[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] e@torworld tor relays: please specify 'MyFamily' in your torrc



Dear bad-relays,

Would you consider banning the following Exits / Guards?

They have an incorrect ContactInfo, which uses the domain of a
legitimate relay operator, torworld.org. This may be an attempt to
evade automated sybil analysis, as may their variant ContactInfos.

They also don't have MyFamily set, which allows them to collect Guard
and Exit traffic from the same clients.

38FCC78FA24743674B902018708656144B1F2C9C Endymion e @ torworld.org - 187SRPJHhgJe1ZtdN68wA7Fah8zyWFooii
7088D485934E8A403B81531F8C90BDC75FA43C98 Basil e @ torworld.org
539FE1D1E6118F4807AB24EDE6E8055BE34F4F5E SurfingAOL e@xxxxxxxxxxxx
3D512D9ACD9A6056ED6EA20C46406FA5A6788321 Gigi e [at] torworld.org
1E1FF55109A19DE6442F80FF7901D7FBB6E241FA LOLHillary e AT TorWorld.org
0966A24977A0B0DB62546C6F18F9578D97FE86F0 Cajun e [AT] torworld.org

Details below:

> On 19 Jan 2017, at 08:44, Paul <pa011@xxxxxx> wrote:
> 
> I recently got this answer from "torworld.org" -see below.
> 
> They told me that a relay https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321 with contact "e @torworld" is not operated by them.
> 
> As nusenu showed at the end of the message some days ago somebody with a similar contact address was running 5 at the time, currently 6 relays.
> 
> Some questions I like to ask:
> 
> Why is somebody running relays with the contact domain of another party?
> 
> Is there a way that mails ever reach e@xxxxxxxxxxxx?
> 
> Why not giving a correct MyFamily set-up when running 6 relays?
> 
> 5 of 6 relays have a Guard status - let me remind on a recent discussion "How can we trust the guards?" ?
> 
> Regards Paul
> 
> 
> 
> -------- Weitergeleitete Nachricht --------
> Return-Path: 	<abuse@xxxxxxxxxxxx>
> 
> Subject: 	Re: [tor-relays] 'MyFamily' .... torworld.org
> To: 	pa011 <pa011@xxxxxx>
> From: 	Abuse TorWorld <abuse@xxxxxxxxxxxx>
> Date: 	Thu, 12 Jan 2017 10:54:58 -0800
> 
> 
> 
> Hello,
> 
> This Exit node is not affiliated with us.
> 
> "https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321";
> 
> All the nodes we'll operate will have this "abuse [AT] torworld.org - BTC 17iwdtpmgHdPt15twdT2sUcdeKgz9PTNMQ" In their contact info area, and when the website is back up. You can check to see a list of current Tor nodes we operate etc.
> 
> As for the MyFamily for the Guard/Middle nodes; Lunar operates/runs those.
> So you'll have to get in contact with him if you want to talk about his MyFamily setup.
> 
> 
> Take care,
> 
> 
> 
> On 1/10/2017 1:16 PM, pa011 wrote:
>> 
>> Am 10.01.2017 um 21:01 schrieb nusenu:
>>> 
>>> pa011:
>>>> Could you explain please why names like torworld.org, torservers.net,
>>>> online de, etc. are not aggregated in one position on
>>>> https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt
>>> 
>>> https://github.com/ornetstats/stats writes:
>>>> Relays are aggregated based on effective families.
>>> So they are not setting MyFamily properly or someone else is using their
>>> contactInfo.
>>> 
>>> Maybe I should rename the files to main_..._families.txt
>> Better would be a warning:  Family currently worth nothing !!
>> 
>> 
>> torservers.net: https://atlas.torproject.org/#details/ABF7FBF389C9A747938B639B20E80620B460B2A9 -> no one of the given family is blue, so yes the family seems wrong
>> 
>> 
>> zwiebeln online de: https://atlas.torproject.org/#details/0E2773CF5609FD7FA52837E53DF4B0D47F0D15B7 -> all the family members are blue, counting 27 , which is slightly more than your 2 lines added together this morning
>> 
>> 
>> torworld.org : https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321 -> currently 12 big Exits - no Family given at all at https://torstatus.rueckgr.at/index.php
> 
> 
> Am 15.01.2017 um 01:02 schrieb nusenu:
>> Hi e AT torworld.org,
>> 
>> thanks for running 5 relays!
>> 
>> Please do not forget to set the MyFamily parameter in your torrc
>> configuration to tell clients your relays belong to a single operator.
>> 
>> If you need help with the MyFamily option let us know.
>> 
>> thanks,
>> nusenu
>> https://github.com/nusenu/ansible-relayor
>> 
>> +---------------------+------------+------+----------------+
>> | contact             | nickname   | exit | eMyFamilyCount |
>> +---------------------+------------+------+----------------+
>> | e @ torworld.org    | Basil      |    1 |           NULL |
>> | e AT TorWorld.org   | LOLHillary |    1 |           NULL |
>> | e [AT] torworld.org | Cajun      |    0 |           NULL |
>> | e [at] torworld.org | Gigi       |    1 |           NULL |
>> | e@xxxxxxxxxxxx      | SurfingAOL |    1 |           NULL |
>> +---------------------+------------+------+----------------+
>> 
>> https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt
>> 
> 
>> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------



Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays