[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] "What fraction of the tor network by consensus weight are the openssl-vulnerable relays?"



Making a separate thread so as not to pollute the challenger[1] one.

Roger: you wanted to know (times are UTC if anyone cares),

[22:08:35] [...] we now have a list of 1000 fingerprints, and we could pretend those are in the challenge and use our graphing/etc plans on them
[22:08:45] they happen to be the relays vulnerable to our openssl bug
[22:11:43] "what fraction of the tor network by consensus weight are they?"
[22:11:49] "over time"

Given them[2], the challenger (with minimal changes to fix downloader and to make Onionoo not falter)[4] will spit out the following results:

 -Âhttp://ravinesmp.com/volatile/challenger-stuff/vuln1024-combined-bandwidth.json
 -Âhttp://ravinesmp.com/volatile/challenger-stuff/vuln1024-combined-weights.json
 -Âhttp://ravinesmp.com/volatile/challenger-stuff/vuln1024-combined-clients.json [uh oh, this one's empty. Why is it empty? Didn't look into it.]
 -Âhttp://ravinesmp.com/volatile/challenger-stuff/vuln1024-combined-uptime.jsonÂ

The 'combined-weights.json' is probably the one you might be after. But that's all I did for now.

You also said that these aren't all the vulnerable relays that there are out there. You linked to a more complete list[3], but it has some typos, etc. I haven't done anything with it, maybe someone will take over, or I will do something later on.

[1]:Âhttps://lists.torproject.org/pipermail/tor-relays/2014-April/004214.html
[2]:Âhttp://ravinesmp.com/volatile/challenger-stuff/vuln_fingerprints.txt
[3]:Âhttp://freehaven.net/~arma/vulnerable-keys-2014-04-08b
[4]: commits:

--

kostas / wfn

0x0e5dce45Â@ pgp.mit.edu
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays