[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor relay activity from Antarctica

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor relay activity from Antarctica
From: Collin Anderson <collin@xxxxxxxxxxxxxxxxxx>
Date: Thu, 29 Aug 2013 01:30:11 -0400
Cc: helpdesk@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 29 Aug 2013 01:41:59 -0400
In-reply-to: <CACox6zAUsN4xYsO0_9d6Zv_FrbFZObsuVrf3YO7ka2zzD8z-_A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CACox6zAUsN4xYsO0_9d6Zv_FrbFZObsuVrf3YO7ka2zzD8z-_A@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

MaxMind, the database that powers the location tracker is far from perfect
and will accept IP prefix registration information blindly. For example on
my throttling work I found Iranian hosts with orders of magnitude faster
connections than anything else, only to realize they were actually web
servers in the Netherlands but registered to people inside Iran. I'd bet if
you found the actual IP address it would be in some place decidedly more
banal.
On Aug 28, 2013 12:56 PM, "lee colleton" <lee@xxxxxxxxxxxx> wrote:

> There is an indication that computers are connecting to the "Tor"
> anonymizing proxy network from Antarctica. This information is anonymously
> self-reported by the connecting client computers and it's entirely possible
> that the locations are inaccurate. However, there is also a possibility
> that malicious software has been installed on computers in one of your
> research stations which is using the Tor network for command-and-control
> purposes, unbeknownst to the owners. I would encourage you to investigate
> this matter.
>
> I'm an operator of Tor relays and take an interest in the activity on the
> network, but I'm not directly affiliated with the Tor
> Project<https://torproject.org>nor do I claim to represent them.
> Please refer to their website for further
> information and official contact addresses. I've also sent this message to
> their mailing list should you wish to follow up, there.
>
> Kind regards,
> Lee Colleton
>
> [image: Inline image
> 1]<
> https://metrics.torproject.org/direct-users.png?start=2013-05-29&events=off&end=2013-08-27&country=aq
> >
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
> To unsusbscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor relay activity from Antarctica
  - From: lee colleton

Prev by Author: Re: [tor-talk] Tor Mail Gateway (was: Re: Replacement for Tormail)
Next by Author: Re: [tor-talk] Tor and Financial Transparency
Previous by thread: Re: [tor-talk] Tor relay activity from Antarctica
Next by thread: [tor-talk] Tor and Financial Transparency
Index(es):
- Author
- Thread