> On 6 Aug 2017, at 02:38, Alexander Nasonov <alnsn@xxxxxxxxx> wrote:
>
> Ralph Seichter wrote:
>> I moved a Tor relay to new hardware, keeping the keys. Both old and new
>> server are located in Germany and provided by the same hosting company.
>> After the latest Atlas update, I was surprised to see that the IPv4
>> address is listed as belonging to an AS in Ukraine. A little more
>> digging returned Guangzhou, China, as the supposed location based on the
>> server's IPv6 address.
>
> A bit off-topic but after updating the client to 0.3.0.10 I noticed that
> torstatus.rueckgr.at some times reports US based exits which are excluded
> by my config (ExcludeExitNodes {US}).
Different GeoIP sources have different country allocations.
Also, this option only blocks exit nodes with ORPort addresses in the US.
For example, I run an exit in Canada, where some addresses were allocated
from an Canadian block, and others were allocated from a US block. So if
I wanted to, I could ORPort on a Canadian address, and Exit on a US one.
> Not a big deal for me but GeoIP
> manupulation is a potential attack vector to reveal identities of people
> who try to avoid certain countries.
Behaving differently to most tor clients has always been a
fingerprinting vector.
We need more research on how to exclude some nodes for some users
safely. (It might not even be possible to do it safely.)
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
Attachment:
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays