[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #9686 [Tor]: MaxMemInCellQueues minimum of 500MB is too large for low-RAM relays (Raspberry Pi)



#9686: MaxMemInCellQueues minimum of 500MB is too large for low-RAM relays
(Raspberry Pi)
----------------------------+------------------------------------
     Reporter:  gmorehouse  |      Owner:
         Type:  defect      |     Status:  needs_review
     Priority:  normal      |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor         |    Version:
   Resolution:              |   Keywords:  tor-relay 024-backport
Actual Points:              |  Parent ID:
       Points:              |
----------------------------+------------------------------------

Comment (by gmorehouse):

 So is 256MB the new minimum?

 I don't think it'd be wise to try running Tor on a 256MB machine, but
 surely a 512MB machine should be allowable - at $25 each (and falling),
 10,000 of these could help sustain the network and reduce the percentage
 of compromised relays an attacker can potentially control.

 I came back to check this ticket after stumbling across the Sniper Attack
 entry[1] on the Tor Project blog. I'm concerned that setting the minimum
 MaxMemInQueues to 512MB leaves all relays with <=512MB of physical RAM
 vulnerable to this attack.  Beyond the potential usefulness of the 512MB
 Raspberry Pi to the Tor network, there's also a potential harm here given
 that a 512MB Pi relay could be DOS'd or used in deanonymizing hidden
 services.  People are very much using 512MB Pis as relays, not only myself
 but many others as shown by posts I've found and the level of interest
 from users in my Pi-specific Tor relay project[2] (still pre-alpha).

 If the lower bound on MaxMemInQueues has been reduced (say, to 384MB),
 consider this support for that.  If not, these are the reasons I think it
 should be reduced.  (Sorry, I don't know where to look to see what's been
 done in the branch mentioned above.)

 1. https://blog.torproject.org/blog/new-tor-denial-service-attacks-and-
 defenses
 2. https://github.com/gordon-morehouse/cipollini

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9686#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs