How long have you been running a relay with OVH? I know they've stated that they do not allow Tor relays on their network. Best, Jason On Mon, Jul 2, 2018, 11:06 AM Vadim Tsesko wrote: > Hello everybody, > > I am using OVH.ie for my Tor relay. They don't limit traffic. > > Good luck! > > On 07/02/2018 04:41 PM, Jason Odoom wrote: > > Guillermo, > > > > Sorry to read you've also had an issue with this. Please do share if you > > are able to find a host that is open to allowing Tor Exit nodes! > > > > Best, > > Jason > > > > > > On Mon, Jul 2, 2018, 9:28 AM Guillermo Narvaez > <mailto:guille...@nrvz.net>> wrote: > > > > Hello everyone, > > > > Sadly I'm stoping the tor daemon in my relay due high cost of > > bandwidth ($100), in the meantime I start to search an optional > hosting. > > > > My apologies! > > -Guillermo > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org tor-relays@lists.torproject.org> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > > > > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > -- > Best regards, >Vadim Tsesko > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Turning down my relay from DigitalOcean
Guillermo, Sorry to read you've also had an issue with this. Please do share if you are able to find a host that is open to allowing Tor Exit nodes! Best, Jason On Mon, Jul 2, 2018, 9:28 AM Guillermo Narvaez wrote: > Hello everyone, > > Sadly I'm stoping the tor daemon in my relay due high cost of bandwidth > ($100), in the meantime I start to search an optional hosting. > > My apologies! > -Guillermo > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Exit Node Winter Shutdown
Thanks Paul. I will be sure to keep a backup. Best, Jason - Jason Odoom GPG 9031B50D On Thu, Jun 28, 2018 at 6:55 PM Paul Templeton wrote: > > > I regret to inform you all that I will be shutting down my Tor Exit > node - Winter [0] after more than five years. > > Makes me sad :-( > > Keep a backup - you may find hope else where... You never know. > > P > > > 609662E824251C283164243846C035C803940378 > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Tor Exit Node Winter Shutdown
Hello relay operators, I regret to inform you all that I will be shutting down my Tor Exit node - Winter [0] after more than five years. Digital Ocean's new bandwidth policy has made it incredibly expensive to keep this online. I incurred almost $200 of usage. I was lucky enough to have received a deduction off of my bill. I also believe that in this case asking for donations will do little to help. I did not host this Exit node for accolade but because I truly believe in what the Tor project is doing. I will allocate my budget for the Exit node towards monthly contributions to Tor as an alternative. Hopefully in the future I will be able to return. It's been fun. 0: https://metrics.torproject.org/rs.html#details/9EC5E097663862DF861A18C32B37C5F82284B27D Best, Jason - Jason Odoom GPG 9031B50D ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] how to distribute pgp public key?
On Dec 7, 2016 1:28 AM, "Univibe"wrote: If I want to include a reference to my public PGP key on Atlas using the ContactInfo field on my relays, what's the best way to do it? Should I upload my key to some of the public keyservers and then list the fingerprint on Atlas? Yes. I use the MIT Keyserver at http://pgp.mit.edu If so which keyservers are recommended? I had a thought to publish it on my relay's DirPort (using DirPortFrontPage and a simple html doc containing the public key). Then I could just provide a link to the DirPort in ContactInfo. It's better to just use a fingerprint. I don't know how efficient or useful that would be. It is also not necessary. Is there a better way to do this? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
Hi David, Thanks for the heads up! It turns out that my relay is in the list of affected hosts, however, the kernel I was running (3.16.36-1+deb8u1) is claimed by Debian to be fixed (see: https://security-tracker.debian.org/tracker/CVE-2016-5696). Since your script determines whether the host is affected or not based on the actual TCP comms (rather than banner grabbing a kernel version or something), I'm not sure what to make of that - it would seem to indicate that either the weighting you've devised doesn't fit Debian hosts, or it could indicate perhaps that the patch Debian maintainers applied to address the issue wasn't sufficient. I won't pretend to be clueful enough about low-level TCP stack programming to be able to tell for sure which is the case, but wanted to mention it in case others see the same thing. For my part, I've since updated the kernel on my relay to 3.16.36-1+deb8u2, and applied the sysctl work-around as an additional measure. I checked the ACK count using netstat both before and after, and have included those results here: Before: TCPChallengeACK: 1107 TCPSYNChallenge: 7 After: TCPChallengeACK: 2 TCPSYNChallenge: 2 Thanks! -- Jason On Thu, Nov 17, 2016 at 2:30 AM, dawuud <daw...@riseup.net> wrote: > > Hi. > > I added the scan output to the repo, this includes the output csv file > and a list of vulnerable relays: > > https://github.com/david415/scan_tor_rfc5961/blob/master/scan_archive/nov17_2016/probe_out.csv > https://github.com/david415/scan_tor_rfc5961/blob/master/scan_archive/nov17_2016/vulnerable_tor_relays > > > Upgrade your Linux kernel and reboot your tor relays! > > Cheers, > David > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Linux kernel vulnerability
I don't think it would be a terrible idea but it is always possible that your server will fail to reboot after a kernel upgrade. This leaves it offline without a general idea of why it is offline. I do use unattended-upgrades to automatically restart most services though. On Sat, Oct 22, 2016 at 07:02:21PM -0500, Tristan wrote: >Would it be acceptable to configure unattended-upgrades to >automatically reboot the system when required? I already have it >configured to check for and install all updates to Ubuntu and Tor once >a day, but I still need to manually reboot to apply kernel upgrades. > >On Sat, Oct 22, 2016 at 6:26 PM, Petrusko <[1]petru...@riseup.net> >wrote: > > [2]https://security-tracker.debian.org/tracker/CVE-2016-5195 > Remember, > to know your current debian linux kernel : uname -a > If your kernel is not up to date : > apt-get update && apt-get dist-upgrade && reboot > I : > > Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability > in the Linux Kernel > > > > [3]http://dirtycow.ninja/ > -- > Petrusko > PubKey EBE23AE5 > C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5 > ___ > tor-relays mailing list > [4]tor-relays@lists.torproject.org > [5]https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > >-- >Finding information, passing it along. ~SuperSluether > > References > >1. mailto:petru...@riseup.net >2. https://security-tracker.debian.org/tracker/CVE-2016-5195 >3. http://dirtycow.ninja/ >4. mailto:tor-relays@lists.torproject.org >5. https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Jason Jung 7942 B145 5E45 1D53 37C8 1204 8DA4 A1DB CBE6 35AE ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] 'No space left on device' glitch causing log failure
