Re: [tor-relays] IP addresses as false positives?

On Mon, Jan 5, 2015 at 11:15 AM, eliaz el...@riseup.net wrote: processes involved. Since they're private, I assume they're broadcasts Private are RFC1918. Broadcasts are 255.255.255.255 or the subnet based versions of same. ___ tor-relays mailing list

Re: [tor-relays] Legal situation of tor in Europe

On Mon, Mar 9, 2015 at 7:17 AM, Sebastian Urbach sebast...@urbach.org wrote: On March 9, 2015 7:17:20 AM oneoft...@riseup.net wrote: Can someone point me to an overview of the different legal situations for running tor relays in European countries? I'm especially interested how the situation

Re: [tor-relays] Legal situation of tor in Europe

On Mon, Mar 9, 2015 at 2:40 PM, Markus Hitter m...@jump-ing.de wrote: Am 09.03.2015 um 16:08 schrieb Steve Snyder: Being able to separate webmail from the parent web presence (e.g. gmail from google.com, Yahoo Mail from yahoo.com, etc.) would be a big step forward in curbing spam. This would

Re: [tor-relays] Legal situation of tor in Europe

On Mon, Mar 9, 2015 at 3:41 PM, grarpamp grarp...@gmail.com wrote: You could create a user maintained wikitable of all countries in regard to line items of relavence to people in anonymizing networks, crypto, retention, etc. In fact, collaboration with researchers such as Koops to present

Re: [tor-relays] 7 relays gone because of spammers

This is unfortunate but we will not be deterred. I would also go chargeback if notice you now give them does not result in satisfied action by close Sunday. You paid for a year based on some assurance, and did not receive. Now in the future... You plan was long and two part, partly confusing.

Re: [tor-relays] Delete keys on reboot

On Thu, Apr 23, 2015 at 12:56 AM, CJ Barlow iamthech...@gmail.com wrote: rm -f /var/lib/tor/keys/* 21 /home/[me]/reboot.txt This dupes stderr to stdout first which is still your screen, -f squelches various errors, and rm doesn't emit any stdout unless some option like -v. So nothing is logged.

Re: [tor-relays] Subpoena received

While you're busy doing all this writing and signing you need to post the results up on the wiki, the tor relay banner page, EFF legal info/opinion page update, etc. ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] Delete keys on reboot

s/ram/encrypted ram/ for slightly better odds at resistance. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Delete keys on reboot

Permission issues and your shell pipeline... test it via your cli under whatever shell is in effect. If you want the keys gone on reboot, put them on a ramdrive. Read up on swap memory and cold boot attacks first. You might be able to remove them right after tor start.

Re: [tor-relays] Subpoena received

Mega? A dotcom? Really people? Come on, that's soo legacy. Use what your mama gave you... put it on a hidden service. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Job for tor.service failed.

On Wed, May 13, 2015 at 6:51 PM, tor-server-crea...@use.startmail.com wrote: any advice for me please? Learn additional unix system administration, read the manuals, attend a user group. That way you can understand and do simple stuff that works like: shell, ps, tail, less, and vi ./tor kill

Re: [tor-relays] geo-diversity vs. latency

On Thu, Jun 25, 2015 at 6:27 AM, nusenu nus...@openmailbox.org wrote: A relay running in South America could do more bad than good, as it would increase the average latency I was also thinking about that. Does improving geo-diversity negatively affect latency? Internet imposed minimum

Re: [tor-relays] Ports 465 and 587 vanished from reduced exit policy?

