[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Vidalia: Default relay policy => exit node

Hi All,

TL;DR: it too easy to run an exit node. Make it impossible to accidently operate one

If this discussion happened before: Sorry, did not find it.

I know that exit nodes are more ore less relay nodes that also allow traffic out of the tor network. On a technical level. But the "real-world"-implications are much more severe. Exit node operators should really know of the possible implications of their doing. But at the moment, in Vidalia one only needs to change "Run as client only" to "Relay traffic for the tor network". In torrc I think you only need to uncomment the ORPort setting and forget to uncomment the "reject *:*".

I cannot think of a talk or documentation I came across that does not distinguish between exit node and relay node. The implications are totally different. Why does the configuration break with this?

I suggest to make it impossible to run a exit node accidently. Something along "sha1sum the configuration file and add 'ExitNode `sha1sum torrc`'". IFF the sha1sums match allow something else than "reject *:*". tor must exclude the ExitNode line to allow matching, obviously.

Background: I recently organized a cryptoparty. One of the participants who used Tor the first time decided to run a tor relay. I noticed that he'd run an exit node by sheer chance. Shit like this is why we can't have nice things.

regards Arian

Attachment: signature.asc
Description: OpenPGP digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to