<div dir="ltr"><div dir="auto"><div dir="ltr"><div dir="ltr">Hi nusenu<br><div dir="ltr"><br><div dir="ltr"><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Am Fr., 21. Feb. 2020 um 22:24 Uhr schrieb nusenu <<a href="mailto:nusenu-lists@riseup.net" target="_blank">nusenu-lists@riseup.net</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi Michael,<br>
<br>
> Last week i got an email with a warning that some of my relays are<br>
> missing the correct MyFamily setup and that i am a risk to do<br>
> end-to-end correlation attacks together with a list of all relays i<br>
> operate plus one relay which uses the same name than i use but is not<br>
> operated by me.<br>
<br>
the email Michael is referring to for the interested readers: [1]<br>
<br>
> I already knew that not all of my relays have a correct MyFamily setup<br>
> because as long as i am not sure if they will stay i usually dont<br>
> include them in MyFamily because it is a pain to edit every torrc<br>
<br>
Yes, manually managing MyFamily is a pain with that many relays.<br>
It is best to automate it so you don't have to worry about it <br>
no matter how long your relays might run.<br>
<br>
It is also relevant to note that we are not talking about fresh relays (born days or weeks ago) but >6 months.<br></blockquote><div><br></div><div>I think the relay you are talking about is the relay in Yekaterinburg.</div><div>This relay is not listed as with no MyFamily in the first email but after receiving the first email i decided that i am okay with the newer hoster more than the older hoster so i included the newer one in MyFamily and excluded the older one and will probably let it expire so the relays mentioned with no MyFamily setup in the first and the ones in the second email should be slightly different.</div><div><br></div><div>But thats not important anyway.</div><div><br></div><div>I usually wait at least one billing period. Some of my relays are paid for three years in advance which means there might be cases where a relay will be in a state of unknown for three years till i know if they will stay.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
> A few days later i got a message that some of my relays will soon get<br>
> rejected because i did not responded to the previous email.<br>
<br>
A more correct version is: some relays were proposed for removal on the bad-relays@ list <br>
should there not be any reaction by the operator [2].<br>
<br>
That is something different than informing an operator about an upcoming removal since<br>
everybody can propose removals and only dir auths can actually vote for the removal.<br></blockquote><div><br></div><div>Understood.</div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
[2] <br>
For the readers on this list, this is the second mentioned email:<br>
> I'm proposing the removal of the first 5 entries in the following table (end-to-end correlation risk)<br>
> should there not be any reaction to this email from the operator.<br>
> <br>
> A previous email from 2020-02-15 did not result in a reply so far.<br>
> <br>
> +---------------------+--------+----------------------+------------------+-------------------+-----------------+---------------------------------------------------+------------------------------------------+<br>
> | first_seen | member | contact | nickname | tor_version | IP | as_name | fingerprint |<br>
> +---------------------+--------+----------------------+------------------+-------------------+-----------------+---------------------------------------------------+------------------------------------------+<br>
> | 2020-02-01 18:00:00 | 1 | NULL | angeltest33 | 0.4.2.6 | 139.99.238.17 | OVH SAS | 4BF3D299BC500C350868F078749291C766C7AA6F |<br>
> | 2020-01-11 16:00:00 | 1 | NULL | angeltest5test | 0.4.2.6 | 51.38.147.96 | OVH SAS | 951307BA74E44A9C9C208B2F134CDA2409944075 |<br>
> | 2019-08-06 11:00:00 | 1 | NULL | angeltest27 | 0.4.2.6 | 185.173.177.153 | GalaxyStar LLC | 95C8B9418E74F3FF80E5C3D3AF7F03156FFBBFBE |<br>
> | 2019-08-31 09:00:00 | 1 | NULL | angeltest9 | 0.2.9.14 | 104.244.76.190 | FranTech Solutions | F1D5C0F5157D9B24014BE8C7A1D878AEA6843B42 |<br>
> | 2019-11-21 12:00:00 | 1 | NULL | angeltest26test | 0.4.2.6 | 91.243.50.239 | Petersburg Internet Network ltd. | F51A927E34662D6005393F2327C870FB0D0D7FE0 |<br>
<br>
<br>
<br>
> - The bad-relays team expect an answer to their emails even if they do<br>
> not tell you that in the first email and rather send you a second<br>
> email that they will soon reject your relays if you dont answer them.<br>
<br>
I think you are confusing the "bad-relays team" with subscribers or people sending emails to the bad-relays@ list. <br>
If in doubt require the sender to have a @<a href="http://torproject.org" rel="noreferrer" target="_blank">torproject.org</a> address<br>
(unfortunately there is no actual sender address for the bad-relays team since it is just a mailing list)<br></blockquote><div><br></div><div>The senders name was "<a href="mailto:tor-bad-relays@riseup.net" target="_blank">tor-bad-relays@riseup.net</a>" which looked official to me.<br></div><div>Then Georg Koppen "validated" the second email.</div><div><br></div><div>For the next time i know that i only need to respond to valid emails.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