On Wed, Jun 24, 2015 at 8:38 PM, Mike Perry mikepe...@torproject.org wrote: It appears that some years ago someone quietly removed port 465 and 587 from the reduced exit policy at https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy without an explanation. these ports should

[tor-relays] Multicore, bandwidth, relays, capacity, location

On Wed, Aug 12, 2015 at 9:16 AM, Thomas White thomaswh...@riseup.net wrote: For relays, being able to make more use of available bandwidth would vastly increase the network speed, furthermore make home clients see an improvement in their daily Tor usage. It also benefits hidden service people

Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)

On Thu, Aug 13, 2015 at 3:40 AM, Mike Perry mikepe...@torproject.org wrote: But consider looking at average flow lifetimes on the internet. There may be case for going longer, bundling or turfing across a range of ports to falsely trigger a record / bloat, packet switching and so forth.

Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)

On Wed, Aug 12, 2015 at 7:45 PM, Mike Perry mikepe...@torproject.org wrote: At what resolution is this type of netflow data typically captured? Routers originally exported at 100% coverage, then many of them started supporting sampling at various rates (because routers were choking and buggy

Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)

On Sat, Aug 22, 2015 at 1:09 AM, Mike Perry mikepe...@torproject.org wrote: As such, I was only able to discover that its default inactive/idle timoeut is 30s. I couldn't find a range. What I really need now is any examples of common routers that have a default inactive/idle timeout below

Re: [tor-relays] Google Compute Engine rejected as relay?

On Fri, Aug 21, 2015 at 1:40 PM, Philipp Winter p...@nymity.ch wrote: I wonder if we wouldn't be better off with GCE remaining blocked. Cloud platforms seem quite popular among attackers -- presumably because they can quickly give you a large number of disposable machines. Second, and

Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)

On Fri, Aug 21, 2015 at 12:30 AM, Mike Perry mikepe...@torproject.org wrote: I submitted a proposal to tor-dev describing a simple defense against this default configuration: https://lists.torproject.org/pipermail/tor-dev/2015-August/009326.html nProbe should be added to the router list, it's

Re: [tor-relays] Giving away some pre-warmed relay keys for adoption

On Wed, Jul 29, 2015 at 9:32 AM, Yawning Angel yawn...@schwanenlied.me wrote: Like I noted in my reply to Paul S. if there was a way to measure/quantify trust, or deal with the people's Guards just I'd agree that randomly handing off nodes is bad. And that there may be cases where structured

Re: [tor-relays] my provider null routed my exit. advice?

On Fri, Jul 31, 2015 at 5:41 AM, Tyler Durden vi...@enn.lu wrote: But when it comes to spam they get, indeed, a bit upset. I recommend you to block the mail ports as we do it. --- 25, 465, 587 As posted here last month, 25 no longer open relays mail for MUA's, it does accept MX for its own

Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)

On Sat, Aug 8, 2015 at 2:03 AM, nusenu nus...@openmailbox.org wrote: that implies that USU exit relays store significant amount of logs node. I said that we had extracted and filtered the requested data, it was 90 4 gig files (for a total of 360 gigs of log files) or about 3.2 billion log

Re: [tor-relays] BoingBoing: What happened when we got subpoenaed over our Tor exit node

On Fri, Aug 7, 2015 at 5:38 PM, Damian Busby damian.bu...@gmail.com wrote: Personally, if I had been the person in comment #2, I would have sent all those logs anyway. Mind telling us what relays you're operating so we can block them in our clients? Then they would have been compelled to

Re: [tor-relays] why are some exit IPs missing from Exit IP DB?

> #17297: TorCheck fails on new exit egress IP not in exit DB, confusing to user > https://trac.torproject.org/projects/tor/ticket/17297 As said three days ago before OP... No, I'd consider it a technique to avoid having your exit put on braindead tor-hating consensus scraping blacklists... a

Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)

While reducing network traffic to various accounting schemes such as netflow may enable some attacks, look at just one field of it... bytecounting. Assume you've got a nice global view courtesy of your old bed buddies ATT, Verizon, Sprint, etc and in addition to your own bumps on the cables. You

Re: [tor-relays] clarification on what Utah State University exit relays store ("360 gigs of log files")

On Thu, Sep 3, 2015 at 2:03 AM, coderman wrote: > there is a second limit here, which is the netflow channel capacity / > storage limit, if you introduce simulated flows at a rate beyond this > capacity, you may become unobservable (via loss) resulting in failure > to

Re: [tor-relays] Deciding where to put new Tor relays

On Thu, Sep 10, 2015 at 3:54 AM, Virgil Griffith wrote: > good locations... > intelligence prioritizes spying on Tor relays they will simply download the > list and tap the desired relays, regardless of where the relay is > topographically located. There may be situations in

Re: [tor-relays] Tor relays without AESNI

As in a former thread on this, here's the cpu ranking of what you can expect, caveat utilization of specific features... http://cpubenchmark.net/high_end_cpus.html http://cpubenchmark.net/singleThread.html Keep in mind as before, the highest chart performer is not necessarily the most effective

Re: [tor-relays] Deciding where to put new Tor relays

On Thu, Sep 10, 2015 at 1:12 AM, Virgil Griffith wrote: > URL: http://labs.apnic.net/vizas/ > > For Tor, this tool helps us prioritize the ASs for new relays. To maximize > censorship resistance, we would want relays on AS numbers in the middle > (lots of interconnections) that

Re: [tor-relays] How to prevent netscan usage?

> First rule is to use some firewall No it is not, do not do this. An exit needs to pass the traffic that its exitpolicy says it will pass. Otherwise bad things happen with circuit construction and your exit gets badmouthed by users possibly to the point of being banned. If you can't provide an

Re: [tor-relays] [tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)

On Tue, Jan 12, 2016 at 12:44 AM, Jesse V wrote: > This is quite interesting, thanks for the report. I'm not sure why it > would be advantageous to set up a server or network this way, but I > guess they have their reasons. 1) They may or may not be aware of their routing,

Re: [tor-relays] [tor-dev] How many exits exit from an IP address different than their OR address? (10.7%)

On Wed, Jan 13, 2016 at 10:05 PM, Virgil Griffith wrote: > In our quantifications of relay diversity, knowing the IP addresses that > traffic exits from is important. Ways to have this information correctly > reported would be very helpful. Which is exactly why free to connect

Re: [tor-relays] If you get weird crashes, that might be why

On 6/26/16, pa011 wrote: > [report] You have reported about four multiple things. Though they may be related, try breaking them down into a more individual approach. > (Compiled with 100010bf: Op$bf: OpenSSL 1.0.1k 8 Jan 2015; > running with 1000114f: OpenSSL 1.0.1t 3 May 2016).

Re: [tor-relays] Should Onionoo consider relays with the same ip# to be part of the same family?

On Wed, Jan 27, 2016 at 12:00 AM, Virgil Griffith wrote: > No wrong answer---just wondering what is the community's vibe on this > issue. I can go either way. Same IP excepting NAT is same box, kind of pointless if they're not the same entity [1], err to caution and call it

Re: [tor-relays] Guard flag?

On 4/7/16, Roger Dingledine wrote: > Your above confusion is why nobody should ever write "b" or "B" in this > day and age. Re confusion... as said before with reference links to official standards... These days, formally... "b" bit and "B" byte are well defined context. "k" is

Re: [tor-relays] Exitmap module to count CloudFlare CAPTCHAs

On 3/20/16, Tim Wilson-Brown - teor wrote: >> On 21 Mar 2016, at 04:00, Philipp Winter wrote: >> >> Next, I ran the module for cloudflare.com, which does not seem to >> whitelist Tor. 638 (75%) exit relays saw a CAPTCHA and 211 (25%) >> didn't. This roughly

Re: [tor-relays] Exit relay funding

On 3/6/16, Volker Mink wrote: > Thats bad to lose such a fast exit. And the diversity of an OpenBSD one at that. Somebody could just turn off one of their Linux relays and send this guy the monthly fee instead. ___ tor-relays

Re: [tor-relays] I would like to help.

