[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Answer by perfect-privacy.com Re: perfect-privacy.com, Family specifications, etc.



Hi,

What I did was just file a report at the company's website. It took them
only minutes to get back to me.
Scott, I don't know why, but you probably didn't get their response in
the first place.

-------- Original Message --------
Subject: Re: - Medium - Tor servers, Tor community wants to disable your
nodes - General
Date: Mon, 17 May 2010 13:46:04 +0200
From: Perfect Privacy Administration <admin@xxxxxxxxxxxxxxxxxxx>
Organization: PP Internet Services

Hello, Moritz!

We explained the situation already three days ago to Scott Bennett who
had contacted us by e-mail about it.  We will resolve the situation, as
soon as we have time.  The Tor software makes it unfortunately very
time-consuming to maintain the "MyFamily" entries, once one has a lot of
servers.  We currently would have to edit 45+ torrc entries on 45+
server whenever a server is added or removed (what happens frequently),
just to keep "MyFamily" up-to-date.

A proposal to the TOR developers:  I don't know if it's technically
possible, but maybe one could introduce a "BelongingToFamily" entry or a
similarly named command in future versions of TOR which could work as
such, as that every server which contains the same "BelongingToFamily"
entry (e.g. "BelongingToFamily xyz") belongs to the family "xyz".

That way one wouldn't have to enumerate all server names in the
"MyFamily" section of each and every individual torrc file what causes
an enormous effort if one adds a lot of servers (and donates a lot of
traffic) to the Tor network.  As mentioned, we currently would have to
edit 45+ torrc files on 45+ TOR servers whenever a server is added or
removed, and the number of our servers is constantly increasing.

Please find my reply to Scott beneath.  Maybe you can also be so kind to
forward it to the TOR community, as I'm not a part of the mailing list.

All the best,
Bruce
Perfect Privacy Administration



=============================



-------- Original Message --------
Subject: Re: your multiple tor node Family specifications
Date: Fri, 14 May 2010 13:16:32 +0200
From: Perfect Privacy Administration <admin@xxxxxxxxxxxxxxxxxxx>
Organization: PP Internet Services
To: Scott Bennett <bennett@xxxxxxxxxx>

Hello, Scott!

We are a non-profit work association which provides privacy services and
which donates a certain amount of the bandwidth of everyone of its
servers to the TOR network.

Our setup is currently as such, as that all servers which are located in
a specific data center or country, are grouped together in one family.
This has, above all, practical reasons, because we are already operating
45+ servers world-wide.  Additional servers are added on a frequent
basis; at times servers are also removed from our park, either because
we don't like the server's performance or because the data center
doesn't like the privacy services we are providing (and the abuse level
they create) and terminates a contract.

Grouping all servers into one family would, while being ideal, cause at
the moment a disproportional maintenance effort.  We would have to edit
and change the torrc files on 45+ machines whenever a server is added,
renamed or removed.  Currently, we only have one server in most data
centers, and where we have more than one it's usually not more than 2 to
5, so the effort to update the torrc files if another server should be
added to a specific data center is still quite manageable.

However, we naturally do understand your position.

Please consider this a temporary solution until we had the time to come
around to develop and to install scripts on all servers which will
enable use to propagate the "MyFamily" entry centrally to all TOR
servers in our park.  Whenever a TOR server is added or removed, the
scripts on the individual servers could then recreate updated torrc
files, using the centrally propagated "MyFamily" entry, reloading the
new torrc configuration at the same time.

This would solve the problem of cumbersomely manually updating a
steadily growing number of 45+ torrc files on 45+ different servers
whenever a server is added, renamed or removed from our park, just in
order to have the correct "MyFamily" entry in all of them.

Actually, thinking about it, if the TOR configuration file does support
a command like "Include" which would permit TOR to read configuration
entries from another file (a file which contains the "My Family" entry
and which we can centrally propagate to all servers with scp), a
solution to this problem could be implemented much quicker.  I don't
have the list of TOR commands in my head and will have to look up if
such a possibility exists...

In any way, we will take care of this issue as soon as our time permits.
We are planning to rewrite the torrc files anyway, making use of the
DirPortFrontPage command to display a disclaimer on port 80.  Maybe the
one effort can be combined with the other.

All the best,
Bruce
Perfect Privacy Administration



On 11.05.2010 20:25, Scott Bennett wrote:
>      Your organization appears to have a large number of tor relays listed
> in the tor directory.  Most of them are grouped into one Family or
another,
> but they properly should *all* be in the *same* Family.  Under the current
> configuration, it is quite possible for a client to choose a route for a
> new circuit in which every hop would use one of your relays, each chosen
> from a separate Family.  It seems to me that you should change all of your
> relays' torrc files to specify all of them in a single Family.
>      I intend to post a warning notice about what you've done quite
soon on
> the or-talk mailing list, but I am sending you this note first to give you
> a chance to explain/justify your setup before I involve the rest of the
> community in the matter.
>
>
>                                   Scott Bennett, Comm. ASMELG, CFIAG

-- 
Moritz Bartl
GPG 0xED2E9B44
http://moblog.wiredwings.com/
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/