Is it possible you have a disk or user quota setup? On October 10, 2016 9:15:46 AM CDT, Geoff Down <geoffd...@fastmail.net> wrote: >Hi all, > these are the last entries in my log, but my bridge is still listed on > Atlas and client functionality is fine. Latest stable version on > OSX10.4. >Needless to say, the disk is not full and 'tor' can write to that >directory just fine now. > >Oct 05 22:52:09.000 [warn] Couldn't open "/Users/tor/tor/state.tmp" >(/Users/tor/tor/state) for writing: No space left on device >Oct 05 22:52:09.000 [warn] Unable to write state to file >"/Users/tor/tor/state"; will try again later >Oct 05 23:10:27.000 [warn] Couldn't open >"/Users/tor/tor/cached-consensus.tmp" (/Users/tor/tor/cached-consensus) >for writing: No space left on device >Oct 05 23:11:32.000 [warn] Error writing to >"/Users/tor/tor/cached-descriptors.new": No space left on device >Oct 05 23:11:32.000 [warn] Unable to store router descriptor >{more of the same until Oct 05 23:11:34.000} > >GD > >-- >http://www.fastmail.com - Access all of your messages and folders > wherever you are > >___ >tor-relays mailing list >tor-relays@lists.torproject.org >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Jason Jung 7942 B145 5E45 1D53 37C8 1204 8DA4 A1DB CBE6 35AE ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard/Middle/Exit Hosting
Maybe we are limited to only one promo code of that nature? I used DIVEIN10 about two years ago and using LOWENDBOX says "Sorry, this promo cannot be applied to your account. Most promos are valid for new customers only." Tristan: > It's in the billing settings after you log in. > > On Sep 15, 2016 3:28 PM, "Ralph Seichter" <tor-relays...@horus-it.de> wrote: > >> On 15.09.16 21:43, Markus Koch wrote: >> >>> DigitalOcean has a new Promo: $15 free aka 3 months free droplet. >> >> I have tried creating an additional Droplet, but it seems that promo codes >> cannot be entered anywhere in this process. Probably only when registering >> a new customer account, I suppose? >> >> -Ralph >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > -- Jason Jung 7942 B145 5E45 1D53 37C8 1204 8DA4 A1DB CBE6 35AE ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard/Middle/Exit Hosting
That code only works with new registrations. On September 15, 2016 3:28:19 PM CDT, Ralph Seichter <tor-relays...@horus-it.de> wrote: >On 15.09.16 21:43, Markus Koch wrote: > >> DigitalOcean has a new Promo: $15 free aka 3 months free droplet. > >I have tried creating an additional Droplet, but it seems that promo >codes >cannot be entered anywhere in this process. Probably only when >registering >a new customer account, I suppose? > >-Ralph >___ >tor-relays mailing list >tor-relays@lists.torproject.org >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Jason Jung 7942 B145 5E45 1D53 37C8 1204 8DA4 A1DB CBE6 35AE ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Bridge Authority closure
I could run one here in Iceland if it would help. -Jason On 7/21/2016 4:22 PM, simon wrote: On 21.07.2016 17:36, Marina Brown wrote: Maybe i am out of line for suggesting this but i will suggest anyway. Might i suggest that the next bridge authority be hosted on tor inc ip space and perhaps be 2 hosts instead of one. It looks like this was a single point of failure. It would be easy enough to have a volunteer bgp announce a specific ip address. If they decided to drop out then it would not cause this type of consternation in the future. Having more than one bridge auth has obvious benefits. While hijacking the bridge authority does not directly and immediately harm the Tor network, and an evil BGP entry could most probably not be upheld for more than 24h worst-case, I still support the idea of introducing more authority nodes than just a single one. But then again, I don't have much knowledge about the related source code either. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Weather has been discontinued
Oi! I found it extremely useful for notifications on my exits. Is it safe to assume the code is FOSS and repo'd somewhere? -Jason On 6/2/2016 5:21 PM, Greg Moss wrote: *Again, sorry for any inconvenience - Oh no worries. No one used it anyway- -Original Message- From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf Of Karsten Loesing Sent: Thursday, June 2, 2016 7:56 AM To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] Tor Weather has been discontinued -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Dear relay operators, I learned today that Tor Weather is already offline since May 24 due to problems with our hosting company. We briefly thought about recreating it from backups, but it seems that we'd rather spend that effort on other things. Again, sorry for any inconvenience. All the best, Karsten On 04/04/16 16:48, Karsten Loesing wrote: Dear relay operators, as of April 4, 2016, Tor Weather has been discontinued. Tor Weather [0] provided an email notification service to any user who wanted to monitor the status of a Tor node. Upon subscribing, they could specify what types of alerts they would like to receive. The main purpose of Tor Weather was to notify node operators via email if their node was down for longer than a specified period, but other notification types were available, including one where operators would be informed when their node was around long enough to qualify for a t-shirt. The main reason for discontinuing Tor Weather is the fact that software requires maintenance, and Tor Weather is no exception. Tor Weather was promising t-shirts for relays that have not been around long enough or that provided too little bandwidth to be useful to the network, and it was almost impossible to deny a t-shirt after Tor Weather has promised it. Apart from that, Tor Weather was likely not offering t-shirts to people who have long earned it, thereby confusing them. An unreliable notification system is worse than not having a system at all. Relay operators shouldn't rely on Tor Weather to notify them when their relay fails. They should rather set up their own system instead. We have tried to find a new maintainer for Tor Weather for years, but without success. We started rewriting Tor Weather [1] using Onionoo [2] as data back-end in 2014, and even though that project didn't produce working code, somebody could pick up this efforts and finish the rewrite. The Roster developers said that they're planning to include an email notification function in Roster [3]. And we developed a simple Python script that provides information about a relay operator's eligibility for acquiring a t-shirt [4]. None of these alternatives is a full replacement of Weather, though. We encourage you, the community of Tor relay operators, to step up to start your own notification systems and to share designs and code. Tor Weather is still a good idea, it just needs somebody to implement it. Tor Weather is discontinued in two steps. For now, new subscriptions are disabled, new welcome messages are not sent out anymore, and existing subscriptions continue working until June 30, 2016. From July 1, 2016 on, Tor Weather will not be sending out any emails. Sorry for any inconvenience caused by this. All the best, Karsten [0] https://weather.torproject.org/ [1] https://trac.torproject.org/projects/tor/wiki/doc/weather-in-2014 [2] https://onionoo.torproject.org/ [3] http://www.tor-roster.org/ [4] https://gitweb.torproject.org/metrics-tasks.git/tree/task-9889/tshirt. py -BEGIN PGP SIGNATURE- Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJXUEjoAAoJEC3ESO/4X7XBd/4IALwN5pOft2AleZNM2JVEpIcE lG+NaGWp+SfbAQ1Y94UEC69Z417/OWLcRk2eBpxEUia8PBschqiJYG39HLOzoet6 lFbz/l6oxG3dbYpO5Y46TrCt/HlgGUAFuljH4Z9VyGEg4IkW8OgSieg+c/PtKPS6 /ri0kCfc6MEoK605MexvzUnXTUsi9fk0dRvG49mKNnIe6s+j7PXbJH+QDqvp5KVS SFj+C2Zvi19QOXjPcbn5qjb4Bql6htoesDuKbyUIrSI2Tfe0awSkgSYNfc5Xnhqg ui8E4SG1wKLHCzWZtkUWnGdq0y74dHqUL+U/aFihKP+eIaq1HpSKBbEntg68AWc= =RpHg -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relays by AS Names
Iceland checking in here, I'm not sure where you're getting that information but we have quite a number of other ISP's here that offer VPS service. The problem you may be referring to is that since we're only connected by three submarine cables (two of which are effectively government owned) ip transit prices are very high. There's also different pricing schemes for ISP's vs Telecom services. -Jason On 4/8/2016 10:05 PM, Xza wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On April 8, 2016 7:13:17 PM GMT+02:00, ng0 <n...@libertad.pw> wrote: Tristan <supersluet...@gmail.com> writes: I think https://compass.torproject.org has all the info I need. After grouping by AS name for the United States, I decided to go with Hostwinds. They say 100Mbps unmetered for $7.50 a month, but the management page says 10TB per month. Sometimes countries definitions of "unmetered" are like that. See the descriptive texts of ISPs who provide virtual machines or even dedicated servers for you. In iceland most if not all iceland based (legal entity in iceland, not just the servers) ISPs somehow depend on advania datacenter, and for advania in the retail, non-customized sale of their VMs and dedicated servers are very low in monthly traffic compared to the fair-use policy of the non-profit ISP I am at currently. Fun fact, US has quite a lot of exit relays, but France holds the highest consensus weight. Another interesting fact - the person does not share these analysis of course, or at least it's hard to get in touch currently - is that in Netherlands a very large number of relays is run by government agencies. So how do you know that for sure ? Have they confirmed that somewhere ? - -- PGP : 29A4CE52 -BEGIN PGP SIGNATURE- iQI4BAEBCgAiGxxEbyA8eWFuZGVyZXNvbkByaXNldXAubmV0PgUCVwgq+QAKCRBI of/XNyszSmLUEACpxxgbtBQWy2MjEL9Q2N7f2iuFG+5uE+6r+fuqoWu9IKgrXc5H KfZVn8tBEw6OAwP0Hnwcj2J0SRJkG2No38jeaJn1mnX2VZg3EKs8AdiauNouMk2g eYo5HrP2puMlGukQxTEFKOo4H3f5Gr7bKpsz+baCGkzUplKGIMkLecAsB23EJdRC 5i4/tZY7xRoRT1af5HHXT9TiRmi89qHhOQlU0kAgwUiOA10TZXmeUVUsjyP4e5ZE SFB+mx14wGq167/4k2pdZZ7MZHpDO91eN81ZhCvd1VWExY3aVF88inP0+00KCPur c9/9cqa6fNeHYq118l3xiDCIkhqkjPww9F9ZtYtfwlSHO/aaMlZFoeANKeCfdvss IE8C+LiTYICVUttH9x1pVLaIwAwXD5TAqRqLU3GI6gjHPgnh6aMYVb1Yk8BWesDN VG8Vb3DXLTrGODy4ELaMqW70Ftq7NCMk921ZWDdmffjCJE5qLybEQcVFUKRzPNCD ilUqK3ac4k2QD2Z10WnJQn4rTMJueyZl3lgEAqzv/fIqJs0Zt94XIt+yWnMQzhC0 L4xNfedbDBq62UT+GTzjy8wUCicyz5Kb0uoRPSTEiH7qH0nYVaMpRxSUQqdMCm0h SVjC8juQo5uu1AyYHAIk5D4MKSMBqMaRJ/7uUC8/O6zwCVwqwMXgC242Pg== =qHwg -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Bridges
No Original message From: Roots BabiloniaDate:23/01/2016 02:59 (GMT+00:00) To: tor-relays@lists.torproject.org Cc: Subject: [tor-relays] Tor Bridges Please send me bridges___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] 7 relays gone because of spammers
This++ On 02/25/2015 07:32 PM, Pascal wrote: If you paid with a credit card, give them a choice: they can either refund your money or you will initiate a chargeback. Either way you get your money back, but with the chargeback you will probably get all of your money back instead of a prorated refund, they have to pay a fee, and may have their merchant account terminated if they get enough of them. -Pascal On 2/25/2015 12:35 PM, Speak Freely wrote: This has cost me hundreds of dollars, as I foolishly decided to prepay on an annual basis. None of the servers were older than 2 months. Some were only a few weeks old. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
Someone may wish to look into Rokubear, I remember them being mentioned as Tor Exit friendly a few years back. -Jason On 11/28/2014 01:54 AM, Syrup-tan wrote: Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them. If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found. I recently rented a dedi from Online.net http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link. On Nov 27, 2014, at 5:39 PM, Libertas liber...@mykolab.com mailto:liber...@mykolab.com wrote: On 11/25/2014 02:29 PM, Syrup-tan wrote: The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month; This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last. If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found. ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
sorry was https://www.rokabear.com/ not roku -Jason On 11/28/2014 01:56 AM, ja...@icetor.is wrote: Someone may wish to look into Rokubear, I remember them being mentioned as Tor Exit friendly a few years back. -Jason On 11/28/2014 01:54 AM, Syrup-tan wrote: Turns out the colocation costs $672/year for the network, and another $780/year for power, so I don’t think Voxility is very feasible for an exit node without bargaining with them. If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found. I recently rented a dedi from Online.net http://Online.net (http://www.online.net/en/dedicated-server/dedibox-xc) which offers unmetered b/w, but I’ve heard bad things about the network. I’ll do some testing this weekend on whether or not I can get the full 150Mb/s link. On Nov 27, 2014, at 5:39 PM, Libertas liber...@mykolab.com mailto:liber...@mykolab.com wrote: On 11/25/2014 02:29 PM, Syrup-tan wrote: The colocation isn’t cheap to say the least, and it only gives 5TB/month unless we want to pay more per month; This may the largest logistical problem I've encountered when looking for dedicated servers intended to be exit nodes. For most providers, even expensive and powerful servers (16+ GB of RAM, 8+ cores) will come with 2-10 TB of monthly bandwidth. Because much cheaper servers can saturate a 100 Mbps link (IIRC) and thereby greatly exceed those limits, buying such packages just doesn't make sense. The additional bandwidth prices are usually strangely high, too. The pricing is often progressive - each additional terabyte costs more than the last. If anyone knows of a good way of finding high-bandwidth budget dedicated servers (a search term or a list of providers, for example), please share. I expected there to be more of a market for this kind of thing than I've found. ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Loki1 and Loki2 closed
Hey fellow ops, Just an FYI today that Icetor lost two of it's fastest two exits that were hosted with Greenqloud here in Iceland, obviously would not recommend them as an ISP in the future regarding exit hosting. About two weeks ago we got notification that abuse notices were breaking their EULA and would be the reason for the termination. Today they shut down the nodes about 5 hours earlier than indicated, no ability to do data migration or save keys. Needless to say I'm not very happy with the entire situation and how it was handled. We'll soldier on with our remaining two exits and ifanyone is thinking of spinning up an exit in the future Icetor is still able to handle abuse contact for the relay. -Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Oniontip
Considering the operators opt in to the system via changing their contact info (by appending a bitcoin address) merely checking that the bitcoin donation go to those addresses would seem very easily verified. A site like blockchain.info allows you to track bitcoin flows from address information. -Jason On 09/27/2014 11:36 PM, Thomas White wrote: My concern (which has been highlighted before by Mike Perry) is that the site lacks accountability and transparency. There is no way to verify the donations actually reach the operators. -T On 28/09/2014 00:33, justaguy wrote: So, https://oniontip.com is a great help for tor-relay runners We do need more donations imho Whoever made it, thank you - Justaguy ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Good hosting location for exit relay
I couldn't agree more with this statement, IMHO there's more importance in bringing exits to diverse locales that spread the jurisdictional problems over a wide geographic space. The more exits running in various places the more of a normalizing effect this has on what Tor is, how it functions and how useful it is. It also acts as a subtle indicator about when there's regional resistance to tools like Tor, possibly due to it's censorship bypass abilities, and avoidance of national surveillance programs. It would be very nice to get a weighted list of which countries need more exits, balanced against common reasons there aren't more there already. -Jason This issue has been discussed a few times before. In my opinion, even if there was an ISP that happily accepts Tor exit nodes, we should not place more and more nodes in their network. Remember that Tor network needs diversity. So, i think the goal is to expand the list of Tor-friendly ISPs rather than picking an entry from that list. You need to contact the ISP beforehand, explain what a Tor relay is and what is not. Also it helps a lot to handle yourself the abuse reports rather than letting your ISP do that. More information can be found here: https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment Greetings ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] exit relay not receiving flag
Hey All, I'm a bit embarassed here but I don't see what I'm doing wrong. I've recently inherited a VPS donation from an anonymous donor. I've configured it up like the rest of Icetor's exit relays but it never receives the exit flag. The exit in question is loki4: https://atlas.torproject.org/#details/44DB05F3AEDA5DA34BC713201DD0394418C7DD97 An external Nmap scan of the IP shows the DirPort and ORPort open and accessible, so what gives? -Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] fingerprint info propogation
Sorry if asked before, made a stupid oversight restarting one of my exits yesterday, had duplicated the fingerprint file from another node. Changed the file to the correct nickname today (I know nicknames are depreciated now) and reset tor, how long will it take this change to propogate to the network? -Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] icetor's loki2 update status (CVE-2014-5117)
I'm not sure why atlas hasn't updated yet but currently loki1 is running 2.4.23. As well as loki2 and loki3. -Jason On 08/18/2014 07:02 PM, Nusenu wrote: ja...@icetor.is: yep you're correct, I should have taken note of the version numbers better. All exits have been updated now. is atlas wrong/not up to date yet about loki2 having an uptime of 60 days and still running tor v0.2.4.22? https://atlas.torproject.org/#details/5CECA69D0D91B5B38376B98B761BE18938297E8D ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] reaching out to relay ops that run outdated versions
Let it never be said that public shaming doesn't work, I'll update our exits tonight! -Jason On 08/17/2014 10:45 AM, Nusenu wrote: FYI: I just sent out the email bellow to ~160 relay operators - I hope this results in some actual improvements. It is a bit disappointing to see even torservers.net, DFRI, icetor, Frenn vun der Enn, Calyx, Cymru in the recipients list. The recipient list is based on the following output (limited to relays faster than 999KB/s): grep -v 0.2.5.6 Tor_query_EXPORT.csv |grep -v 0.2.4.23|grep -v 0.2.6.0|head -n 344 (csv is from torstatus.blutmagie.de) Hello, you are receiving this email because you are using an outdated tor version on your tor relay. (your email address was taken from your relay's contact info field) Tor v0.2.4.23 has been released on 2014-07-28 [1] to address a security issue that makes de-anonymization attacks easier [2] - please update to Tor v0.2.4.23 or v0.2.5.6. To find out your current version run the following command on your relay: tor --version If you are using Linux: Package managers can be used to automatically update Tor without requiring manual admin intervention. It is recommended to use the official APT/YUM repos from torproject.org to get timely updates: APT: https://www.torproject.org/docs/debian.html.en YUM: https://www.torproject.org/docs/rpms.html.en thanks for running a relay and making the tor network safer! [1] https://lists.torproject.org/pipermail/tor-announce/2014-July/93.html [2] https://lists.torproject.org/pipermail/tor-announce/2014-July/94.html ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] reaching out to relay ops that run outdated versions
actually after poking at this for a bit tonight it looks like newer packages haven't been rolled out for deb.torproject.org repo's yet. I'll be waiting for them first. -Jason On 08/18/2014 02:55 AM, ja...@icetor.is wrote: Let it never be said that public shaming doesn't work, I'll update our exits tonight! -Jason On 08/17/2014 10:45 AM, Nusenu wrote: FYI: I just sent out the email bellow to ~160 relay operators - I hope this results in some actual improvements. It is a bit disappointing to see even torservers.net, DFRI, icetor, Frenn vun der Enn, Calyx, Cymru in the recipients list. The recipient list is based on the following output (limited to relays faster than 999KB/s): grep -v 0.2.5.6 Tor_query_EXPORT.csv |grep -v 0.2.4.23|grep -v 0.2.6.0|head -n 344 (csv is from torstatus.blutmagie.de) Hello, you are receiving this email because you are using an outdated tor version on your tor relay. (your email address was taken from your relay's contact info field) Tor v0.2.4.23 has been released on 2014-07-28 [1] to address a security issue that makes de-anonymization attacks easier [2] - please update to Tor v0.2.4.23 or v0.2.5.6. To find out your current version run the following command on your relay: tor --version If you are using Linux: Package managers can be used to automatically update Tor without requiring manual admin intervention. It is recommended to use the official APT/YUM repos from torproject.org to get timely updates: APT: https://www.torproject.org/docs/debian.html.en YUM: https://www.torproject.org/docs/rpms.html.en thanks for running a relay and making the tor network safer! [1] https://lists.torproject.org/pipermail/tor-announce/2014-July/93.html [2] https://lists.torproject.org/pipermail/tor-announce/2014-July/94.html ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] reaching out to relay ops that run outdated versions