Many residential and business ISP's are the same dsl/coax/fiber company. Many of them will provide extra IP's for some tiny fee, so primary clearnet use can remain unaffected. Or you can route tor over vpn. Some do run exits at home. In that case consider contact local LEAs enquiring if they

Re: [tor-relays] Search warrant and house search because of an exit in DE

On 4/30/16, Dr Gerard Bulger wrote: > Once I set my outgoing connection via a UK and very fast and supposedly > "anonymous" proxy server service, I have not heard a squeak from anyone. > These proxy services are very cheap, no limits, and offer another level of > difficulty

Re: [tor-relays] British Airways website blocking non exit relays IPs?

https://www.britishairways.com/ does pageload from 7DDE318DD1F93BF127C84824BBD909BC3887F39F On 5/20/16, Thomas Braun wrote: > Am 20.05.2016 um 13:18 schrieb Pascal Terjan: >> I am now wondering is this is because I run a (non exit) relay. Can >> anyone confirm if they also

Re: [tor-relays] VPS for Exits

First, you don't need to keep asking for hosts when you can simply whois the consensus for them. Second, network diversity requires that you find new hosts, use your telephone book. Third, there are risks to asking for referrals, and to piling on top of non-diversity...

Re: [tor-relays] High speed Tor relay advice

On 8/14/16, i3 wrote: > My new server has 10Gb/s connection (I've observed it at 900MB/s to the drives Depending on whether you meant MiB/s or MB/s, you may find your network calculations off by 350Mbps, which is a sizable tor relay's worth itself. Standard use is

Re: [tor-relays] High speed Tor relay advice

On 8/15/16, Roman Mamedov wrote: > To me these seem to be just two loosely related facts, the latter merely > I don't see any "network calculations" being presented. Was an fyi for the OP, who may or may not be doing calculations, regardless of presentation to us. >

Re: [tor-relays] BoingBoing Says Running Exits Is No Trouble re: LEA

On 7/6/16, Green Dream wrote: > It seems easier to say "don't worry about it, it's not really a problem" > from that perspective. That's a given. > For the average Tor volunteer operator, all that comfort, protection and > privilege is gone. _My_ ass is on the line. Or

[tor-relays] BoingBoing Says Running Exits Is No Trouble re: LEA

https://boingboing.net/2016/07/01/researchers-find-over-100-spyi.html "Many people fear that running an exit node will put them in police crosshairs if it gets used in the commission of a crime. For the record, Boing Boing runs a very high-capacity exit node, and though we've received multiple

[tor-relays] Darknet Shenanigans [was: suspicious "Relay127001" relays]

On 7/6/16, Roger Dingledine wrote: > In this > case we actually found these relays misbehaving (accessing onion https://boingboing.net/2016/07/01/researchers-find-over-100-spyi.html http://motherboard.vice.com/read/over-100-snooping-tor-nodes-have-been-spying-on-dark-web-sites

Re: [tor-relays] suspicious "Relay127001" relays

On 7/6/16, Green Dream wrote: >> It's up to directory authority operators to deal with >> suspicious/rogue/misconfigured relays by marking them as >> invalid/rejected/badexit. > > So... what's going on in this particular case and what are the directory > authorities going

Re: [tor-relays] tor-relays Digest, Vol 67, Issue 12

On 8/5/16, Flipchan wrote: > [bad netiquette] When replying to digests... - At minimum, change the subject to the original subject. Optimally also include proper header threading. Repliers should subscribe to per message distribution instead. - Delete all content from the

Re: [tor-relays] Local DNS on Exit logs failed user queries

On 8/16/16, teor wrote: > Or is it safer just to log a few essential categories? > (Can anyone recommend any?) Once properly set up and tested, DNS just works, only maintenance being updating root zone or keys whenever. You might be interested in aggregated stats logs it

[tor-relays] [OT] VPNGate needs nodes

For those of you offering more than one service on your box, an example among many other circumvention / overlay networks you might like to support... http://www.vpngate.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] Connectivity issues; disabling my relay

