On 10/11/20 3:08 PM, nusenu wrote:
Are your scanners available for others to run? I understand that it is a risk that making them public may allow bad exits to avoid them, but is it ok if other specific people use and adapt the scanners?
You don't need to actively perform scans (in the sense of establishing circuits) to detect rerouting exits, onionoo provides you with the required data: OR IP: https://metrics.torproject.org/onionoo.html#details_relay_or_addresses Exit IPs: https://metrics.torproject.org/onionoo.html#details_relay_exit_addresses
I meant the code for your other scans. We have my original scanner (part of torflow repo), and one phw wrote, and another set of onion service attack scanners. TPI might consider also running your scanners in addition to or instead of some of these. Plus more people running scanners may mean faster results and easier result confirmation... Though, this is subject to obvious issues with this being an arms race, if scans are discovered, of course.
I also agree with your ticket about the time rotation feature. And I'm not sure we should necessarily publish this info anymore.
I think this and similar ideas should be explored. We're trying to figure out how to put it all together into an approach that makes sense.