- tor-relays - lists.torproject.org

About bug #13256: "torsocks 1.3 possibly leaks username"
by Pablo Castellano 16 Oct '14

16 Oct '14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello! I reported this bug some weeks ago but I haven't received any answer: https://trac.torproject.org/projects/tor/ticket/13256 I'm bringing it here to discuss it and know your thoughts. Regards, Pablo. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJUPxOMAAoJEHj0TzpGP5Gc/9MQAJF2wzKy5DEvKr90RJDSLphF /2HvBGFZyJDhusDKbwPPGujGqSpbv0f5RL2ZBZ7wFXt0TBo95q3LXiwpwux4jThl bn/smPKw6sLRiCs4/mNGlF17yxX35RrhXOiXtu5xk828zRT2qsE2ZaChH81Ynkml IAsidwdh6B3MzFa/vd1rXngoBJZNAoMn2WvVR7vZJAk9ttcCO8qVYocQje/M0QrR xVn1Aw3+Ao436KCdqu6yAjfgr7NLIwGEZI+Q19BNukuQLdOzydixdB9IAUDfXER6 XL0uPO2T6WgzdTGq8tqAc+x5CPkNeeNqRHa9Cx72gVIxdkBAtZfMlv3c1ulYfM0/ FexxuIlsmF4Ei7HsKWf/c7C0bir1wwJhWFrM8hpQHkpOyWAHQWFjaW0x/xuzU/03 Icxf9U/D92C24XmJJrPI4dIS1F2EYdoOWtrd62UacExeuwRhLb4D2FC2VamCjCYq SN9czti8MuS/Jmqq7vNI3wkcZzZ0x5r/ECYncHdC9P3MQN+JfbU5ei0bU0LOQNE/ sNRdERHymNcv5HHQC3NU+gGx4yf56GO9R6natZC78OrXwu2RroCGEjeMhq/pMe5R CG0eZHPN993pY9UdlMivsfrKnH0McZPSJ2b/NnyxLdYfK58s68hM14ypM4VVUrNT z7zgr/qYtLHzj0EWT9Y7 =D6IQ -----END PGP SIGNATURE-----

2 1

Re: [tor-relays] Anonbox Project
by Torzilla 15 Oct '14

15 Oct '14

I have seen their website and it looks like someone is trying to sell this product though I didn't see a price tag yet. Looks dangerous. Possibly a honeypot. Thanks, Torzilla11 Sent from my Sony Xperia™ smartphone Thomas White <thomaswhite(a)riseup.net> wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >Well the topic has come up several times in the last day or two on IRC >and generally the feeling is that it may be quite bad for the users of >the product, not necessarily the Tor network however. > >One thing that AnonBox does do is increase Tor network traffic - you >can see this as both good and bad since it adds load to exit operators >like myself which are already in short supply and diversity, but at >the same time adding traffic to the network makes it safer to use for >everyone. > >The real concern is the mismarketing and borderline fraud occuring by >assuming the simple use of a protocol or open source software (which I >note, the hardware is not actually open source at all). In addition, >the users of such a system are going to be leaving an enormous browser >fingerprint and their activities will be correlated so expectation of >reasonable privacy from this project is a misguided hope at best; at >worst very dangerous to life and limb of anyone who relies on Tor for >their life. > >I am personally hoping somebody high up in the Tor Project management >will openly condemn this atrocity and hopefully Kickstarter and the >funders will withdraw their funds before a whole load of people buy >into this "security as a tool" idea. > >- -T > >On 15/10/2014 12:15, Sven Reissmann wrote: >> Hi there, >> >> I recently read about the anonbox project [1], a small >> hardware-router, which allows end-users to connect their whole LAN >> to the Tor network. The project is on kickstarter at the moment >> [2]. >> >> Has there already been a discussion on how this might affect the >> performance of the Tor network? >> >> Regards, Sven. >> >> >> [1] http://anonabox.com [2] >> https://www.kickstarter.com/projects/augustgermar/anonabox-a-tor-hardware-r… >> >> >> >> >> _______________________________________________ tor-relays mailing >> list tor-relays(a)lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> >-----BEGIN PGP SIGNATURE----- >Version: GnuPG v2.0.22 (MingW32) > >iQIcBAEBAgAGBQJUPmHuAAoJEE2uQiaesOsLAOMP/j8BHqO2yIHRV8Q7Ja3aYHrv >ppLrDbjvbkV9paqGR4X8Gz71PJyHXZoOse6JfBxOnZG+mmoS9elYoXDkKoz8y5Z3 >ot/cpoQdKLei+LvmRxQ5VHcwDXx6wb35+o7I5FnvMoyH2YTeqyfAmGnb5X7D3oa7 >H5rYF8n17ttfvqHvFt2tRuZKKyskJWRnjnpkmmAJSeZpmZnRf38JGhdknmoPMXg3 >5hwzh7E9xFSMM5NrCpXDYvRdZJMvQPWdDFOVUZvKMh/magJitfBZ2Lr7cpq2Vpep >bU8Xs4z/a92j+bm3lN1jzUEgoxs7BEtn/bG2ASRJp2BufOFW8+FCTuOJQPVV0iSa >BPtjoNGe1cwBin256ODF3GjcuzS0Vbql0oS3HyYyEgYEnDjXcw05sdd9tg9i1lqk >66M8h9/aQvZZX1qB4EPzweOYM10VX7mS2pGGl+00wGkGZvhZ4k5ixP/8kHQ7OqQh >d6lwg/ZWK+6wYx3ADCKCvfD5pCNMlf4AtWgam3eQpSPw1uJuw3/twKEvuQijfhRM >XyNu3GivErIpL1d9awm0tJdqcZYZsKw/RFKN9leHt8PhYTMcSp+MViPuFaPIcYh0 >CHwj36gQTqB3XxzdnyJyzigwQhpWePs+qcmc4S3mTq8ogZsnBMgS080XocOx1Jrp >zqZfg7sOGY+s3018nntK >=SX0h >-----END PGP SIGNATURE----- >_______________________________________________ >tor-relays mailing list >tor-relays(a)lists.torproject.org >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

