[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver
From: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Mon, 1 Jul 2019 01:32:58 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 01 Jul 2019 01:33:20 -0400
In-reply-to: <20190701100608.1ac9ecb4@natsu>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <de84f537-8659-e10f-29f2-a7a294c516d7@riseup.net> <1561791574.2862.22.camel@tn-x.org> <em1b3d6f45-a771-4992-ac42-e1ee9db1649d@erk-super> <20190701100608.1ac9ecb4@natsu>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.10.1 (2018-07-13)

On Mon, Jul 01, 2019 at 10:06:08AM +0500, Roman Mamedov wrote:
> On Mon, 01 Jul 2019 01:32:59 +0000
> "Matt Westfall" <mwestfall@xxxxxxxxxxx> wrote:
> 
> > Just set your exit relay DNS to 8.8.8.8 and 1.1.1.1 I mean dns traffic 
> > isn't bulk traffic, let google and CloudFlare do the "work"
> 
> It is considered to be a bad idea privacy-wise:
> https://medium.com/@nusenu/who-controls-tors-dns-traffic-a74a7632e8ca
> https://lists.torproject.org/pipermail/tor-relays/2016-May/009255.html
> https://lists.torproject.org/pipermail/tor-relays/2015-January/006146.html

Right, this is not recommended as best practice, because we don't want
these centralized services to be able to see too large a fraction of
exit destinations and timing.

https://freedom-to-tinker.com/2016/09/29/the-effect-of-dns-on-tors-anonymity/

It would be neat for somebody (maybe somebody here?) to be tracking the
fraction of exit weights, over time, that are using these centralized
dns servers. So we can see whether it's a growing issue or a shrinking
issue, to start, and whether we need to reach out to big relay operators
or not.

Thanks,
--Roger

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver
  - From: abuse net

References:
- Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver
  - From: Roman Mamedov

Prev by Author: Re: [tor-relays] Measuring the Accuracy of Tor Relays' Advertised Bandwidths
Next by Author: Re: [tor-relays] Question about Bridges Bandwidth Authority
Previous by thread: Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver
Next by thread: Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver
Index(es):
- Author
- Thread