[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
From: nusenu <nusenu-lists@xxxxxxxxxx>
Date: Mon, 6 Jul 2020 22:54:09 +0200
Autocrypt: addr=nusenu-lists@xxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFj53gUBEADYKwT0pW1yiqt6UReZW8T2nXVCyeVT2G6z7AvW69afp82uthRH237pQ7Qs 5vq91DivN6fGN6cVksp0N9Yv+5HEQAwUxpLfcNDcGzmHMd0JMItEtozGv3a4FuiUoHAqeGXM 6Kzi3v5F2PZGF+U4QaGKEZq6u50gO/ZFy4GfC9z9tsO6Cm7s7KldVHMGx/a0MEGMwh6ZI9x2 hGXSSAKu58KRUkEpHzDiQTj+/j58ndNfZRQv6P5BLppHADRPqwEOm4RQcQYskyM0FdKXbJ8E 5GW268meflfv2BASsl3X/Xqxp+LNrstXIbFZ+38hVlQDDmdvaASpPTzIAxf8FxMYZqI+K1UE kP5nU45q84KiZoXwT6YYJDKToLSDnYkKlsrCSnLkE3Nb/IexgNoYO4nE6lT9BDV3athQCWw1 FwB5idRYWnIqbVgUFgYZDUdZBJmeTEeI+Wn5hFz6HvFVc/+haMVTcoEKSkG/tsSGsKOc2mp6 z+71io9JWrVQGmw7OeZeE4TvkF9GhwS8jrKO4E0crfcT/zT6368PZCO6Wpir8+po/ZfOWbbh 1hi3MxmXn4Fki55Zrvhy3sf28U+H/nByQV4CssYv/xVhIZsN/wNQLcDLgVs4JTBUik8eQR0Y Qrq9lG3ZVtbpEi7ZTJ6BOGIn2TKHsVIVGSQA0PdKpKYV45Lc4QARAQABtCBudXNlbnUgPG51 c2VudS1saXN0c0ByaXNldXAubmV0PokCVAQTAQgAPgIbAwULCQgHAgYVCAkKCwIEFgIDAQIe AQIXgBYhBJaQzx+7tCmFlU3yu61hOMJFzUJ+BQJevydnBQkGspdiAAoJEK1hOMJFzUJ+oh4P /R+cSCszon9qrG2JaUSEaDVOTTJ8idR7Q2QEzumD9QCmvBxxZaSd/l53Koebm6Y6DQ3/bw3D +SSy6vwvpWBpBMBI0MGDvNLUUUgW8FlPxOXYkPItdvjbLYcEjYCyOOXB63b2OUx3KAdPScwI FIvm2QAwILQf2BwrNglWoDVH9HKBGp8nkQg2co08/HxkJ/19CkXpEa3CGCV7yo059bIJr7+S OLxKlLiyzDRK7dyIN/wL+ZJwBORzQ7F8JiHGzIK5XAMeDe4ehnLDd1AaTvTDPGlaUlrFxvQd FjPCZXVWH1QFCWLveZI2cCkPW2Nbv0FtuqWhSyFpNX+Fyo46JDw2VqIdNmLdm1lxYnxNBLzp aefgzU6yYyPy1u5mAjm5llqzNpNmxbVyGSeBRbxXiR7RmP2PKiiQds2OmXhMa/fcEc2l4i63 lEOquOfnBbTmw5p8fdTeE4aIgv6eVR1O1sL+ZWQaqxR8ssfYIehYoxzMkLwDPyWfjLEK2rg9 ujH+3rHAraHYggcDgvsPNRQ7tM0iLtFB+/g5GbPQsRutZR4oxTujwglp+4BdFZZQZmR2ONSk g/k01IMToD/mDWP9KQQ5qqAO+97rsBoJAES40JxEV6PtHA55kUglGYdLV39CV0Iq6B9OF7jC dezf7e+LVK9NHpmxkQ1cxGv1KE2ElLTBLHfFuQINBFj53gUBEADAlnpTtRPy4HVYJ8srcA5H VZr1vM4CCGVNHhZdscHhqNAobv8XO5331ufAPRXf8A5XP9JsYPId77scy93UDQuXg2DIfo6n FjvA7AJcBhMBtxcukzt4pOOOxv0D1cbcVwga+NzLvo6Rp7CqGIAFpKGVK0Rhw+RG6wdm55xe 0Kd8KMkqKFT+SKdakE72BjpKsXYoULBp5LivftutdD3Ly7LeBnXrxAW4hrkAp8vSvlg3eThK 01IDanln+m59Zcw3cHTdAL7d+Kt6LPd2KeUcrpeNRbyhZJ03EmF7FP+VTD56mKw25ZNCu7Ls 8P4d6iFgZeqOCCY9SJZzXvVJ7BvZ/wcIdWIcx57xBeqj8tJGRhWu2zHQdRIwqxVA6Zr+7YHL Te5yugiRAlBB+pfdikrWLcSlQ7YvT+YTxSkG9SbW+uy3ngQXKbi1g0lOP2t5V98UqHZxzOY9 U3mjy/dGt1MX3qYa1xv0QlsZXjbvtkQupSym+IQFfKepTfJnjwmEhYePbb+FrpN4GlqlhkM4 nyV4953wTfgn8ZgTZheXrkuGlcAq9bM7cqIHIYzKxv0uLrOpn38FhC2DkIDpDw6jukHEriKI MfcZfZa/KaYuho4Gk5ohh28qvf19qMSbN9uDtN1kpfGqnYoOtvDu9QksPKuY9anEfKEoci3O iLVjn3DNhKreHQARAQABiQI8BBgBCAAmAhsMFiEElpDPH7u0KYWVTfK7rWE4wkXNQn4FAl6/ J2sFCQayl2YACgkQrWE4wkXNQn5+RhAAkdSze4EXa+GHsdKqv+JSIgpflI0uT5SDxycGUyL2 p76AuHl7+P/tQK+4gzV0eRpdCuDfYI8BTDmaBXSA+acNofrhWtYC4VcgsxeqNjTzBJXCTgb+ /Y8ba0Z0ggDEfsH4TSOnt6yYLheVxy6OYddghg/woPnCiImz/Y7fhSiCRugG1N/+5euCevuy wWSmMLUuqGAxN9MHE2NUsWJMFdFRFT2jdFMusk+T+rwr2OB2bu7Vma0uweu2nG2lHB1QYUu5 llQXbkUPy9z5SUXvTWZQkMbeQigrAXpfO7Jov++TAelNAPY0hZQQ9Ou8wrLvZA7fLNB6Apgu Pdi2l9OkRMROsMNYuh0h2oQ6KCXx50HQ5sbaceFRkzk8g0KphPrLOsL2jZEk4nNdZxoL3nW9 2zWJfRbq8LfJktO4UP1MwIBrnoM9aj2ooBf8Vn0VKaacfJrd2iWjktDDOJigWIUEBCvJoxkF x5IFj8igcHVQgZumYqgg1FOF3vSozDAskASuqdb8Cv5mkfd+3KXYGEAHgW7hOJhJwBWwx0UC v+bXsPEQJsJ+atq5k4/Dox7sNdUxoaGSv3NmK+4uvmEdbIT/zGl1rTtHnfot8yEULF7Em2ia /qG+Sp2fbPeSxeHUqhLTu1jComXEZv59HnNhlcJeAxKFXoiAFCFV4XbKdVG2bKh434c=
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 06 Jul 2020 16:54:40 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1594068868; bh=UuTj4O67eV1v8s/7fq4YhanhSu+CZp9Nr5LWIt822hY=; h=To:References:From:Subject:Date:In-Reply-To:From; b=lZB1p0oFnMy7PmPo57acHBiM5hk7x/8BQmMQmUYxwZHRYB/pQadxouI9rERi7l1Un U2FSRYuJHZCgy8zjr7J6NrAStyMwcAMNoj/AbgROOOFgFYh4oRDPW6XgB/YCfYhGFW FfmxcdQqz90KQ1Z7BV+OFoaRJ0zqgeYWq5UHh+mo=
In-reply-to: <202007052335.065NZ19u028239@sdf.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <cff8da7f-36bb-a987-f30e-aa93d3444399@riseup.net> <CA+CX+bh4ohS+KYYN8o6VgZr39eXBohW9Hay2we1bG+GQPASszQ@mail.gmail.com> <a4c062f0-2adc-b4e7-1a8e-6d721a42ffb3@riseup.net> <202007052335.065NZ19u028239@sdf.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Scott Bennett:
> Your proposed method of delaying the problem would impose a labor burden
> on the tor project as well 

