[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The status and future of Mixminion network



[X-posted to the remops list.]

On Sat, 15 Sep 2007, Marco A. Calamari wrote:

> The Mixmaster flood we saw in the last two weeks
>  is unprecedented, as volume of mail that flow
>  *successfully* throught the remailer.
> Most trafficked ones remailers a tenfold raise of their
>  normal traffic for days; George peaked as 60K message
>  a day.

Indeed. It is unfortunate that randseed is not operating currently -- I
use it to monitor such floods, by recording a timestamp (not connected or
linkable to the message that generated it) when a message comes into the
remailer.

It is possible that the flood we just saw was not malicious, but instead
someone testing out something built on top of mixmaster. (A darknet
perhaps?) It's impossible to tell.

The flood that targetted randseed and several other remailers last year
did so in a particularly nasty way, which I won't get into here as not to
give people ideas. So if this was a more naive flood, or an unintentional
one, it's possible that more traffic could have done less damage.

I also have to point out that Mixmaster has gotten a lot more stable since
the days of 2.9 beta.

> The only (strange) measure I took was stopping
>  nilsimsa, that was completely uneffective against
>  the flood but was responsible of a too hight
>  load on cpu. Done this, also considering
>  that most of remailer now had better connectivity
>  than a couple of years ago, I was surprised
>  how well a lot of remailer survived against this flood.

Hmm. Nilsimsa should probably be optimized better; perhaps compiled as
byte code. That would help.

> I'm surprised (negatively) of the lack of any public
>  reaction of remops community, that didn't share any info
>  to better react to the flood, and didn't react at
>  all as "community" .

Well, in the case of such floods, sometimes the best thing we can do is
just "ride it out." Which we seemed to have done, in this case. But you're
right -- the remop community appears to have lost its unity.

> Another thing.
> I wrote a mail in the Mixminion list because I suspect
>  that a different Dos was attempted against the mixminion
>  network.

That's surely possible. As I mentioned, my server operating my remailers
is currently offline (my colo provider, the California Community Colo
Project, sadly ran out of money, and I haven't had a chance to move the
server to its new location.) Thus, I am only speculating, as I am
currently a remop in name only, and cannot observe the floods myself.

> No correlation seems to exist between software version
>  and surviving nodes.

Bear in mind that people may have applied the bugfix patch of Nick's,
without changing the version number.

> Now more that 60% of nodes are down,
>  but once more no reaction at all comes from
>  the operators.
>
> I'm positively concerned for this lack of reactions
>  and mutual help from both community.

Well, for one, we need to have the remops list discussing this. I'm afraid
also that we may have lost a number of "old-timers" when we switched
mailing lists a while back. For those who don't know, the new remops list
is here:

http://lists.mixmin.net/mailman/listinfo/remops

Secondly, this *is* being discussed somewhat in private and over irc.
Sometimes it takes a little while for things to make it to the mailing
lists, as we don't wish to cry wolf. You and I, and others, are reacting
-- hopefully that's a good sign.

In the mean while, if people can post stats about the flood, and if
someone wants to port my timestamp hack to Mixminion and start recording
the rate at which these messages are arriving and share that data, it may
help. (Just don't do any kind of logging that could reveal identity/break
anonymity. Let's hold remop ethics to a higher standard than some recent
Tor operators have shown.)[1]


Cheers,

Len



[1]
http://rabbi.vox.com/library/post/the-embassy-password-scandal-new-dog-old-trick.html