[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] issues with a fresh new tor server

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] issues with a fresh new tor server
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Sun, 21 Aug 2016 13:20:10 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 21 Aug 2016 13:20:29 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-transfer-encoding; bh=7Vpn0X2Su7cEcY+o76eSsA6RVIvxpLdiWTqfv/HNJaM=; b=OI3v1m8nQuz1GEP1sY3BTCaV2SF+3XvcXFNogRk/0yNJFkjZU2HZcJpi3df6ctReAY ewCBcQV1mPjid215pSlie1Qrzwz8ENYLtTJoQCJUmqZrScK8HMJ8LMRIIFtAvqXYrugn ft6tsVmcfn708h3YMJCEBXi2gHzoOIDiZTeUU+swqcSp1M3K+Juvwnx8Ndb2jzy/oh1T iLqv2kf5oMY0Nv6meWHQVdIdhcChCnWiYz+uP0YT+Y9W8gYHeYjeOEDfe/5mQblh6ymt sJba58CUWnKyIIqMUg4YFQb3UZnNzcN/Az1VXQsmNW3oxrZ3f0ioz9CRd46il/TGVFCW txgw==
In-reply-to: <290681a6-555a-434e-79f0-4a350863ac96@gmx.de>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <f15d1f7b-cf01-08ff-9c9f-18e1c712f21c@gmx.de> <937c5026-a4fc-80b6-6501-7d81bc319cf8@tvdw.eu> <290681a6-555a-434e-79f0-4a350863ac96@gmx.de>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On 8/21/16, Toralf Förster <toralf.foerster@xxxxxx> wrote:
> I'm pretty convinced that this is an easy method to ensure an attacker
> even with physical access to a server (eg. while changing a defect
> hard disk) can't achieve the secret key.

rm the key/salt doesn't wipe the underlying data.
Wipe the files or the non swap backed fs, or use a pipe.
Some tools and allocators might wipe ram regarding core dump.
But still, turn off dumps. Considering...
- Adversary can always run a node at their cost
- Almost all nodes are linux attack surface, not diverse
- You keep copy of node key to help show revocation.
- You may not discover you're rooted
... don't lose sleep over it. Happy relaying.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] issues with a fresh new tor server
  - From: Toralf Förster
- Re: [tor-relays] issues with a fresh new tor server
  - From: Tom van der Woerdt
- Re: [tor-relays] issues with a fresh new tor server
  - From: Toralf Förster

Prev by Author: Re: [tor-relays] tor-relays Digest, Vol 67, Issue 12
Next by Author: Re: [tor-relays] #torstrike
Previous by thread: Re: [tor-relays] issues with a fresh new tor server
Next by thread: [tor-relays] relay on a vps not exclusively used for tor?
Index(es):
- Author
- Thread