Steven wrote: > So, I've concluded that these little bursts of packet loss are really > just some failed equipment of the backhaul carrier, and that it isn't > fixed yet is most simply explained by incompetence. At first all I read in your graph was the latency drop. But yes now I see the

Re: [tor-relays] Proposing an Exit Node

I agree with you here. This is a mission, a partnership amongst all perticipants, even negotiated and discovered as such, to good ends and via good means, amongst similar, or amenable participants, with backbone, and with high principles. Yes toppost, shootme. On Tue, Jan 17, 2017 at 2:00 AM,

Re: [tor-relays] Proposing an Exit Node

On Tue, Jan 17, 2017 at 1:08 AM, Kenneth Freeman wrote: > On 01/16/2017 11:49 AM, Olaf Grimm wrote: >> Now I have my servers outside and at home a middle node only. > This is best practice. And even under a proposed corporate aegis (LLC, > you really need to be loaded for

Re: [tor-relays] FW: What's a "useful" mailing list contributor? (was Re: What's a "useful" relay?)

I would support Rana's volunteer proposal as described, and growing integration, as being a beneficial contribution. Let us not forget, all begin as noobs to a norm, and full normalization may be chilling to diversity. ___ tor-relays mailing list

Re: [tor-relays] relay on a vps not exclusively used for tor?

On 8/21/16, Michael McConville wrote: > Anything other than Tor running on the server is a liability. I'd be > particularly concerned about things like Owncloud (not to mention web > servers), which has a history of security vulnerabilities. I think it's > best to restrict Tor

Re: [tor-relays] BSD buildbot: call for enrollment

On 8/24/16, George wrote: >> src/or/connection.c:1796: warning: passing argument 1 of 'TO_OR_CONN' >> discards qualifiers from pointer target type > I can't remember which Tor branch, but I do remember Tor at a certain > release wouldn't run on FreeBSD 8.4. The above warning

Re: [tor-relays] #torstrike

On 8/31/16, Green Dream <greendream...@gmail.com> wrote: > Well said grarpamp. > >> there are plenty of other already existing, interesting, and >> upcoming anonymous overlay networks for transporting IP, messaging, >> storage and so on. > > Mind sharing some

Re: [tor-relays] newer version of tor

> yep how right you are, I tested it but it pulled in libsystemd for some > reason > and the whole point of moving to devuan was to get away from that > unneeded dependency. > > So I guess I have to compile it myself then!? Most autotooled software including Tor is easy to compile, so if whatever

Re: [tor-relays] #torstrike

On 8/31/16, Kenneth Freeman wrote: > As for the burgeoning of anonymity networks other than Tor, it'll be > interesting to see what level of interest law enforcement organs take in > them, if any. We know certain elements and entities are not at all fond of encryped

[tor-relays] Any users of FlashProxy, any servers?

On 8/31/16, Kenneth Freeman wrote: > Flash proxy may be of some utility here Being not outside the tor ecosystem it's not really something all that different to explore (regarding topics of the other thread). It's basically a pluggable transport with unique 'nodes as

Re: [tor-relays] tor-relays Digest, Vol 68, Issue 12

On Sun, Sep 4, 2016 at 8:17 AM, jensm1 wrote: > you can then configure your inbox to > put everything containing [tor-relays] into its own folder This is non ideal as it continues the poor notion that bloating everyone's subject lines with, currently 13, characters of non content

Re: [tor-relays] "Potentially dangerous relay groups"

On Tue, Sep 27, 2016 at 4:38 PM, Roman Mamedov wrote: > *) Give up on listing fingerprints, instead simply list nicknames. No. Fingerprints are what to use here. Please do not use nicknames. Ignoring the ambiguous assertions you'd be making with nicks, it inserts the same

Re: [tor-relays] "Potentially dangerous relay groups"

On Wed, Sep 28, 2016 at 6:24 AM, Chad MILLER wrote: > Why isn't MyFamily a family name, instead of a list of members? I see no > downside to having an unauthenticated Because anyone can assert the string and shared strings can't cross certify each other.

Re: [tor-relays] "Potentially dangerous relay groups"

On Wed, Sep 28, 2016 at 2:53 AM, Roman Mamedov wrote: > Any actual rationale, other than "do as I say"? And aside from linking to the > man page which doesn't provide one EITHER. The ambiguity problems are long known, leading to it going away. Feel free to search historical

Re: [tor-relays] You dont love me anymore :(

It's an error being corrected, turn it back on and recheck everything in a few hours. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ExitPolicy reject 184.107.0.0/16* funio.com

On Thu, Oct 27, 2016 at 11:57 PM, Markus Koch wrote: > I tried to reject the IP > space of funio but Tor is telling me its not allowed. Why? Your syntax is probably wrong. Search and read the "ExitPolicy" section in the manpage for tor(1). You probably want...

Re: [tor-relays] Tor bandwith question

On Tue, Nov 1, 2016 at 8:31 AM, Michael Armbruster wrote: >> Well, Tor-relay-debian says 250KBps (bytes): >> https://www.torproject.org/docs/tor-relay-debian.html.en >> >> But Tor-doc-relay says 2Mbps (bits): >> https://www.torproject.org/docs/tor-doc-relay.html.en > > Which is

Re: [tor-relays] proper way to insert PGP key in torrc?

On Thu, Nov 3, 2016 at 6:39 AM, Toralf Förster wrote: > Not too much fun with such a lame relay I fear He's running a relay because what he believe and it's fun without hurting nobody.. and you bash him not running with big dogs. Wtf bro. Props to this guy and everybody

Re: [tor-relays] Exploiting firmware

>> Intel ME/AMT concerns me too > AMD Family 15h itself is safe. No one has any proof of that for any modern cpu from any maker, featureset irrelavant. They all accept microcode updates, which btw are all encrypted closed binary blobs. And the chips themselves are fully closed source containing

Re: [tor-relays] Exploiting firmware

On Fri, Dec 9, 2016 at 4:53 AM, Roman Mamedov wrote: > option available today, and you don't have to go back to Pentium 200 to avoid Using such a relic as a scrub firewall might protect you from magic packets launched by your adversaries towards one of those listening

Re: [tor-relays] network diversity with freeBSD

On Sat, Dec 3, 2016 at 10:14 AM, pa011 wrote: > [WARN] Your server (x.x.x.x.:4443) has not managed to confirm that its > ORPort is reachable. Relays do not publish descriptors until their ORPort and > DirPort are reachable. https://www.freebsd.org/releases/11.0R/announce.html

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

For efficiency upon yourself and others... Don't add the '$'. Use lower case for fingerprints with no spaces (ticketed). Use the same myfamily line including all your relays for all your relays, no point in trying to leave announcing relay out of list.

Re: [tor-relays] Raspberry Pi + Raspbian GNU/Linux 8.0 (jessie) + bind errors

On Thu, Jan 5, 2017 at 9:38 PM, Kurt Besig wrote: > Ideas on best method to bind these ports to tor on startup as non-root? It's an ancient unix security trust thing (today aka: lol). Anything uid != 0 is denied bind to 0~1023. So you can't without tricks. Linux probably

Re: [tor-relays] TransPort: Convert iptables to pf

On Wed, Dec 28, 2016 at 5:07 PM, diffusae wrote: > I needed the buildworld to create a jail with ezjail. If you break some of these down all they do is lay down an installworld in DESTDIR and run jail on it. Too heavy for some who tar up / and /usr and lay them down

Re: [tor-relays] [Crypto-practicum] Open-source cooperative security using low-cost HSMs?