1 0

GoodBadISPs revamp?
by subkeys＠riseup.net 15 Oct '14

15 Oct '14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 [cross-posted on tor-talk and tor-relays] i've found that the Tor GoodBadISPs list [1] is somewhat outdated on current hosts that allow Tor (exit) relays to be hosted. i'm trying to find a cheap host that allows exits to be operated from their services, and navigating the outdated list and finding an operator that isn't extremely expensive is time consuming (some entries go back to 2010!). should the community start a revamp project (or start a whole new list)? i'd be willing to donate my time to help get this started if need be. thanks. - ---- mikael ball 0xB1910271AE8587F4 @subkeys [1]: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUOyMfAAoJELGRAnGuhYf0BKIP/jW0D+wgMOMrYlFQ9k46fHTK g57tkqp6SAKPL/us6Zgf1tG3XIxUGcsQXTt9xrRwgpBAC1iEJtQcBGVutd6hCtYn s3ByxR1fhHa7LglDISueiDTsSx7/cu0cGykKbT7xxGSBLXint0tVxyis/GAznIue MoIlwCoFBO6rHsDU+aPyfLk0SjpYaDZ2tI3PKVplWO/NCW7UHiDeMONPfTXQxVQQ XYSl7Mp2AhmdatpU2a7ACXi1qWibFRlJqVji/Hp3wVpDYxGGIGxP1RG7vR+JvoqU wZ0g0s9JTRpNpjKfLlHGs8ZxF1XXFGXkpqYR9Ka1lAvkD50EFHbQshMKD6exGnfY xyNrEaleCTB+w3ww4YMPqRCzd3J5a/6+xdncBEitV5YzKh15aYD4VJk0/vlFVbED 950Zsh+6n242fwCAXRZi59rbmL3TRqkqNsM3Ihp8z6RyNSf5IwkFf/8TQXIFZ5xy ieNTtnFljinTDgScBjwSh0yvpQTuSL1doG8Uw5Gj3OAWVZWUnb/qrE6GGXY7cjHl 3KsPDr7/wMLF73kDc8TkcUPYcQkC3THXRB40qapSucB0utKZMfBWbczkZLu+JXxb aBLVqd9HKBhqyRsp5Y9yaCFYgWbIwssGYhgY+qi/vgr0y3aedP1A2Y0rhyyYUJAt wBRikkm58YQfotoN0o5H =YSqt -----END PGP SIGNATURE-----

9 11

Slow relay speeds for Australian geographic location(s)
by Mathew 13 Oct '14

13 Oct '14

Hello all, I run a non-exit relay in Australia. My relay has been running for almost 15 days and has seen very little traffic. I have a 100/40 fibre connection and bandwidth is set at 2MB/s and 2.5MB/s burst. The mean read/write is 3.22kb/s and the advertised bandwidth constantly varies between 100-800kb/s which is obviously a fraction of my available bandwidth. Do relays located in less tor frequented countries see much less traffic or something? I have ports set at 443 and dirport 9030, is this an optimal port setting? Anyone with helpful information would be appreciated. My relay is 1337m8 if anyone wants to look at the traffic. Thanks