yep you're correct, I should have taken note of the version numbers better. All exits have been updated now. -J On 08/18/2014 03:48 AM, JT Allison wrote: 0.2.4.23 has been on the repo for awhile now. --- GPG/PGP Fingerprint E129 722B A512 105C E8BE 4705 8046 EA48 2C82 1339 https://arlen.io/key On Aug 17, 2014 11:40 PM, ja...@icetor.is mailto:ja...@icetor.is wrote: actually after poking at this for a bit tonight it looks like newer packages haven't been rolled out for deb.torproject.org http://deb.torproject.org repo's yet. I'll be waiting for them first. -Jason On 08/18/2014 02:55 AM, ja...@icetor.is mailto:ja...@icetor.is wrote: Let it never be said that public shaming doesn't work, I'll update our exits tonight! -Jason On 08/17/2014 10:45 AM, Nusenu wrote: FYI: I just sent out the email bellow to ~160 relay operators - I hope this results in some actual improvements. It is a bit disappointing to see even torservers.net http://torservers.net, DFRI, icetor, Frenn vun der Enn, Calyx, Cymru in the recipients list. The recipient list is based on the following output (limited to relays faster than 999KB/s): grep -v 0.2.5.6 Tor_query_EXPORT.csv |grep -v 0.2.4.23|grep -v 0.2.6.0|head -n 344 (csv is from torstatus.blutmagie.de http://torstatus.blutmagie.de) Hello, you are receiving this email because you are using an outdated tor version on your tor relay. (your email address was taken from your relay's contact info field) Tor v0.2.4.23 has been released on 2014-07-28 [1] to address a security issue that makes de-anonymization attacks easier [2] - please update to Tor v0.2.4.23 or v0.2.5.6. To find out your current version run the following command on your relay: tor --version If you are using Linux: Package managers can be used to automatically update Tor without requiring manual admin intervention. It is recommended to use the official APT/YUM repos from torproject.org http://torproject.org to get timely updates: APT: https://www.torproject.org/docs/debian.html.en YUM: https://www.torproject.org/docs/rpms.html.en thanks for running a relay and making the tor network safer! [1] https://lists.torproject.org/pipermail/tor-announce/2014-July/93.html [2] https://lists.torproject.org/pipermail/tor-announce/2014-July/94.html ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] OnionTip.com distributes Bitcoin donations to all BTC addresses set in ContactInfo
An answer might be to use bitcoin multisig transactions () so that OnionTip AND the relay is necessary to finalize the transaction. -J On 08/10/2014 04:48 PM, Tom van der Woerdt wrote: Tim Semeijn schreef op 10/08/14 17:33: On 8/10/14, 4:32 PM, b...@unseen.is wrote: Hi, apparently this hasn't been discussed here yet. About a month ago, Donncha O'Cearbhaill build https://oniontip.com/ during the Dublin Bitcoin Hackathon. It is a webapp which automatically extracts all Bitcoin addresses set in the ContactInfo variable of the torrc and distributes Bitcoin donations based on the consensus weight. There are already 100+ relays listed which represent around 5% of the total consensus weight. In just a few weeks they distributed around 125 US$. There are many other theoretical ways to provide compensation to tor relay operators (see https://blog.torproject.org/blog/tor-incentives-research-roundup-goldstar-par-braids-lira-tears-and-torcoin) but I really like this very simple and practical approach. Thoughts? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays I myself added a bitcoin address to the ContactInfo variable of my nodes when I saw a tweet about this initiative. It is a nice way to offer a way to donate to multiple node running volunteers instead of donating to a specific person or organization. My nodes take up 20% of the current donations based on consensus so it would be nice if more relay operators take part in this project to make it resemble the current Tor network better. I really like this and I've added an address to my exits (4.2% of total exit consensus). However, for this to really kick off I'd recommend adding visibility on how many donations were received and how it was distributed across relays. There should be safeguards to prevent oniontip.com from taking a part of the money, etc. Tom ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] multisig link
sorry meant to include relevant link to multisignature documentation https://github.com/bitcoin/bips/blob/master/bip-0010.mediawiki -J ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Reliable way to gauge tor throttling?
What would be a good method to determine if tor traffic is being throttled on a exit relay vs normal internet traffic? -J ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relays or exits: which is needed?
Hi Michael, Exits are needed most.[1] But if you want to run an Exit be prepared to deal with complaints. That link should answer your question in depth although the stats are four years old. It also includes tips to make sure you run an Exit with minor issues. Although the stats are outdated and the percentage of Exits have increased over the years, as it states in the post it is still one of the scarcest nodes. Hopefully others will be able to provide more information concerning updated statistics. But I believe it was covered at 30C3 last-year. [2] Regards, Jason Odoom [1] https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment [2] http://youtube.com/watch?v=CJNxbpbHA-I Sent from my Android, please excuse my brevity and any typos. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] bitcoin adopt a node idea
Sorry perhaps I didn't explain well enough. What I was pointing to was that tor could benefit from the idea of cheaply crowd sponsored relays that use ansible, chef or puppet to spin up for a month. That the article is about bitcoin is merely coincidental. -J On 06/26/2014 05:35 AM, Scott Bennett wrote: ja...@icetor.is wrote: This seems pretty damn similiar to something we should be offering for Tor relays, possibly even exits and bridges (if they only run for a month at a time). Possibly co-ordinated through the EFF? http://www.coindesk.com/adopt-node-project-aims-bolster-bitcoin-network-security/ Assuming that the relevant bitcoin programs could be taught to talk SOCKS, then it seems that tor hidden services would, in principle if not in performance, be an ideal solution. Running those bitcoin full nodes as hidden services might well make them less vulnerable to being shut down by currency counterfeiters (e.g., the Federal Reserve and the central banks of other states, U.S. Dept. of the Treasury). Performance of hidden services, however, are severely constrained by the hidden services protocol, which can slow connection times enough to make one consider USnail as a possible alternative, and the need for circuits of 2n-1 relays, which makes access even slower than normal tor circuits of n relays. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at sdf.org *or* bennett at freeshell.org * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] CLI tool like Atlast
Here's the code for anyone interested: https://github.com/woeisme/torchart pretty basic json query to php and pchart -Jason On 06/18/2014 03:17 PM, Kali Tor wrote: Hi, On Wednesday, June 18, 2014 11:26 AM, ja...@icetor.is ja...@icetor.is wrote: I fooled around with some php json parsing in order to get my metrics charts working on icetor.is . I can send you the code if you'd like. -Jason That would be much appreciated! Thanks, KaliTor On 06/18/2014 10:15 AM, Lukas Erlacher wrote: Hi, I'm working on that. The onion.py script in OnionPy [1] has some rudimentary atlas-like functionality that I hope I can soon make complete as soon as I find some free time. If you know python, it shouldn't be too hard to do that, PR's welcome! Best, Luke [1] https://github.com/duk3luk3/onion-py On 06/18/2014 12:01 PM, Kali Tor wrote: Hi all, Is there a CLI client/tool that does what https://atlas.torproject.org/ does? Basically provide an output based on a node's fingerprint? e.g. https://atlas.torproject.org/#details/7EDE11A41D1C7DF4F9103ABAA4F0A31E42CB0C02 Thanks, KaliTor ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] CLI tool like Atlast
there you go: https://github.com/woeisme/torchart On 06/18/2014 03:17 PM, Kali Tor wrote: Hi, On Wednesday, June 18, 2014 11:26 AM, ja...@icetor.is ja...@icetor.is wrote: I fooled around with some php json parsing in order to get my metrics charts working on icetor.is . I can send you the code if you'd like. -Jason That would be much appreciated! Thanks, KaliTor On 06/18/2014 10:15 AM, Lukas Erlacher wrote: Hi, I'm working on that. The onion.py script in OnionPy [1] has some rudimentary atlas-like functionality that I hope I can soon make complete as soon as I find some free time. If you know python, it shouldn't be too hard to do that, PR's welcome! Best, Luke [1] https://github.com/duk3luk3/onion-py On 06/18/2014 12:01 PM, Kali Tor wrote: Hi all, Is there a CLI client/tool that does what https://atlas.torproject.org/ does? Basically provide an output based on a node's fingerprint? e.g. https://atlas.torproject.org/#details/7EDE11A41D1C7DF4F9103ABAA4F0A31E42CB0C02 Thanks, KaliTor ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] CLI tool like Atlast
I fooled around with some php json parsing in order to get my metrics charts working on icetor.is . I can send you the code if you'd like. -Jason On 06/18/2014 10:15 AM, Lukas Erlacher wrote: Hi, I'm working on that. The onion.py script in OnionPy [1] has some rudimentary atlas-like functionality that I hope I can soon make complete as soon as I find some free time. If you know python, it shouldn't be too hard to do that, PR's welcome! Best, Luke [1] https://github.com/duk3luk3/onion-py On 06/18/2014 12:01 PM, Kali Tor wrote: Hi all, Is there a CLI client/tool that does what https://atlas.torproject.org/ does? Basically provide an output based on a node's fingerprint? e.g. https://atlas.torproject.org/#details/7EDE11A41D1C7DF4F9103ABAA4F0A31E42CB0C02 Thanks, KaliTor ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] abuse handling
Hello all, With the upsurge of new users running relays this list has picked up a fair amount activity. I run one of torservers.net partner organizations called Icetor (icetor.is). In addition it handles abuse notifications for other individuals who choose to run exit relays. This is done in addition to the exit relays I run via the partner organization. I'm willing to extend this service to other individuals who are running high speed exits but perhaps would prefer to run them under an organization and not their personal names. Write me back privately if interested. -Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] DigitalOcean starting Exit node crackdown
Hi Shawn, I also run an exit on DO's infrastructure and have been for the past six months. I have received some complaints as well. Besides the usual blacklisting, DO support has contacted me twice about my exit which I've had to explain as well: My email is not relevant to this IP address. There is no information in the whois that identifies me. However, I am the owner and operator of xxx.xxx.xxx. If you access that IP directly you can see that it is a Tor Exit Router. ln which I received the response: We strongly recommend against running tor exit nodes on our droplets for this reason. Please be aware that you are responsible for any abuse generated from your droplet including that that comes across the Tor exit node you are running. Failure to resolve these issues could result in account suspension. l responded assuring them I would take care of all issues. But for them to shut down your exit is shocking. Were there any issues that needed resolving that you ignored probably? Regards, Jason On Thu, May 15, 2014 at 1:44 PM, Shawn Nock n...@aphr.asia wrote: Hello friends, As I recall, there are several exits running on DigitalOcean's infrastructure. This is presented FYI: Background: I've run an exit on DigitalOcean for about a year without issues (lost track of uptime duing heartbleed key regen). It wasn't hidden (the droplet name was 'tor-exit') and it had valid reverse DNS and the standard informational page was hosted there. At the time of droplet creation, tor exits were not prohibited by their ToS. I've mentioned to DigitalOcean staff during support tickets that it was a Tor exit. Today the exit was shutdown, the message received was this: Hello We do see that you are running an exit node for the TOR network. Unfortunately we are unable to resume services to this droplet and ask you that you please not run any other TOR exit nodes. Please get back to us as soon as possible so we can resolve this. Thanks Support I sent the following response: Hello, My droplet has been running for months (perhaps a year) with no significant incidents. It is well managed, allows only a strict subset of traffic to exit and the very few complaints that have been lodged have been dealt with quickly and professionally (as said by your support team). The droplet has been configured to limit the rate of traffic below the droplet's monthly network transfer quota. It's well established that under US law ISPs are excluded from liability under the safe-harbour provisions of the DCMA for any copyright infringing traffic. More generally, the probability under US law that an ISP would be held liable carrying user-generated traffic is extremely low. Tor exits have been operated by Universities, Churches, and corporations (large and small) for slightly more that 10 years. During this time not a single criminal or civil complaint has been brought against an operator's ISP (to my knowledge). While it is surely your right to operate your business in the manner of your choosing; I politely request an explanation for your apparent policy against Tor exit nodes. If there is some way I might change the parameters of the exit to suit a policy against specific traffic (to certain IP blocks, port ranges); I'd surely comply. Finally, in this time where repressive regimes are cracking down on Internet traffic and persecuting their countrymen and where free access to the internet is nearing the stature of 'human right': if your policy is indeed a general one against all Tor exits, I urge you to reconsider your policy. It would be a great service to tens-of-thousands of Tor users (refugees, political activists, religious minority, abused spouses, law enforcement, c) to revise your policy to allow well-maintained exits to remain on your network. I appreciate any attention you could give to this serious matter. -- n...@aphr.asia (OpenPGP: 0x6FDA11EE 3BC412E3) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] A few questions about my setting up my first Tor relay.
Blob = proprietary binary package. Packages where no source code is available so you can't readily be 100% sure they do only what you expect them to do. On Fri, Apr 18, 2014 at 7:35 PM, I beatthebasta...@inbox.com wrote: What the heck does blob free mean? Beaglebone Blacks are impossible to get for some reason. They seem good for the job with more stability for equal power consumption. Has anyone got Tor running on something similar in price? Robert I don't know if someone else already tried that, but you could use a BeagleBone Black [0] as well. It's a bit more powerful (1 GHz, newer ARM processor generation) than the Pi. The advantage I see is that it's blob free, which is a concern with the Pi for some people (please correct me if I'm wrong!). ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Jung ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] using Arm to manage nodes
Hello all, This is something that's bothered me for quite some time. I often use arm (https://www.torproject.org/projects/arm.html.en) for monitoring my relays and to keep a quick eye on things like overall bandwidth consumed, traffic stats and my favorite client locale statistics. I run it in a screen session and often when I re-attach the session often the keymapping is all messed up and the arrow keys will offer to close arm. Usually it will correct after I shift-m to get to the menu and switch around a few times. Has anyone else experienced this and how did you solve it? -Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] using Arm to manage nodes
I've noticed this also on a CentOS system that I manage for someone else. On 02/07/2014 08:00 PM, MacLemon wrote: I haven't experienced garbled keymappings yet. The only thing that doesn't seem to work for me is the graphs which don't get painted on OS X. Everything else seems to work just fine. Best regards MacLemon ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] using Arm to manage nodes
Additionally does anyone know what effects the client locale statistics on page 2? I've had those statistics come and go and I can't figure out what causes them to disappear. -J On 02/07/2014 06:24 PM, ja...@icetor.is wrote: Hello all, This is something that's bothered me for quite some time. I often use arm (https://www.torproject.org/projects/arm.html.en) for monitoring my relays and to keep a quick eye on things like overall bandwidth consumed, traffic stats and my favorite client locale statistics. I run it in a screen session and often when I re-attach the session often the keymapping is all messed up and the arrow keys will offer to close arm. Usually it will correct after I shift-m to get to the menu and switch around a few times. Has anyone else experienced this and how did you solve it? -Jason ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] System Time
Hello Fabiano, You should try unsubscribing from the mailing list, I'm not certain M15 can help you with this though. -J On 01/18/2014 07:08 AM, Fabiano London wrote: Please! I am not participate in this forum anymore! Any e mail that coming after this will be reported to Uk intelligence police (M15) Be aware pls with all posts or e mails here ! Have a nice weekend to all ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor-relays Digest, Vol 36, Issue 23
Jack I'd be happy to help you, we could chat over xmpp using otr if you're able. my username is kupoj...@gmail.com. I'll help you set up your machine as a relay. -J On 01/18/2014 06:05 PM, Jack Wilborn wrote: I have an extra machine that I was hoping to configure for a Tor relay. I'm not a wizard with Linux (Debian), but if there are some more, specific instructions to ensure everything is working, I'd love to do it. My current ISP is Cox and I have about 30 MB/sec Down and about 24 MB/sec up. I understand this is wide enough. If anyone can assist please e-mail me. Thanks Jack On Sat, Jan 18, 2014 at 5:00 AM, tor-relays-requ...@lists.torproject.orgwrote: Send tor-relays mailing list submissions to tor-relays@lists.torproject.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays or, via email, send a message with subject or body 'help' to tor-relays-requ...@lists.torproject.org You can reach the person managing the list at tor-relays-ow...@lists.torproject.org When replying, please edit your Subject line so it is more specific than Re: Contents of tor-relays digest... Today's Topics: 1. dutch operators and experience with dutch providers (Rejo Zenger) 2. VPS ports impassable (I) -- Message: 1 Date: Sat, 18 Jan 2014 10:22:49 +0100 From: Rejo Zenger r...@zenger.nl To: tor-relays@lists.torproject.org Subject: [tor-relays] dutch operators and experience with dutch providers Message-ID: 20140118092249.gd24...@ix.home Content-Type: text/plain; charset=us-ascii Hi, Are you a Dutch relay operator or do you have experience with hosting a Tor node with a Dutch ISP? Please get in touch with me! I'm colaborating with a journalist from one of the leading technology media websites on one or more stories that will describe the environment for Dutch Tor relay operators. What are the main problems you are facing, are Tor relays a problem to the average Dutch ISP, etc? -- Rejo Zenger . r...@zenger.nl . 0x21DBEFD4 . https://rejo.zenger.nl GPG encrypted e-mail preferred . +31.6.39642738 . @rejozenger -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 931 bytes Desc: not available URL: http://lists.torproject.org/pipermail/tor-relays/attachments/20140118/1cf624db/attachment-0001.sig -- Message: 2 Date: Sat, 18 Jan 2014 02:22:15 -0800 From: I beatthebasta...@inbox.com To: tor-relays@lists.torproject.org Subject: [tor-relays] VPS ports impassable Message-ID: 20b3d1b2d3f.062abeatthebasta...@inbox.com Content-Type: text/plain; charset=US-ASCII Hej, [WARNING - if you don't want to see another Tor relay get going stop reading now.] After installing Tor on a VPS running Ubuntu 12.04.4 LTS it reports [warn] Your server (173.208.211.179:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address,... The VPS operator is trying his best but says the ports are open and is asking others. In the meantime does anyone have anything to offer? Robert -- Subject: Digest Footer ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- End of tor-relays Digest, Vol 36, Issue 23 ** ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Weather getting T-shirt email. Problem
I agree there should be another way. I just recently had to start overhttps://atlas.torproject.org/#details/9748228B9BC40C154F74AA9EDFDF698B902C986Fbecause I updated Tor. I don't plan on updating again until two months have passed. Jason On Mon, Dec 30, 2013 at 1:14 PM, Thomas Hand th6...@gmail.com wrote: I've run several middle relays for over a year but they keep getting knocked down due to circuit creation storms (on RPIs) or powercuts or updates or some other issue. Yes uptime is important, but 100% is not practical for most relay operators. Also, if you want a shirt so badly, donate to Tor! In fact, I just realised I do want a shirt! Tom On 30 December 2013 11:48, Random Tor Node Operator t...@unterderbruecke.de wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 12/28/2013 01:26 AM, I wrote: I think two months is a bit short to be rewarded with a t-shirt from donated resources. It makes more sense to extend the time but include the total time running ignoring minor disruptions. I agree with that point, because currently, relay operators have the incentive to not update to the latest Tor version whenever a new version is released, in order to keep the consecutive uptime high. That is probably not in the best interest of Tor. Maybe Tor Weather could look at the flags instead of the consecutive uptime instead. For example, you typically don't lose your Guard or Stable flag due to a reboot. Robert : i noticed a problem with tor weather. I should have recieved a email : -Uptime is nearly 100%, Tor weather needs some updating, however it continues to email plenty of relay operators. The reason you didn't get an email is tor weather didn't see your relay matching the uptime requirement, GET FREE SMILEYS FOR YOUR IM EMAIL - Learn more at http://www.inbox.com/smileys Works with AIM®, MSN® Messenger, Yahoo!® Messenger, ICQ®, Google Talk™ and most webmails ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSwV11AAoJEJe61A/xrcOQbPUP/RtgN4CQSJeUC8ZPt1/r0ryU rc8ssBWHcmZBj513UaIes2HcmL72RMUXaaRtzDxrZR3F0gd7eRLWfBYXZw3M4XF+ 6SFVkesG2Mb5L41rRyqwHlIw/Cj9y9ilH6loQfAWDTaQJVtd9JQ8UQuVzIqTcAfd /ZNJnC4lZGzmH+Iih0nS0hTb+NG9jEN/32pMFc4eh7fHDg4/A6TVKftHeAcjnnv1 eIeY8kOELT3U8Dd2OV0j8tpWbvC/Rz5KYnLA2EMQLdifhSMCtbXv0a3fr58Ph8JS BfFKNFd+YvQNRUSPvkiUrCdjr8btPKYsNb9OPaNjUVkum6K1m8U/+z1OssdiGIxM IDMKmxNpQ6xlmaaWh+KegVtvV/azo51PbMlj2f/8PmqAxeJokFBaHx5V07InaA62 OKtpcLhb3zrJNmLdjp2GQ5tuRJwnXc+B2ulCO1OtjWq3Snl04quMr6GL2IPbnUMB UO8b3uN5tZp9IrO2rDTjlPLYNMLWhlgvaCKNpMDL83s1CzBJIzq2980fdd8KpSlY ThTe2DfLM3uXgbHu77ff1NXLK9UCTQZ9jMhk7UUg9pPYpjeYIZwuB9F7fZN4lr/h cdnFTJlo7P9n2MESfxzAshNg0fzSz3daTj524NnFvkl9W/ew+YqEocPkf/7Wn9xi 2M2t1wC0QeFzdhMkXGqq =IPcb -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Outbound Address differing from exit address
