[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: I exclude all bloxortsipt nodes in my tor use



On Fri, Dec 04, 2009 at 12:18:39PM -0500, swinglowswinghigh@xxxxxxxxxxxxx wrote:
> all bloxortsipt## nodes, filling their entries with odd names within the downloaded descriptors files."
> 
> "And just what is that person doing running that large number of (stupidly named) Tor nodes?
> 
> A.) Helping us all, because he loves us all so dearly
> B.) Some type of Tor study, which almost always invovles breaking it,
> more often than not at some college(s)

Indeed.

> I don't know about you all, but I don't want anyone seeing that large
>of a percent of my total Tor traffic.

I've been keeping an eye on the bloxortsipt nodes off and on.

Looking at my cached-consensus file, there are 7 of them running currently
(2 of which are offering 0 bandwidth so clients will mostly ignore
them). Of those 5, they're offering a total bandwidth of 102 KB.

The total bandwidth mentioned in cached-consensus is 1354016 KB.

So "that large of a percent of my total Tor traffic" is in this
case 102/1354016 = .0075% of the Tor network.

You might instead ask about blutmagie, which at an advertised 41200 KB
is 3% of the Tor network.

The other thing to note is that none of the bloxortsipt nodes have either
the Exit or the Guard flag. So for normal circuits, they're never going
to see you or your destinations.

So I'm going to go with "Helping us all, because he loves us all so
dearly".

> If they did fix the Family line,
>what's the point in running so many nodes?

What's wrong with the Family line? It's long, but it looks well-formed
to me.

> They're not normal Tor nodes,
>something odd is going on that I don't know fully about.

Yep.

> This alone is
>enough for me to Exclude

I think this is a bad idea. Whenever your behavior is different from
the hundreds of thousands of other Tor users, you stand out and open
up ways that an attacker can recognize you. In this case the difference
in behavior is trivial, so not a big deal. But still it's something to
think harder about.

Rather than just excluding them and hoping that doesn't burn you, why
not contact him and ask what's up? Perhaps he's bundled a Tor relay with
some other software or hardware he maintains.

--Roger

***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/