Hi All,
There must be discussion of this I'm not finding so references to that are welcomed.
As I understand it there are three risk layers in each Tor node:
1) The node operator (who has r00t) 2) The data center (who has net) 3) The legal jurisdiction
I've recently started running a couple of relays on public IaaS providers. To my thinking this doesn't present significant security issues beyond a hosted physical server, largely because they are not running hidden services or using Tor to anonymize their own traffic. Presumably memory inspection on the underlying hypervisor could easily reveal that.
Most of what could be discovered from hypervisor monitoring seems liek it could also be discovered by traffic analysis available to any datacenter provider should they choose or be compeled to.
The one novel thing this may make easier is stealing the hosts private keys, which would make traffic analysis easier (but I don't thing significantly better) and allow impersonation of the node which would not otherwise be possible (well it maybe possible to steal from memory on a running system given physical access and sufficient equipment, time and expertise but nearly impossible if not actually so).
What is the consensus level of paranoia on this?
Are there threats to virtualized systems I'm not considering?
Thanks, -Jon