[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Would you place your secrets or in worst case make your life

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Would you place your secrets or in worst case make your life
From: zwiebeln <zwiebeln@xxxxxxxxx>
Date: Mon, 17 Feb 2020 13:43:44 +0100
Autocrypt: addr=zwiebeln@xxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFgPyysBEACodr9PSVwuC90OY5Y/v3AdCSH1tH1cfweJaqqUGWcDn/wI6wdfdLJcvBWi 3sRIe39QHKOlox9sYuhMB4MlwgFpcJNsfcObHfBonNLaWjlonYZnGRNWS6kVHJ8kyLgWxfA2 D3+8yuCp/C3M+f3JW7JfXvP15wvr0q83RTrQyW6D173XnQNPkqpkONa+uTHsqhv/qbBvNdsy O7dQ/MsrffVFOt/qIcEpIPVgkh3oiKWl6mK2Qj0GcOiJgGv08DbkriEZ3bokFA3TtjPMdhb8 xHvw5x1om3DuLTdJhrSO6dcQfIMkdQbMn0hec93pQzGm3qFcwOwEEagqwSMtUifNIbZP8ERW mEfg4l9JDDJIsy0LeMfipW0lqSLtqIhJlaf6pFpt0VSZATkWehW4zIUNqaDwy4pneMIfWXRl glaH+O5CrhcpjzNUP042EPQf4ZPNzZepD3WtAJQA+ZGL2xMtwI0PUM126IG3e639CaGorDR8 Ba3lMHVwGh84L9mtMobSaz4vbxH96nigWQ/el7fDnyLwjc+Lkv7wyu4Gu8oSCmz2yMIk522w iB8Wj8zzzwarBY60erxG5h6YDgk6o80ZQT7gweyfaJk3Z25iO2mIjWVSp/PPfrFZwwry+vox fzsJaEbPoQtg/1wUIlhhVXvUlpGyW2eQL3GaMC0Iji6DTeebbwARAQABtB16d2llYmVsbiA8 endpZWJlbG5Ab25saW5lLmRlPokCQAQTAQgAKgIbIwUJCWYBgAULCQgHAgYVCAkKCwIEFgID AQIeAQIXgAUCWSBSxgIZAQAKCRCjYCs+ytvWwpphEACmLaxYfIfKf5Xh9sHWS2/S8796rZ+v YqbJ0BSdYb3SH0nwrBXbV8t7G+poLf0uElBue1QjOF2SDaeZKBCudu6cvbjOxpF0XXE1YEqA RMr4a1Qt4hbYUpFO76eEHrCMa6M6Gf6nbSWytRZolRgDmfMvRPY4keJm0zhI1wR+HCb2KR96 7ABCRx5/FWVebF85HEH1pwC5CyriFtCK04A2kajgcx2Z1hzc1A7TLi+2mKiL7spMxWtP2afi 0AIs1k+pEreesV3oA0Dw7Y7CTrVP2muJgJgOKtbbl+UMOMvLNUFjksRHt6c22hZJdrTBbFqa HnKfRGWKnC7jgkIfKQMyg1muTNjE2Xex9kW9t3kB2x9/RwHjOWWYzP74ZS3maLrgstRY0m7g TFnFzEf9MiecuP7xrHeEtd/2RGFwgDY7JawEO7zhID2UrVFgORJ0BC4ScPB3rLR/uTqna6tW Gi1ZgBhBhkpuQxaMqYYiW3cW+QE+aWtZX/Pf56hI+xPIe7j7ejLQXgtZXjp+D/W0zYiD8dHe OvabykzmVZeo2FLjuR3VeKX8hnNabHhg06Y20uzcdOllnI4b/pg7asel9s14ZvV+OzI+vLaX /TyvElNfDqlh9dkFe2T6112q9YMKY2jV0omEEvF9Azhq6p9DC4z8qmLvwYr8Qsufcjc+BW2j hhL/ILkCDQRYD8srARAAxZGBP6ixaEadGtwxwI8VG775/pAiAaqojKFdxeOCb7MnYc8dD2ey FKm0fYpo7NK+cnNnIiTVixkWG4F2wYkS193O54D3zLJISacq3Zg4+demA05WMbQBxpzvOoeZ weOGYUTQw/MDTOB8OTftcNpoRrW11mJg6g9V7MOMBqCx+jwxDO5EJKHwzXiuJYMD38Q2JuZ0 GXp1+9lhkyMnucVeEVE6w5/9aJEPiZbKy3vwWEdjDCHMfA7MlQYr4H0oYKoxlU97+7LPlQvd jwCZRHRzVvBvhmUZZ+KJnN7ghuctojteEcgaLTPC9M7tJmAERf+thNlIksus7FhtkE/4+MJG uMmbkG7EIZ36vXp2+Sb1CjhAdLfRDeVxkHOyyZJvxVIYBXr4GJzgWaV29w/1kOwJqyWoiQIo GhWQQakErKlF/CIYa2fJeQoIerKSnWSoQJEK6uZEM/yuBwKtuOFJjyunDSF0rObkpBOIf+9J mCEv4KPsmkk+gyyyFpRxPm4sE8iy/dAHI8uOQwKPPwPR0BcI29tK74ziVueAs+rue7chcKXL /RQABm62jS/u2gijum+u4BRPXIFK0tpk0TE0TVVCHGrhwqiQdsgzuQ7cRsvrqZixvfTYmOyT WCGLiFKD+L7Tj9BKbCvVktHXJcCoCVa8Aekgc4gHS/e3E0uClovnRfUAEQEAAYkCJQQYAQgA DwUCWA/LKwIbDAUJCWYBgAAKCRCjYCs+ytvWwo6VD/wN2RQ4eCsP1WT/8jXy9Gnz8gluGhMO tM9XCcC3IRlsFu8z441Thf1TxZ1ONT07HmNGw7AbIZCRkLj+gwR65XlGdv4R0S++RMaaL2ec bNB0w6QW26LHmE2JX+NK2ZNZPmEg3E8SN9HPkeeO4HgfX9HjXlGYUs36rrFi5q9UZoFTiHj1 jtm0ZB+oY4agPy3mAK+niPwcdqQSKjnCqkjHKNjs9jACgGgjq7kAVUgaFKh4plBZPsY7QdQF SARmlkaW+zZbll3r1x2JVvZJ1ZERkJCGRdtrI9hk7hJaBz2fpIpMwNdqVNmBbN5noLmSGf6s uSTglEE1T3VxQRVoCzo8qL+1ex83Fs1MCY8Qleodux/p+Yvzl0Zk+6Xcf8NYA0uyqRjRPGC2 G0atkSJppoFL0JrdRvGUmLNMh0yeGMR9w7nvXMzcyQw9Gm8hLnZlVdYXfoVnb+qVKcI2566u uv4/mVZzqms3l+35D1x4OJRRRI2/MiAyt/L3NRgx2EkNbm/OM32WroBatdhdINo1CXrI/QSb RWcYc1tuOSoMeejaKHQAiehLWVNfpSN2gwehUC6dOWckLuegdobpxUspV3nqkrEa8UwYbL+6 Lc4dfB0KIy5D7NoDP3ghjF+Eb0Kd2UsLHQXQN8OyjECt9bEUmWAYXajbdNxwWP+pNyqSwRi/ uL3SIw==
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 17 Feb 2020 09:50:17 -0500
In-reply-to: <467C8714-D7D7-4AF9-8D29-71672750842B@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <49801e01-8261-d006-747f-99e3bfe34f45@online.de> <467C8714-D7D7-4AF9-8D29-71672750842B@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2

There is only a small path between moderation and censorship – to get my message released after four days is close to…

Your answer Theo is rather technical and doesn't apply really on the underlying question: 

„Would you place your secrets or in worst case make your life depended on a network that is 21 percent controlled by a single person that you don't know?“

Your assumption: „But ultimately, if we doubled tor's exit bandwidth, this issue would go away. That's the best solution to this problem.“ - is wrong. The Exit only https://metrics.torproject.org/bandwidth-flags.html?start=2017-11-19&end=2020-02-17 has more than doubled in the last two years – while the exit probability of this single person decupled. 

„Perhaps you could run more relays?“ - I am with the project now for more than three years an do run a exit probability somewhere close to 2 percent, that i don't like to increase, because i think it is a more than healthy fraction for a singe person – so why do you insinuate, my question is not in a „good faith“?

I hope more people do come on board of this discussion now!

Paul

On 17.02.20 02:53, teor wrote:
> Hi,
> 
> A quick reminder to everyone on this list: this list is moderated.
> Please keep your replies helpful and on topic.
> 
>> On 13 Feb 2020, at 22:05, zwiebeln <zwiebeln@xxxxxxxxx> wrote:
>>
>> depended on a network that is 21 percent controlled by a single person
>> that you don't know?
>>
>> https://nusenu.github.io/OrNetStats/allexitfamilies
>>
>> I think we should start an open debate on that fact, best ending up with
>> giving some recommendations. I am sure that question is relevant to
>> torproject.org as well.
> 
> We've had similar questions a few times on this list.
> 
> The most common answer is:
> 
> "Let's encourage people to run more relays."
> 
> Perhaps you could run more relays?
> Or ask for help improving your consensus weight?
> 
> The operator of those relays is on this list, asks questions, and
> responds to emails. They've been helpful in the past.
> 
> So please ask questions in a way that assumes good faith:
> https://en.wikipedia.org/wiki/Good_faith
> You'll be more likely to get a helpful answer.
> 
> It's also important to keep network risks in perspective:
> * 99% of relays run Linux, and a significant number of those are Debian
>   (or Ubuntu, or other derivatives)
>   https://metrics.torproject.org/platforms.html
> * there is 1 bridge authority (100%), 6 bandwidth authorities (17%),
>   and 9 directory authorities (11%)
>   * the consensus algorithm tries to limit the risks of one directory
>     authority influencing large parts of the tor network, and manual
>     bridge distribution limits the impact of the bridge authority
> * the largest ASes have:
>   * 23% of guards and 22% of middles (Hetzner)
>   * 16% of guards and 12% of middles (OVH)
>   * 10% if guards (Online)
>   * 20% of exits  (J P McQ)
>   https://metrics.torproject.org/rs.html#aggregate/as
> 
> So it's not really helpful to single out a particular operator or
> network.
> 
> As far as I recall, the most widespread security issue that's happened
> to the network was the Debian OpenSSL bug:
> https://www.debian.org/security/key-rollover/
> 
> There are all kinds of risks that happen when a large part of the
> network has a similar setup:
> * relay operator compromise
> * AS operator compromise
> * platform compromise
> * observation of traffic via common network infrastructure
> * network availability
> * poor performance
> * poor bandwidth weights
> 
> Tor relay consensus weights are determined by the bandwidth
> authorities, so we might also be seeing:
> * a bug in the bandwidth authority software (sbws or Torflow), or
> * a majority of bandwidth authorities configured in a way that
>   concentrates bandwidth in particular areas.
> 
> I've opened a ticket in sbws to track this issue:
> https://trac.torproject.org/projects/tor/ticket/33350
> (Torflow is unmaintained, and we're planning to completely replace it
> with sbws in 2020 or 2021.)
> 
> I'll also ask our new Network Health team to consider the risk of
> large operators and large ASes. Hopefully they can recommend some
> changes to the bandwidth authorities (or sbws maintainers).
> 
> But ultimately, if we doubled tor's exit bandwidth, this issue would
> go away. That's the best solution to this problem.
> 
> Again, please keep your replies helpful and on topic.
> 
> T
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Would you place your secrets or in worst case make your life
  - From: Michael Gerstacker

References:
- [tor-relays] Would you place your secrets or in worst case make your life
  - From: zwiebeln
- Re: [tor-relays] Would you place your secrets or in worst case make your life
  - From: teor

Prev by Author: Re: [tor-relays] Bridge on Raspberry Pi Zero
Next by Author: [tor-relays] Would you place your secrets or in worst case make your life
Previous by thread: Re: [tor-relays] Would you place your secrets or in worst case make your life
Next by thread: Re: [tor-relays] Would you place your secrets or in worst case make your life
Index(es):
- Author
- Thread