4 4

New error message
by Paul Blakeman 13 Oct '14

13 Oct '14

Hi all This has started appearing in my notices.log Can anyone shed any light please? Oct 13 12:04:05.000 [warn] Unexpected sendme cell from client. Closing circ (window 1000). [3 similar message(s) suppressed in last 600 seconds]

2 1

Re: [tor-relays] GoodBadISPs revamp?
by mikael ball 13 Oct '14

13 Oct '14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 had to create a new thread because i had digests turned on. oh well. On Mon, Oct 13, 2014, Thomas White wrote: > As a community I think we should also be more transparent in > communications with the ISP's in question. For example, rather than > stating a yes/no instead we find a tidy way to paste their exact > response and link it in the table so we know exactly who they talked > to, waht their question was and the reason they disallowed it. i agree with this. in addition, we should ask for all of the ASN and/or IP blocks from the customer service reps, query onionoo for nodes running within those and display a list of them. (how?) in regards to the EFF partnership idea: i support this. getting the name of a respectable entity who has experience in PR (what kind?) might help with getting the ISPs on board. - -- mikael ball 0xB1910271AE8587F4 -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJUO0GdAAoJELGRAnGuhYf0KbMP/RWYW8P5wkY2pZwV6pARoQOq i9C5RH+AXXceihZEdaxF5kXMaXGA3Xndck74DZ8O06dEmJzztMBFqR6342qgOwe0 d+oyb2DjCQPd8d/FJEPwrgJKcyKSi3EDgJt7KqUA7bMbcyh3cn4s+clVQzCeYkZK TWuzv2gzOUdL05t+N0MTAQG4tTCaFSH1Y3cC4zca764kAreds4DLRX/Ju4+wYUBe QdlxpKl11o6x7LF1nT7kNsxGdNY9VB5t6mbWDDjIBRA6lCbIIvAfqajDB9yuAqy8 yY230fhZ1PU4eU+eJdsxh3U9yI4t3Z5dKeKI0LAHe8agNoLP6IqmWJRV2odri/vb U7BpuY9v5zpQ5gs4U7ppwtgIWagdXe1YC4ULpdabW09InVnC2D0u6/ncUu7gVg08 2qIf+kWxLItaNVJr+4xH1tsJZfNuTK6sUjDm43LJP9WH9nuiveiLo+7MGb5vf1Aw PfdghSA+8J291hJv8X51SmvgEgl9b6SeV4WyBQQVsyFcomjOpBIQmXLt0+D1BhUd G7WNfRf584Ts372Brmtf8UfZqT0niMaHh3BEg14NvCpnaKZ8X8mwRSMHreaIvSpr /wlV8Dy62rpqcsrqp7srLYSsPA9AOP6DsHl52qEjZ4cbeSPY6/ir+RDXn1nJ3BHx 51PhadTMMRybDbNfv1Xv =Xniq -----END PGP SIGNATURE-----

1 0

Re: [tor-relays] Question on running bridge nodes
by teor 12 Oct '14

12 Oct '14

On 12 Oct 2014, at 09:32 , tor-relays-request(a)lists.torproject.org wrote: > Date: Sat, 11 Oct 2014 23:25:47 +0100 > From: Tor externet co uk <tor(a)externet.co.uk> > To: tor-relays(a)lists.torproject.org > Subject: [tor-relays] Question on running bridge nodes > Message-ID: <49c1abc0aa88e1bf8425fdc8e482402d(a)nodataavailable.com> > Content-Type: text/plain; charset=US-ASCII; format=flowed > > Hi, > > I've set up a bridge node in the previous few weeks, but have had to put > a bandwidth limit on, as I only have 10TB of traffic per month before my > ISP will start throttling me to 100k/sec. > > I wondered whether it was more helpful to the Tor network as a whole to > have have a very fast node which hibernated every 12-15 hours, or if I > throttled Tor traffic, so that the node was more stable. > > I'll confess that I'm far more au fait with the politics of Tor than I > am of the exact ins and outs of how the technology works. Any help would > be gratefully received. > > Thanks > L For relays, where pathing is quite dynamic, we recommend speed + hibernation over uptime. But for bridges, users obtain only 3 bridge descriptors at a time, usually via some difficult or dangerous method. We'd want to make sure at least 1 stays up at all times (2 for reliability), which would favour throttling. teor pgp 0xABFED1AC hkp://pgp.mit.edu/ https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 http://0bin.net/paste/Mu92kPyphK0bqmbA#Zvt3gzMrSCAwDN6GKsUk7Q8G-eG+Y+BLpe7w…

2 2

Re: [tor-relays] Slow relay speeds for Australian geographic location(s)
by teor 12 Oct '14

12 Oct '14

On 12 Oct 2014, at 18:06 , tor-relays-request(a)lists.torproject.org wrote: > Date: Sun, 12 Oct 2014 18:06:42 +1100 > From: Mathew <wired.kid(a)gmail.com> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] Slow relay speeds for Australian geographic > location(s) > > Thanks for the in depth post, Teor. I had read the lifecycle article but > was concerned when people were posting that their relay was soaking all > their bandwidth after a day or two. This makes sense now, given the > oversupply and location. It was also worrying when the advertised bandwidth > was fluctuating so much and was only advertising a fraction of what > actually is available. > > The Windows server is using very minimal resources at the moment, and TCP > connections are around 250. The router will definitely be able to handle > the load, I run a pfSense APU. > > TPG doesn't have any bandwidth constraints specifically. They run a lot of > their own infrastructure including their own undersea PPC-1 cable > https://www.tpg.com.au/about/networks.php. No connection is ever shaped by > TPG and I have unlimited bandwidth. > > Amsterdam - http://www.speedtest.net/my-result/3825961515 > LA - http://www.speedtest.net/my-result/3825963543 > Boston - http://www.speedtest.net/my-result/3825964878 > London - http://www.speedtest.net/my-result/3825966771 > > So you think it isn't detecting all of my available bandwidth due to > distance and location and such? Is it just one of those things? > > torrc http://pastebin.com/GcTswhQx Actually, I think it's a matter of waiting on a stable IP and network connection for a month or two. (Your torrc looks fine.) I was just trying to list all possible factors, however unlikely. The instability is likely due to the bandwidth authorities (there's only a small number, which doesn't help stability). It will stabilise over time. But I don't think your overall level is caused by the authorities. Now that I think about it, as far as I recall, the "observed bandwidth" is a notional figure, not an actual bandwidth measurement. Because middle relays are in oversupply, their bandwidths get weighted down. (My middle relays are listed at about 50% of their advertised/link bandwidth.) Australian middle relays that are getting similar results to yours are: Aquinas DC5E2202E0148A53379F68A04207E04FFA7B4B2D (default) - Windows 8 terranullius - Windows 8 CoD Australian middle relays that are getting almost their exact advertised bandwidth: Serversaurus If you can pick the difference, I'm sure we'd be glad to know why! teor pgp 0xABFED1AC hkp://pgp.mit.edu/ https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 http://0bin.net/paste/Mu92kPyphK0bqmbA#Zvt3gzMrSCAwDN6GKsUk7Q8G-eG+Y+BLpe7w…

1 0

Re: [tor-relays] Slow relay speeds for Australian geographic location(s)
by Mathew 12 Oct '14

12 Oct '14

Sorry about that test. Thanks for the in depth post, Teor. I had read the lifecycle article but was concerned when people were posting that their relay was soaking all their bandwidth after a day or two. This makes sense now, given the oversupply and location. It was also worrying when the advertised bandwidth was fluctuating so much and was only advertising a fraction of what actually is available. The Windows server is using very minimal resources at the moment, and TCP connections are around 250. The router will definitely be able to handle the load, I run a pfSense APU. TPG doesn't have any bandwidth constraints specifically. They run a lot of their own infrastructure including their own undersea PPC-1 cable https://www.tpg.com.au/about/networks.php. No connection is ever shaped by TPG and I have unlimited bandwidth. Amsterdam - http://www.speedtest.net/my-result/3825961515 LA - http://www.speedtest.net/my-result/3825963543 Boston - http://www.speedtest.net/my-result/3825964878 London - http://www.speedtest.net/my-result/3825966771 So you think it isn't detecting all of my available bandwidth due to distance and location and such? Is it just one of those things? torrc http://pastebin.com/GcTswhQx Thanks again.

1 0

Re: [tor-relays] Slow relay speeds for Australian geographic location(s)
by Mathew 12 Oct '14

12 Oct '14

Test

1 0