[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: 25 tbreg relays in directory



     On Tue, 28 Apr 2009 09:59:05 -0400 andrew@xxxxxxxxxxxxxx wrote:
>On Mon, Apr 27, 2009 at 11:57:17PM -0500, bennett@xxxxxxxxxx wrote 5.4K bytes in 107 lines about:
>:      That brings up something that has bothered me for a long time.  When
>: tor discovers that its version doesn't match any in either client-versions
>: or server-versions, it currently writes complaints about it to the log(s),
>: but seems to do nothing further about it.  I'd like to see either of the
>: following.
>
>Recently, we're started emailing the node operators (at least those with
>valid contact info) suggesting they upgrade to at least 0.2.0.34-stable.
>This method seems to have a better success ratio in getting nodes
>upgraded from very old versions.  At least, better than the log messages
>that state your tor version is not recommended anymore.
>
     I just took a closer look at the obsolete nodes.  A number of them are
medium- to very high-data-rate nodes, including some that peak at over
1 MB/sec.  Obsolete nodes peaking at over 1 MB/sec currently include, according
to torstatus,

	Node Name			Peak Rate	Version
					(KB/sec)

	Kryten				2688		0.1.2.19
	TSL				5150 (!)	0.1.2.19
	c03d9ebf			1172		0.1.2.19
	3dd9T58cDbh84052b		1100		0.1.2.19
	ohvi5poH5e			1695		0.2.0.31
	Piratenschatzi			4180		0.2.0.32
	ratatouille			1140		0.2.0.32
	separator			1364		0.2.0.32
	liquitor			1637		0.2.0.32

     Now, frankly, I am not particularly worried about relays running 0.2.0.32.
The ones running any version in the 0.1.*.* series, however--and there are
118 of them showing in torstatus at present, including a 0.1.1.19-rc and a
0.1.2.9-rc that were restarted less than a day ago--should be ignored by
clients.  IIRC, there are known unsafe versions in the 0.2.0.x series that
should be ignored by clients.
     Nevertheless, the high-data-rate nodes running 0.1.x.x versions are of
great utility to the tor network, so I hope your efforts to contact operators
of obsolete relays will focus on these first.
     Looking at 0.2.1.x relays, the situation is not nearly as bad, which is
probably to have been expected because people following the development branch
are more likely to try to stay reasonably current and are also more likely to
pay attention to their tor log files.  (As the exceptions that prove the rule,
there are still some 0.2.0.x-alpha relays out there, though.)  I see

	MopperSmurf			1788		0.2.1.10-alpha

but there is also a low-data-rate Unnamed running 0.2.1.1-alpha.
     The core purpose of tor is to provide secure anonymity to the users of
tor clients, but tor clients currently are not equipped to bypass obsolete/
unsafe tor relays as identified by tor's developers.  This has bothered me for
a long time, and I hope it will be rectified one way or another in the next
stable and development versions.  Of the two options I suggested previously,
perhaps the next releases could use option b), which requires no changes to
the statements used at the beginning of the descriptor and consensus files
and no changes to torrc.  The more nuanced option a) could be added when
convenient to the -alpha versions, later to become part of the stable versions.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************