On 27 May 2017, at 02:28, Nagaev Boris bnagaev@gmail.com wrote:
On Fri, May 26, 2017 at 3:26 PM, nusenu nusenu-lists@riseup.net wrote:
Since about mid April there are just two similar Exits making up now about 4.5% exit probability together. Located in Panama, run in the okservers.net network, AS395978 ,they don’t give up any further information about themselves.
Personally I would feel better at least having a contact or even better, knowing who is giving that much effort. Probably a MyFamily configuration should be placed as well?
This isn't necessary, the relays will only be used by clients in the exit position.
https://atlas.torproject.org/#details/29C92C854E0F6652A77F3A8B231D6932993969...
https://atlas.torproject.org/#details/2CA4B2F36C2DDECFCB0B5A0D3300ED30E68E2D...
this post contains a few pints about these relay's location (more likely in Germany than Panama): http://www.hackerfactor.com/blog/index.php?/archives/762-Attacked-Over-Tor.h... https://twitter.com/nusenu_/status/861189840796344320
From the article: "The registration information bounces between multiple countries and never actually identifies the source. And they were all registered recently. If you talk to any cybersleuths about identity theft, spam, online fraud, scams, and fronts, they will tell you that misleading registration and bouncing between countries is a big red flag. This is some type of front. And it's deep enough to either be organized crime or a nation-state." Does it mean that several percent of exit traffic go through nodes that are likely to be "organized crime or a nation-state"?
Or maybe just someone who is using state-of-the-art techniques to keep their identity private?
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------