On Fri, Dec 30, 2016 at 10:36 PM, Bill Cox wrote: > One problem is shills. IIUC, TOR has a problem where an attacker can create > a ton of nodes that collude. > TOR could be > 50% shills and we would not know. Is this something that could > be implemented effectively with

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

On Thu, Dec 22, 2016 at 2:07 PM, Rana wrote: > If there is such a wiki I will be happy to submit my reports, I am not aware > of one. Please see and contribute to the following... https://trac.torproject.org/projects/tor/wiki/doc/HardwarePerformanceCompendium > Also,

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

On Fri, Dec 23, 2016 at 12:06 PM, Rana wrote: > If the small relays are largely unused (eg if 10% of the relays carry 90% of > the Tor traffic - does anyone have an exact statistics on this?) and if, in > addition, there is no increased anonymity benefit in having a lot

Re: [tor-relays] TransPort: Convert iptables to pf

On Wed, Dec 28, 2016 at 11:07 AM, diffusae wrote: > If you try a "build world" an the RPi itself, it took more that three > days. ;-) Need to buildworld is rare and usually noted in UPDATING and kernel config files. make buildkernel will be much faster, and even faster if

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

On Thu, Dec 22, 2016 at 4:59 AM, Rana wrote: > A 20 mbps Pi relay has been reported here, still under-utilized. All these reports of this or that made in piles of random email ... serves no one past the typical few day participant convos. So please people... submit all

Re: [tor-relays] Tor Relay On Pfsense 2.3.3-RELEASE-p1 (amd64)

> Note that the current pfSense 2.3.3 is based on FreeBSD 10.3-RELEASE, > when it probably makes more sense to run a fresh relay on the 11.x branch. > > Instead of expending effort on getting Tor running on pfSense, I'd > recommend just running a FreeBSD relay with the sole purpose of being a >

Re: [tor-relays] Tor Exit & Law

On Thu, Mar 9, 2017 at 8:24 AM, Sebastian Urbach wrote: > https://www.torproject.org/eff/tor-legal-faq.html.en > It is almost never a good idea to run an Exit@home: "Almost" invites a wide range of interpretation and application. If you've done your legal, technical and

Re: [tor-relays] increasing per IP tor instance limit (2 instances per one IPv4)

Even support for >1 per /24 is questionable when facing sybil, and it lets people be lazy piling on known hosters instead of shopping around for new tor / crypto friendly providers and supporting that by throwing money at them. If you want to 'get your money worth' then also run I2P, Freenet,

Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems

> We don't know how to give users good anonymity when some relays can't > connect to other relays. This would happen if we allowed IPv4-only relays > and IPv6-only relays in the same network. With "IPv6 only" relays available in the consensus the answer may be... when their count is the same as

Re: [tor-relays] IPv6 to IPv4 tor exit relays would fix many daily tor-problems

On Fri, Jun 30, 2017 at 3:41 AM, teor wrote: > Tor client anonymity relies on every relay being able to connect to every > other relay (a "clique network"). Depends on what you're up against. Assumed ability to connect to and traffic through entire consensus isn't the same as

Re: [tor-relays] Exit flag and port 6667 vs 6697

>> at the "cry" relay (one of top 10) - it is not marked as "Exit" as it > > It means that clients won't chose the relay for preemptive exit circuits. > I think it might get some other Exit usage, but I'm not sure. Users (various technical folks) sometimes configure traffic though exits lacking

Re: [tor-relays] 100K circuit request per minute for hours killed my relay

Misc related on freebsd... netstat -m netstat -nxAafinet vmstat -fimz sysctl -a ulimit -a loader.conf sysctl.conf config(8) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] WannaCry fallout FYI

On Sun, May 14, 2017 at 6:28 PM, Roger Dingledine wrote: > "Additionally, organizations should strongly consider [buying our > fancy proprietary "threat intelligence" tools]. Enabling this to be > blacklisted will prevent [thing that we're trying to scare you about > without

Re: [tor-relays] Fwd: 2017-06-07 15:37: 65 new tor exits in 30 minutes

On Thu, Jun 8, 2017 at 12:15 AM, Arisbe wrote: Content-Type: text/html :( > Seems like none of us have the time to research these events or those before. > If people can't play by written and unwritten rules regarding Tor contact > info, family members, etc. and they 'could'

Re: [tor-relays] Kitten1 and kitten2 compromised (guard/hs/fallback directory)

> remember that they took the relay because > a *victim* contacted it, not because they think the "guyz behind the > software" did. Civil sue them for stupid thinking / false arrest confiscation, loss of service and use, public tarnishment, bad training, etc. >> what can be interesting for

Re: [tor-relays] Legal Status of Relays Worldwide [was: kittens seized]

On Mon, May 22, 2017 at 1:48 PM, Nagaev Boris wrote: > Unfortunately rarer things happen. The ongoing case in Russia: > https://www.theregister.co.uk/2017/04/13/tor_loses_a_node_in_russia_after_activists_arrest_in_moscow/ > "According to TASS, he’ll be held for two months

Re: [tor-relays] tor on tails

In the sense that tails is a unix flavor OS, just like Arch Linux, FreeBSD, OpnSense, etc... it will work and is a fine idea as any other, so long as you the unix admin are able to set it up. ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] About relay size

On Wed, Oct 4, 2017 at 1:49 AM, teor wrote: > And most clients just send a DNS name and a set of IP version flags. > > For the rare cases where literal addresses are used, or there are > IPv6-only websites over DNS, tor could be smarter. Not as rare as vanilla websurfing

Re: [tor-relays] Feedback wanted: letter to my university's library

> Parenthetically, even setting up a https://littlefreelibrary.org at my > condominium complex has been met with incomprehension and fear... Easier for them to do that than realize the many $thousands they paid for their education which could have been free. Indoctrination withdrawal syndrome is

Re: [tor-relays] Tor exit nodes attacking SSH?

On Wed, Aug 9, 2017 at 4:08 PM, Alexander Nasonov wrote: > m...@eugenemolotov.ru wrote: >> After that check from which ip it was logged in. This probably >> would be ip of the exit node. > > What if they "bridge" mitm-ed traffic to a different host? > > I saw a similar ssh

Re: [tor-relays] About relay size

>> Or instead of router mode, try bridge mode feeding into any old pc running Noting that even some crappy hardware will still fall over when put in its so called "bridge" mode, which should just be some packet buffering between the wires and their encodings, but it's obviously still looking at

Re: [tor-relays] About relay size

Little thought yet but related, figured if client host is dual stack, could separate "client over WAN via IPv to reach relay" function from traffic routed into tor's cells for carriage to pop out other side, like a VPN for IP versions. Exits would have to tag their support of "exit v4 and/or v6 to

Re: [tor-relays] spurios warning about using the nickname instead of the key

> and pgpdump says: > Dylan, you seem to have encrypted this to Should have used throw-keyids ;) And/or it could be a proof... > (pgp/gpg usability ftw) ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] Using ContactInfo to publish additional relay properties in a standardized way (opt-in)

> ExtraInfo documents are also one possibility for communicating > OutboundBindAddress values, as well. While publising OBA's may be wanted by censoring firewall pedants, it's not productive for relay operators who wish, as is their right, to offer tor users the chance to use exit IP's that

Re: [tor-relays] Individual Operator Exit Probability Threshold

>> :> what the current value of "global" is but I should hope it's well above >> 5%... >> :I'm curious about what you mean by "global" here, and how it relates to >> :[potentially] malicious operators (suspicious relays of which are >> :frequently thrown off the Tor network). >> >> "global" as

Re: [tor-relays] About relay size

> Larger, faster relays help clients achieve low-latency, high bandwidth > connections. This may depend? Do we have a graph of actual headroom / saturation in the network of boxes versus consensus weight versus max box speed? Does weight back off below historically sensed saturation levels?

<    1   2   3   4   >