[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor related talks @ rC3



Georg Koppen:
> Georg Koppen:
>> Hello!
>>
>> nusenu:
>>> in chronological order:
>>>
>>> ------------------------------------------------------
>>>
>>> title: Towards a more Trustworthy Tor Network
>>>
>>> when: 2021-12-28, 17:00 CET
>>> where: https://streaming.media.ccc.de/rc3/csh
>>>
>>> primary target audience:
>>> - Tor user
>>> - Tor relay operators
>>> - onion service operators
>>> - and everyone that cares about Tor
>>
>> Thanks for the talk. While watching it yesterday I saw on the KAX17
>> timeline that the attacker "attempts to restore their foothold" after
>> they got kicked out of the network. Could you please send the
>> fingerprints of their new relays to the bad-relays mailing list so we
>> can get them eventually rejected and provide a safer Tor experience
>> for all of our users?
>>
>> Somewhat related I was wondering about what happened to the BTCMITM20
>> attacker. The image with the exit fraction and concurrently running
>> malicious relays graphs seems to be claiming that never all of their
>> relays were gone and the number is in fact growing again starting
>> around mid-March 2021. Are there still relays from them running on the
>> network? If so, please send their fingerprints to the bad-relays
>> mailing list, too, so we can get those relays removed.
>
> Bumping this thread to be sure it does not fall through the cracks and
> we get all remaining relays kicked out in case there are any left. (We
> have not received any fingerprints so far on the bad-relays@ list)

I am not in the mood of pinging this thread any further. We did not get any fingerprints sent over nor any clarification so far either. Thus, it seems no known attackers belonging to those two groups are currently on the network anymore, which is good news.

Just as a general reminder (not just for nusenu but anyone else wanting to help us as well in hunting bad relays): for the sake of our users, please report all your findings to the bad-relays mailing list[1]. It's only the bad-relay team who can get malicious relays kicked out of the network. Keeping that information away from us and using some ExcludeNodes hacks instead is *not* the way to go for, if the safety of our users and the safety of our network is your goal.

Georg

[1] https://community.torproject.org/relay/community-resources/bad-relays/

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays