[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] 4 of Conrad Rockenhaus trial servers are in the top ten exit relays for Canada



> 
> Thank you for your reply. I can now see that 4 big + 1 small (or 5 big) providers is definitely better than only 4 big ones for diversity, but it leads to another diversity question which needs some background:

> For a while, earlier this year during the spectre / meltdown vulnerability commotion I ran a couple of relays in VM's using Amazon Web Services (AWS). I was confident in the knowledge that the AWS provided kernels / VM's switched to the spectre mitigation measures. Sure they slowed down a bit for a while, but they speeded up again when after AWS tweaked it a little. Because I know my VM's were using the mitigation I know other VM's can't spy on the tor traffic & what ever encryption keys happens to been in the VM's memory at that time (the really paranoid can supply their own kernel / boot image to run).

All major operating systems provided mitigation/and or patches to correct this vulnerability. Just because you were using Amazon Linux doesn’t mean that Amazon did anything special. All the major Linux distributions had mitigation measures and/or patches, as well as FreeBSD. If you had automatic updated turned on for your respective OS they were brought online automatically, but most people I know don’t have automatic updates turned on because they like being able to control when updates are installed. There’s nothing special about what AWS does that major OS distributions aren’t doing already.

Plus, I’m sorry, but I don’t consider CPU meltdown attacks are great in theory and all, but your greatest threat is always going to be password compromise, social engineering, or something of that sort. It’s the small stuff that typically matters more than some major thing that looks like the end of the world on paper.


> My VM's were probably running in a rack containing hardware that also runs websites, web applications, corporate cloud email and backup systems the list could go on, but it importantly it is about diversity.
> 

So are mine. I don’t just provide Tor related services.w

> If one person were to run a hardware rack full of VM's that ALL run tor - that is a prime target for, for example, some spying government or international hacker group. For an admittedly far fetched example, some government can fly in, flash a court warrant to an underpaid security guard and do whatever they want to the rack, and then ALL the tor relays that are hosted there are compromised. Yes thats unlikely to happen but its still a risk.
> 

Who said they all run Tor? You’re just making an assumption here. There’s a variety of services that are ran, in fact, I host a high traffic website within the same rack; it was the excess capacity from that project that led to the donation driven project that is Greypony. The Government can do this anyway, and they’ve raided places before, even places that were running operations other than Tor at that location. It could be one server or 100 servers, if there’s governmental interest, the government will use their means to get into that server, It’s not exactly the best example.

> I am interested to hear your opinion on the diversity question of - How does having many relays in one place not damage diversity, even if they are connected to different networks / AS's are are technically controlled by different people.

I’m interested in how that damages any sort of diversity, other than the fact that you have a concentrated number of relays in one location, which has been going on for a long time, prior to GreyPony putting up high bandwidth relays. People only started having concerns when Greypony came along with our high bandwidth relays, even though we have significant technical safeguards in place to prevent snooping of traffic (especially within our rack) or obtaining any discernible data off of the drives, which are encrypted. (Some of our users encrypt their data data on top of that as well, so, anyway.) You need to really look at the definition of diversity, because it seems according to you, I could setup a new datacenter that no existing tor services exist in and that would be damaging to Tor’s diversity for some reason…..which a significant amount of people would disagree.

> 
> Again I want to point out what you are doing is good - I apologise if I appear to be "trolling" you, I am genuinely interested in learning the technical pro's and con's relating to this topic.

I don’t consider this trolling, but this is the real world. There normally isn’t a huge grand conspiracy and someone’s not out there waiting to melt processors. It’s all fun to discuss in theory, but in the end, that’s not what’s happening in the real world.

Conrad

> 
> Thanks again,
> 
> Gary.
> 
> On Sun, 2 Sep 2018 at 02:26, Conrad Rockenhaus <conrad@xxxxxxxxxxxxxx> wrote:
> Gary,
> 
> It’s bad in the same way it’s bad as the other numerous other exit relays that run under the OVH umbrella. I am not my own independent upstream and run my servers at a colocation facility at OVH. I also plan on running my servers at a colocation facility at another location for AS-diversity purposes but donations aren’t enough to cover all of the bills to be honest, but I’m partnering up with a fellow Texan and we’ll make sure this nonprofit grows at the rate needed to support diversity.
> 
> But if you ignore the emails sounding alarm about this or that, you should realize - Greypony is no different than Hetzner, OVH, or DigitialOcrean - which rank in the top 5 of the Tor relay providers by size and bandwidth, by node count, AS, and bandwidth. Someone should ask those providers the exact same thing, because they’re setup just like me - I don’t have root access to a customer’s server - they don’t have access.
> 
> I’m actually a little drop in the big bucket But I’ve been trying to promote diversity through the use of other providers.
> 
> Thanks,
> 
> Conrad
> 
> > On Sep 1, 2018, at 6:53 AM, Gary <jaffacakemonster53@xxxxxxxxx> wrote:
> >
> > Conrad,
> >
> > I have been following this thread and would be grateful if you could clear up some confusion for me.
> >
> > Firstly, I am not 1337 haxorz, I dont have a technical profession. However I do believe in tor and anything that can increase the number of relays is good. You are donating your time and resources freely to tor for the benefit of everyone. You have helped me, others on this list, as well as countless others contribute to the Tor Project.
> >
> > All these large relays that you are managing - surely this is bad in terms of AS diversity? One user / network provider shouldn't have a large control over the network.
> >
> > My question:
> >
> > Is there anyway that these relays can be added to the network in such a way that does not damage diversity?
> >
> > Dont get me wrong - I believe in what you do. If these relays are been added without damaging diversity then I apologise for my misunderstanding of the topic.
> >
> > Thanks,
> >
> > Gary
> >
> > On Sat, 1 Sep 2018 at 00:12, Conrad Rockenhaus <conrad@xxxxxxxxxxxxxx> wrote:
> > Hi teor,
> >
> > It seems the criticism originated from one guy (Ralph) and one troll who bravely refuses to identify himself.
> >
> > You want me to stop talking about even the cool things we’re accomplishing thing (like pumping lots of ultra fast bandwidth into the community) because of these two, perhaps one yahoos?
> >
> > Thanks,
> >
> > Conrad
> >
> > On Tue, Aug 28, 2018 at 11:37 PM teor <teor@xxxxxxxxxx> wrote:
> > Hi Conrad (and staff and operators),
> >
> > > On 28 Aug 2018, at 22:16, Conrad Rockenhaus <conrad@xxxxxxxxxxxxxx> wrote:
> > >
> > >>
> > >> On Aug 27, 2018, at 8:02 PM, Jordan <jordan@xxxxxxx> wrote:
> > >>
> > >>> ...
> > >>> The research in this paper (https://www.freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf) is becoming more relevent and is worth discussing as more ISPs come out with the goal of hosting lots and lots of exit relays.
> > >>
> > >> ...
> > >> I have the utmost belief your intentions are good, but the concentration of exits under a non-advertised central control warrants conversation, at least.
> > >>
> > >> If the end goal is turning $ into relays, not all paths are paved with equal mind to security and it might be worth considering donation-backed alternatives.
> > >
> > > Actually, Jordan, I appreciate your input, but Greypony is technically operating as a nonprofit organization right now. We’re completing the paperwork to be considered an official nonprofit. We allow people to operate their own relay, on their own HVM instance (which we don’t have access to) for a donation of $15/month for a basic model A instance.
> > >
> > > They’re totally separately and independently operated relays. We don’t tell them how to operate their relays. We provide support, we provide suggestions, but we don’t operate it for them, we don’t install anything for them, and we’re completely hands off unless they need support with something. Our job is to provide the instance and the bandwidth.
> >
> > This is the 5th list post in the last few weeks describing Greypony IT's
> > services, operators, or relays.
> >
> > There have also been several critical posts.
> >
> > Please take a break from promoting or criticising Greypony on this list
> > until at least October 2018.
> >
> > If you feel the need to respond, please use another platform.
> >
> > Thanks
> >
> > T
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> > --
> > Conrad Rockenhaus
> > https://www.rockenhaus.com
> > ------
> > Get started with GreyPony Anonymization Today!
> > https://www.greyponyit.com
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays