[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] I bumped out some more bad relays

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] I bumped out some more bad relays
From: Croax <croax@xxxxxxxxx>
Date: Sat, 31 Oct 2020 09:37:38 +0100
Authentication-results: garm.ovh; auth=pass (GARM-100R003b641f7c5-2001-4687-8c54-8f937c11dd05, 451BFCDAD9DD3AD9AD49A86D168BABD3070F90E0) smtp.auth=croax@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 31 Oct 2020 04:49:15 -0400
In-reply-to: <20201031030534.GH2718@moria.seul.org>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <20201031030534.GH2718@moria.seul.org>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Evolution 3.38.1

Hi all

On Fri, 2020-10-30 at 23:05 -0400, Roger Dingledine wrote:

I spent some time this week refining a new exit scanner, and today we
pushed some new reject rules to kick out some relays that we confirmed
were running mitmproxy to do more sslstrips.

Good. Does this mean it will be check and bumped more regularly?

I see that lots of relays are running for more than one month from now.

Expect some upcoming next steps that aim to change the fundamental arms
race, including experiments to use https by default in Tor Browser, either
via HTTPS Everywhere's "Encrypt All Sites Eligible" option (you can turn
that on right now) or via Firefox's upcoming built-in version of the idea:
https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/19850

Yes. From the browser perspective, HTTPS should be enforced whatever the context. We may blame final Tor users or website administors for not following security guidance (eg. HSTS preload) but in the end it is the Tor user privacy that is compromised. This is lasting for months and could have been easily prevented. This game of cat and mouse is not good for Tor reputation.

Thanks

--

Croax

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] I bumped out some more bad relays
  - From: Roger Dingledine

References:
- [tor-relays] I bumped out some more bad relays
  - From: Roger Dingledine

Prev by Author: Re: [tor-relays] ContactInfo Spec Version 2 is released
Next by Author: Re: [tor-relays] Network Performance Experiment - KISTSchedRunInterval - October 2020
Previous by thread: Re: [tor-relays] I bumped out some more bad relays
Next by thread: Re: [tor-relays] I bumped out some more bad relays
Index(es):
- Author
- Thread