[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?



There's no point in putting relays flagged as BadExit into your torrc
since your client will already avoid them. However, if you want a
listing of the bad exits then it's available at:
https://trac.torproject.org/projects/tor/wiki/badRelays

As for the previous discussion of if plaintext-only exits warrant the
flag, here's my bit to add to the discussion:

We already filter exit nodes based on suspicion by defaulting
ExcludeSingleHopRelays to true (the reason for that being that single
hop exits are more likely to be passively monitoring data). We also
invalidated the trotsky relays without proof of malicious intent (a
suspected sybil attack when over seven hundred identical relays
appeared out of the blue). I'm a little in favor of flagging
plaintext-only exits, though I agree that it sucks when flagging
doesn't have a smoking gun.

Cheers! -Damian

On Sun, Jan 30, 2011 at 10:58 AM, Orionjur Tor-admin
<tor-admin@xxxxxxxxxxxxxxxxxx> wrote:
> Damian Johnson wrote:
>> The five relays Mike mentioned have been flagged as BadExits [1].
>> Adding them to your ExcludeExitNodes isn't necessary. -Damian
>>
>> [1] https://trac.torproject.org/projects/tor/wiki/badRelays
>>
>> On Sun, Jan 30, 2011 at 1:33 AM, Jan Weiher <jan@xxxxxxxx> wrote:
>>>> At some point, we intend to shrink exit policies further as Tor scales
>>>> to more decentralized schemes. Those exit policies will likely be
>>>> represented as bits representing subsets of ports. When that time
>>>> comes, we will very likely combine encrypted and unencrypted versions
>>>> of ports together, removing this option entirely.
>>>>
>>> Sounds good. But what to do for now? Just creating a list of nodes which
>>> only allow unencrypted traffic and put them into the ExcludeExitNodes
>>> list? Shouldnt these nodes be excluded by default?
>>> I'm unsure. I want to stress again that I'm not saying any operator is
>>> doing anything evil, but I think we should find some way to avoid nodes
>>> which have such weird exitpolicies.
>>>
>>> best regards,
>>> Jan
>>> ***********************************************************************
>>> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
>>> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>>>
>> ***********************************************************************
>> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
>> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>>
>
>
> Is it possible to publish a list of bad-exits for copypasting it to
> /etc/torrc in addition to the above-mentioned list?
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/
>
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/