[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Is "gatereloaded" a Bad Exit?

> Can you please say a little more about this for all of us who are not au
> fait with all command options?

Relays have an option to allow single hop connections through them,
which is off by default. If relays *do* set this and allow single hop
circuits through themselves then Tor clients by default avoid them for
*any* usage in their circuits. Here's the description from the man
page [1]:

ExcludeSingleHopRelays 0|1

This option controls whether circuits built by Tor will include relays
with the AllowSingleHopExits flag set to true. If
ExcludeSingleHopRelays is set to 0, these relays will be included.
Note that these relays might be at higher risk of being seized or
observed, so they are not normally included. Also note that relatively
few clients turn off this option, so using these relays might make
your client stand out. (Default: 1)

In short, there's no proof that these relays are bad but we avoid them
because they're riskier (hopefully the parallels with the current
discussion are obvious).

> Could you please say a little more about this case and "sybil attack[s]"?

A sybil attack is where a huge number of relays operated by a single
entity appear with the goal of doing bad things (for instance
operating the first and last circuit hops to correlate traffic).
Again, during that incident we didn't have proof that the seven
hundred Trotsky relays appearing out of the blue were bad - we
invalidated them because they were highly suspicious, lacked contact
information, and had no family entry set.

In both of those cases we took harder measures based on suspicion of
malicious intent than we are with these plaintext-only relays. Despite
its name, the BadExit flag really isn't a big whoop - the relays are
still perfectly usable for guard and middle hop positions. They just
aren't seeing exit traffic any longer. -Damian

[1] https://www.torproject.org/docs/tor-manual.html
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/