If we assume that malicious relay activity is impacted I'd assume that the time saved 
using the proposal might as well outweight the time spend on bad-relays@

After implementation the proposal does not require resources from The Torproject 
besides publishing of the registry.


> Why would
> an automated solution not work? 

I believe the email verification can be automated completely. 
Also the mailing of letters can be automated but if - let's say 10  - letters/year are send
I'm not sure it is worth it.

> That would be a fast reaction and would not depend
> upon multiple human actions. 

There is no human interaction involved in the proposal to enforce a cap. The cap would be "on by default"
and lifted after verification is passed.

> You might also implement a "repeat offender"
> policy, whereby if the authorities lifted a relay's Exit flag more than n times
> within a month, a BadExit flag would be applied in addition, which then (and
> only then) would require the operator to contact the tor project about it.

Malicious actors usually come back with new relays (new keys, new IPs)
after they got cough. 


-- 
https://mastodon.social/@nusenu

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
  - From: nusenu
- Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
  - From: Pascal Terjan
- Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
  - From: nusenu
- Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
  - From: Scott Bennett

Prev by Author: [tor-relays] generating graphs of "attributable" operators using ContactInfo/verifyurl
Next by Author: Re: [tor-relays] Call for Testing - New Feature: Relay IPv6 Address Discovery
Previous by thread: Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
Next by thread: Re: [tor-relays] >23% Tor exit relay capacity found to be malicious - call for support for proposal to limit large scale attacks
Index(es):
- Author
- Thread