[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
From: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Fri, 14 Aug 2020 13:12:35 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 14 Aug 2020 13:12:47 -0400
In-reply-to: <26053174-9407-4B29-8CA3-DCB163F537D7@to-surf-and-protect.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <730db076-2e22-3aae-41dc-6e3fe5952aa9@riseup.net> <CAHcjhEHhNw5vB=p-0q5nRKP+fHDAG-XmQuPi=K5GCAE10iDnQQ@mail.gmail.com> <26053174-9407-4B29-8CA3-DCB163F537D7@to-surf-and-protect.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.10.1 (2018-07-13)

On Thu, Aug 13, 2020 at 03:34:55PM +0200, niftybunny wrote:
> This shit has to stop. Why are the relays in question still online?

Hm? The relays are not online -- we kicked them in mid June.

We don't know of any relays right now that are attacking users.

Or said another way, if anybody knows of relays that are doing any attacks
on Tor users, ssl stripping or otherwise, please report them. I believe
that we are up to date and have responded to all reports.

That said, there is definitely the uncertainty of "I wonder if those
OVH relays are attacking users -- they are run by people I don't know,
though there is no evidence that they are." We learned from this case
that making people list and answer an email address didn't slow them down.

I still think that long term the answer is that we need to shift the
Tor network toward a group of relay operators that know each other --
transparency, community, relationships, all of those things that are
costly to do but also costly to attack:
https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001
https://lists.torproject.org/pipermail/tor-relays/2020-July/018656.html
https://lists.torproject.org/pipermail/tor-relays/2020-July/018669.html

But the short term answer is that nobody to my knowledge has shown us
any current relays that are doing attacks.

Hope that helps,
--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: disrupt_the_flow
- Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: niftybunny

References:
- [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: nusenu
- Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: Michael Gerstacker
- Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
  - From: niftybunny

Prev by Author: [tor-relays] Exit relay: ERROR -- No Descriptor Available
Next by Author: Re: [tor-relays] anyone else with this issue?
Previous by thread: Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
Next by thread: Re: [tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
Index(es):
- Author
- Thread