> So for what reason do i set the MyFamily option beside making a Hidden<br>
> Service Guard discovery attack more easy?<br>
<br>
<br>
- risk reduction for tor users<br>
MyFamily declarations allow the tor client software to automatically detect relay families when creating circuits to<br>
avoid using multiple relays from the same operator in a single circuit.<br></blockquote><div><br></div><div>This should not matter if the operator is not malicious and like i already said an malicious operator will not use the same contact info or relay name.</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
- reducing the risk for tor users that might become victims if some operator gets compromized (with all its relays)<br></blockquote><div><br></div><div>This is a reason i can understand.</div><div>Not sure how much that would really help in practice but i can understand it.<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
- transparency<br>
Every relay operator should declare their relay group to allow everybody to measure their network fraction (Sybil detection).<br></blockquote><div><br></div><div>Should...</div><div>But i understand this one too.<br></div><div>But as long as my family is still a small one with only one exit compared to others i am not a Sybil attack risk and even if i would would i get any special treatment then?<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
- risk reduction for relay operators<br>
MyFamily also provides risk reduction for operators since they are less valuable as an attack target<br>
if they can not technically be used for e2e correlation attacks<br></blockquote><div><br></div><div>I think this is similar to your first point but i think that should be the operators choice if he want to take steps against this case.</div><div> <br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
- allow the identification of "false-friends" and actual malicious relays<br>
By setting MyFamily you make it easier to detect relays that claim to be you<br>
since MyFamily requires mutual configuration malicious entities can not add their relays to your MyFamily. <br><br></blockquote><div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
This is what happened in your case (which was a mixture of misconfiguration and actual "false-friends").</blockquote><div><br></div><div>Talking about that particular possibly malicious FranTech relay the operator and me set their MyFamily correctly.<br></div><div>I did not included it in my family because i am not the operator and he did not tried to include it in my family so relying on MyFamily was useless anyway.</div><div><br></div><div>I knew about that relay for some while already because i first thought i had accidentially made one of my relays an exit but decided to not report it because relay names are free to choose.</div><div><br></div><div>Thats the reason why i was so mad about the fact that someone assume this particular malicious relay is operated by me because what the other possibly malicious operator tried to achieve (to look like me) was exactly what happened.<br></div><div><br></div><div>I think MyFamily greatly fails in trying to solve a problem and is making life for honest operators more difficult but not for mailicious operators.<br></div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
<br>
If you are really interested into the MyFamily topic you can find a few tickets on <a href="http://trac.torproject.org" rel="noreferrer" target="_blank">trac.torproject.org</a> about it<br>
(including arguments against it).<br></blockquote><div><br></div><div>I will look into it.</div><div> <br></div><div></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
<br>
<br>
<br>
[1]:<br>
> Hello,<br>
> <br>
> This email wants to make you aware that you are probably putting tor users<br>
> at risk by not properly setting MyFamily on your tor relays.<br>
> <br>
> If the relays using your contactInfo are not actually yours<br>
> please send an email to <a href="mailto:bad-relays@lists.torproject.org" target="_blank">bad-relays@lists.torproject.org</a><br>
> so they can be removed from the network for impersonating your contactInfo.<br>
> <br>
> <a href="https://nusenu.github.io/OrNetStats/endtoend-correlation-groups#torrpi1405gmailcom" rel="noreferrer" target="_blank">https://nusenu.github.io/OrNetStats/endtoend-correlation-groups#torrpi1405gmailcom</a><br>
> <br>
> Thanks for taking care of this.<br>
> <br>
> +---------------------+------+------------------+--------+----------------------+-------------------+-----------------+------------------------------------------+<br>
> | first_seen | exit | nickname | member | contact | tor_version | IP | fingerprint |<br>
> +---------------------+------+------------------+--------+----------------------+-------------------+-----------------+------------------------------------------+<br>
> | 2018-08-28 21:00:00 | 0 | angeltest2 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.4.0-alpha-dev | 5.39.60.243 | 3B07C500AC17E7B5A1EE616613E104A094AB87F3 |<br>
> | 2018-09-05 17:00:00 | 0 | angeltest7 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 37.252.187.111 | EE4AF632058F0734C1426B1AD689F47445CA2056 |<br>
> | 2018-09-05 20:00:00 | 0 | angeltest8 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.112.82.50 | 7AAF5597B18D82CC90CA95FB7976A1CEA4A32E06 |<br>
> | 2018-09-07 23:00:00 | 0 | angeltest9 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 92.38.163.21 | 9288B75B5FF8861EFF32A6BE8825CC38A4F9F8C2 |<br>
> | 2018-09-27 00:00:00 | 0 | angeltest11 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 213.183.60.21 | 39F91959416763AFD34DBEEC05474411B964B2DC |<br>
> | 2018-09-27 19:00:00 | 0 | angeltest12 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 91.201.65.91 | 57C6DF5B93E54EB9C8DB90029D9E9A1111BD34D2 |<br>
> | 2018-12-15 00:00:00 | 0 | angeltest14 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 195.123.245.141 | 465D17C6FC297E3857B5C6F152006A1E212944EA |<br>
> | 2019-01-10 00:00:00 | 0 | angeltest18 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 94.140.125.122 | B517198B86B3859C307857C59F6660A281FC8B47 |<br>
> | 2019-01-10 22:00:00 | 0 | angeltest19 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.246.152.22 | A86EC24F5B8B964F67AC7C27CE92842025983274 |<br>
> | 2019-02-26 10:00:00 | 0 | angeltest20 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 178.17.170.103 | ADE6AB2BFBD7A5780B321DC33BBACCD0D777C94D |<br>
> | 2019-04-26 12:00:00 | 0 | angeltest23 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 81.169.235.154 | EFA2E7B073AA4CE2DAF7160F23C90DB805948F4A |<br>
> | 2019-05-29 07:00:00 | 0 | angeltest26 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 89.223.100.121 | 40108FDFA40EDB013F7291F3B4DA3D412ED3A5EF |<br>
> | 2019-08-06 11:00:00 | 0 | angeltest27 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.173.177.153 | 95C8B9418E74F3FF80E5C3D3AF7F03156FFBBFBE |<br>
> | 2019-08-13 12:00:00 | 0 | angeltest6 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.61.149.67 | 295F1BD8995A12ECC77E050CCF6EC641572739E9 |<br>
> | 2019-08-19 04:00:00 | 0 | angeltest28 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 31.207.89.49 | 1A7A2516A961F2838F7F94786A8811BE82F9CFFE |<br>
> | 2019-09-19 14:00:00 | 0 | angeltest3 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 62.141.38.69 | FF9FC6D130FA26AE3AE8B23688691DC419F0F22E |<br>
> | 2019-10-02 19:00:00 | 0 | angeltest10 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 178.254.20.159 | C1939D36649DE98A202429631D8EFC70128D5F5F |<br>
> | 2019-11-01 05:00:00 | 0 | angeltest5 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 51.38.134.104 | 39C6F833D4B09524770D3655DF825A11213CA0A9 |<br>
> | 2019-11-01 08:00:00 | 0 | angeltest27test | 1 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 92.223.109.71 | 1323D34C2FA4AE0EC4EEA9853F3464693EF428E7 |<br>
> | 2019-11-02 14:00:00 | 0 | angeltest17 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 5.34.183.29 | F8AA8D8CCBA0C5F2836DE6315CDFA6E4A31A0890 |<br>
> | 2019-11-05 14:00:00 | 0 | angeltest13 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.225.17.173 | A4CC39184AD287D72C2247738835811C7A7ECB8E |<br>
> | 2019-11-21 12:00:00 | 0 | angeltest26test | 1 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 91.243.50.239 | F51A927E34662D6005393F2327C870FB0D0D7FE0 |<br>
> | 2019-12-11 22:00:00 | 0 | angeltest29 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 87.106.152.102 | 73283C4DEBC01D3E4A5FD1BB1F2B50D927379F59 |<br>
> | 2019-12-20 04:00:00 | 0 | angeltest24 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 2.56.241.243 | 401A66747713038CEEF6ED28C8AFEB70570EEBCC |<br>
> | 2019-12-20 06:00:00 | 0 | angeltest25 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.118.164.41 | C9BC841E180B35F229FD47664F84CF8A8ADB3F68 |<br>
> | 2019-12-24 16:00:00 | 0 | angeltest30 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.4.135.157 | B93503D458D9FE97DE5C12D211082871D08F1284 |<br>
> | 2020-01-11 16:00:00 | 0 | angeltest5test | 1 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 51.38.147.96 | 951307BA74E44A9C9C208B2F134CDA2409944075 |<br>
> | 2020-01-12 17:00:00 | 0 | angeltest31 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.101.35.219 | 2F8B9500DC98C13FD28CC51E47D3416DE423ED78 |<br>
> | 2020-01-14 15:00:00 | 0 | angeltest32 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 185.99.2.178 | 12B1A5769D38FF47CF68C2235E1BDA315DF400F2 |<br>
> | 2020-01-23 04:00:00 | 0 | angeltest16 | 27 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.4.0-alpha-dev | 195.123.238.164 | D5812BAB52820A4D448E5F16EE363A0F4CEEF691 |<br>
> | 2020-02-01 18:00:00 | 0 | angeltest33 | 1 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.6 | 139.99.238.17 | 4BF3D299BC500C350868F078749291C766C7AA6F |<br>
> | 2020-02-11 14:00:00 | 1 | angeltestwindows | 1 | <a href="mailto:torrpi1405@gmail.com" target="_blank">torrpi1405@gmail.com</a> | 0.4.2.5 | 91.132.147.168 | DC81AA3B1D51566DBF27BFA562E4047AEB1C52DA |<br>
> +---------------------+------+------------------+--------+----------------------+-------------------+-----------------+------------------------------------------+<br>
<br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org" target="_blank">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" rel="noreferrer" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</blockquote></div></div>
</div></div></div></div></div>