[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] relay on a vps not exclusively used for tor?



On 8/21/16, Michael McConville <mmcco@xxxxxxxxxxx> wrote:
> Anything other than Tor running on the server is a liability. I'd be
> particularly concerned about things like Owncloud (not to mention web
> servers), which has a history of security vulnerabilities. I think it's
> best to restrict Tor relays to dedicated installs.

Not only security of the relay, but of any dependencies
and privacy of any other operations and data you may
have on it should it get seized for whatever reason.
Of course risk of seizure is less with non-exits.

Since anyone can run a relay, and there aren't any
relay police or hardcoded restrictions, it's really up
to you and what you're comfortable with. For example,
many might use their VPS space to store encrypted
backups offsite, or run various small services that
have minimal risk or attack surface.

And to the extent that doing things will make you
a better admin, able to weigh operation security,
there can be a lot of good in that too.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays