[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?



 We already filter exit nodes based on suspicion by defaulting
ExcludeSingleHopRelays to true (the reason for that being that single
hop exits are more likely to be passively monitoring data).
Can you please say a little more about this for all of us who are not au fait with all command options?
We also
invalidated the trotsky relays without proof of malicious intent (a
suspected sybil attack when over seven hundred identical relays
appeared out of the blue).
Could you please say a little more about this case and "sybil attack[s]"?

On Sun, Jan 30, 2011 at 10:58 AM, Orionjur Tor-admin
<tor-admin@xxxxxxxxxxxxxxxxxx>  wrote:
Damian Johnson wrote:
The five relays Mike mentioned have been flagged as BadExits [1].
Adding them to your ExcludeExitNodes isn't necessary. -Damian

[1] https://trac.torproject.org/projects/tor/wiki/badRelays

On Sun, Jan 30, 2011 at 1:33 AM, Jan Weiher<jan@xxxxxxxx>  wrote:
At some point, we intend to shrink exit policies further as Tor scales
to more decentralized schemes. Those exit policies will likely be
represented as bits representing subsets of ports. When that time
comes, we will very likely combine encrypted and unencrypted versions
of ports together, removing this option entirely.

Sounds good. But what to do for now? Just creating a list of nodes which
only allow unencrypted traffic and put them into the ExcludeExitNodes
list? Shouldnt these nodes be excluded by default?
I'm unsure. I want to stress again that I'm not saying any operator is
doing anything evil, but I think we should find some way to avoid nodes
which have such weird exitpolicies.

best regards,
Jan
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/


Is it possible to publish a list of bad-exits for copypasting it to
/etc/torrc in addition to the above-mentioned list?
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/