Greetings all, I'm in the process of setting up a few Exits on a Cloud provider here in Iceland (one that I used to work at actually). Since they use Cloudstack it means each address per account gets multiple inbound address per instance and share the same address for outbound traffic. I'm worried that abuse notices will be coming in for this outbound address even though I've got 80 on the exit node's IP showing the standard Tor Exit disclaimer. I've tried to set OutboundBindAddress to the outbound IP using arm but this just causes arm to complain about: [WARN] Error binding network socket: Cannot assign requested address Any advice would be appreciated. -J ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Minimum Requirements for a fast exit relay
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In the process of shopping round for some fast exit hosting and realized I had some unanswered questions. What's the minimum system requirements people would consider for hosting a fast exit relay? Does doing it on a KVM host alter these answers at all? How linked our system resources and bandwidth capacity? - -Jason -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJSk9PmAAoJEJJlIjlYdaGY5AsIAIDnJZl1IvUOR5Eo62iYyXjM IPVF8gzwYCnxG6EGsGQflyyhfuy6S+yR3cDrw/0pftnZEWgukkt6Ma3r2ZrEK00r dhajLhmeuLoBhJ8LS8mjCCnmS7YRa7M3zKVAjalFs+ngZraugyc7rvIj2hKee76o 2f4fxKsDXBN6v6oKGqCjqTA4My2bF2ogUZr/yLzGqX5M40srM2ugA5UX33hpNbKd p7l3GNXy7vDems+JCpMZad+ux0EtcDv9/GTKreNkAC4gzPlJXPGnEy5JDxgIPHyJ WXS6NJizrTCFCUobvKvd7tiePsn1q12MBe/3WE3zMnzLah/g12CmFW1Vl6vbnow= =EyAa -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] hardware accelerated crypto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I'm not sure why I missed this first post but I'm very interested in working on this project with whomever is interested. I bought a pogoplug v2 specifically to test it's usefulness as a tor exit or relay. - -Jason On 10/01/2013 06:39 PM, Andy Isaacson wrote: On Fri, Sep 13, 2013 at 12:25:47AM +0200, Sarah Vigote wrote: I would like to run a 100Mb/s tor exit node, but I have issues wrt power consumption. reading http://ortizaudio.blogspot.fr/2011/10/using-dreamplugs-crypto-chip.html it seems dreamplugs has *fast* aes-128-ecb. Does anyone have any experience running a node based on cheap crypto chip (dreamplug, marvell 88F6282, sheeva-core, padlock, ...) ? What performance can I expect out of these ? Unfortunately AES is not the primary CPU consumer on Tor nodes right now; we spend a lot more time doing bignum computation for TAP circuits. Crypto accelerators don't work very well for bignums. It's not a perfect equivalence, but openssl speed rsa should give a reasonable estimate of how well your chip will do for TAP circuit creation. Here's a dual-core Westmere at 2.1 GHz (should be fairly close to a modern Xeon core): signverifysign/s verify/s rsa 512 bits 0.000105s 0.07s 9548.7 137778.7 rsa 1024 bits 0.000340s 0.21s 2941.1 48539.0 rsa 2048 bits 0.002205s 0.70s453.4 14362.8 rsa 4096 bits 0.016398s 0.000260s 61.0 3840.3 A single Xeon core can currently handle most of a 100 Mbps exit node's traffic, so you should look for a dual-core chip that delivers at least 1500 sign/s on rsa-1024. Unfortunately I doubt there are any ARM chips that can compete. -andy ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSSxhfAAoJEOXtwcWdKrpuG4cP/04KspbxenNkcLXvXWPdiUTi UJlg2EOphyHlMp8lUPQPcHprYAWEQUjTpUevxZXNhjhr6oGrw/OVem1Ht74DpjA/ 9rg+0z4m/YiRCUCSLtl5aLqE65z8bN9NM00qyppDLCEsu/ogR3qXDibUNjIAjmfg 8qRcoA28xJ3hn0eo21AB1aZ/clkUF5REAPoLeG2K7Nmz1sBznky0NxtdgHx+bPP/ utQg5n797pIUx3PjWsV/PnebeJ2VPFCkM6ZI06jINcYHXVLGn1B/2NklGSUrwNLf 4W7vIWptENHjcsM4XBLcnPt8DzrtNEPKOemKLRledWFOE2Kha/nBqMRoExXjEgbA 1VNE1gbwNIsUEbr1uEuAu2cbfvHXw1wPMWvn9dV+4Kh4srhARiq+4xZ7qRAGxrbr uf2klMY+brrwf6nLJsbPxAdKWZCLNCe1CIrpb9mX/SJVCb8qWGMXSxnDbpqfZsYU CxJy2JQ9VeVaPCNypjm2PQprBz2vt/QGlaXELiL446QVveSZIv6e4QCGSSmHPvww TeqCRkvgGj5tE43On2cj0YBmuLjJXnsA2K3+KrZtshVp1qBQIf3FevhHCzKljdW4 QYn7v/kBWRlko/79iJMp9FP7jL6gsfiHj9NkEjAer04Esnyych5aXpNEv2GXDKyr 8omA70GBANyUybmIk7aW =hL5v -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] hardware accelerated crypto
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I would love to do all this actually but I never managed to get the hw accelerated crypto (ssl/tls) bits working to experiment with. I'd be up for restarting this if I knew I could consult with one or two others who had a genuine interest in this. - -Jason On 10/01/2013 08:26 PM, Jeroen Massar wrote: On 2013-10-01 21:20, Andy Isaacson wrote: On Tue, Oct 01, 2013 at 06:45:52PM +, jason wrote: I'm not sure why I missed this first post but I'm very interested in working on this project with whomever is interested. I bought a pogoplug v2 specifically to test it's usefulness as a tor exit or relay. First step is, run openssl speed rsa and post the output to the list. While you're at it you may as well post the AES and SHA results as well. Heck, just run the whole openssl speed test (should take less than 20 minutes) and post the whole thing. :) Also details on what CPU/RAM it has, and information about the kernel and OpenSSL package you are testing, would be useful. dmesg output and the contents of /proc/cpuinfo may be helpful. Maybe a good idea to put the output in the wiki somewhere? Greets, Jeroen ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBAgAGBQJSSzIUAAoJEOXtwcWdKrpuw1oP/RW+ZvMVTDAL0PrKniMB+skZ gZf/G2grWaGHzOyo3rC0er8iZdfFY1lN6SB/NWUR7K1xAIvnARRv5Y/N62f9T5O4 a3bOu61T0XtZ3CeGVtA9Op9QmCOC/UOMebVh4Fa1/Ksb7eEpcne7JcCpW4wnGLHO iL+nHDEhyfCjYtBQHa471RaIha+D25yKMIaEhjol9daEbW3PdryzHH7F7mVOYwiT W+cCeu5NnHRp9FIwOXTPWwaTLro4XsORLcuJzXjF2Gz6k/HXF1yi1eBv9ljvsa5y /ZrpzYqk6gE6zr51GolIypIMm4bLnuzs5ld4XsXT2rdJUSgBKpzydqdn0UZplVKa 4Tes7s/8WQCK0CGQvguhQYxUTzF9J/5PtWRBtb9UBM7Zzz1YLFEesQH4kGtevviO K8wInsAXcJjAYiPY51eoMXCz38qqHlhy9v/20cg8erJrC7K/r4OlmtDGBegrNI7G joHi+HsthFHcGs7AZb2dxSozO9+jt26gtG4u7XDdoEzF5hOJZBopjilERuNRUxSZ QHhUdPMh7UFOmYDNkrisF6qPImuuKtQf5NLQ0NaeOrXCwzgJTc4vMk9brAE2kZ0P lv389MO7d7AnvtMwr/fIjoZHTCgGuCQU0iA5baeid/FlfWsaHudkAI+7w77qRLCN dj7XKgeHH8XghTToTxaB =TTnt -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Final Warning Notice
Chris Sheats said: this isn't a good precedent for TorProject/Seattle volunteers considering that they provide 100 and 1000 Mbps service. But are not the only ones [0]. Their position regarding TOR remains to be seen. [0] http://gigabitseattle.com/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays