[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks



Scott Bennett:
> Your proposed method of delaying the problem would impose a labor burden
> on the tor project as well 

If we assume that malicious relay activity is impacted I'd assume that the time saved 
using the proposal might as well outweight the time spend on bad-relays@

After implementation the proposal does not require resources from The Torproject 
besides publishing of the registry.


> Why would
> an automated solution not work? 

I believe the email verification can be automated completely. 
Also the mailing of letters can be automated but if - let's say 10  - letters/year are send
I'm not sure it is worth it.

> That would be a fast reaction and would not depend
> upon multiple human actions. 

There is no human interaction involved in the proposal to enforce a cap. The cap would be "on by default"
and lifted after verification is passed.

> You might also implement a "repeat offender"
> policy, whereby if the authorities lifted a relay's Exit flag more than n times
> within a month, a BadExit flag would be applied in addition, which then (and
> only then) would require the operator to contact the tor project about it.

Malicious actors usually come back with new relays (new keys, new IPs)
after they got cough. 


-- 
https://mastodon.social/@nusenu

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays