-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Agreed. Thanks for pulling together the statistics, too. However, I'd like to make an argument for OpenBSD specifically. I openly acknowledge that, at least for non-experts (and I'm one of them), OpenBSD isn't ideal for many uses. It isn't used much because of its conservative/cautious philosophy and its lack of bells and whistles. It doesn't have the greatest hardware support, it's a little slower than FreeBSD and Linux, and it isn't very inviting for people that don't know at least intermediate Unix. However, there is at least one field in which OpenBSD has a big market share: firewalls. It's perfect for this use because of its simplicity, its great networking software (pf, etc.) and its bulletproof out-of-the-box security. These same features make it excellent for Tor relays as well. It's possible that governments like China's are trying to hack Tor relays in an attempt to deanonymize users. It's almost definite that malicious hackers try to break into exit nodes to troll traffic. Even an up-to-date, hardened Linux or FreeBSD system probably can't weather all such attacks. For such a simple, single-use, security-critical application, something as sturdy and impenetrable as OpenBSD is the best option. I would love to start a larger conversation about running Tor on OpenBSD. I've been considering making a guide describing the process. However, that violates the OpenBSD philosophy to some extent. They tend to only help those who help themselves - in the long term, only those who want to learn Unix and who RTFMs continue using OpenBSD.[1] Hopefully, though, we can spark enough interest that node operators will take that initiative. I know there's been a lot more interest in OpenBSD on Hacker News et al. since the surveillance revelations. [1] I hope this doesn't sound pretentious. I recognize that a lot of people are busy or distracted, or simply don't want to make the time commitment. That's reasonable. Thanks for reading another rambling email, Libertas On 11/05/2014 04:04 AM, grarpamp wrote:
On Tue, Nov 4, 2014 at 12:25 PM, Libertas <libertas@mykolab.com> wrote:
I think it would be a good idea to add OpenBSD to doc/TUNING because [...] promoting OpenBSD relays benefits the Tor network's security.
Absolutely. Not just due to OpenBSD's security positioning, but moreso from network diversity. Windows is its own world. But if you're a Unix admin there's no reason Linux should be deployed 20x more often than [Free/Open]BSD. It's ridiculously counter to meeting diversity goals, especially with bandwith weighting if one platform is getting grossly disproportionate traffic than another. Just pick one of the two BSD's and run it instead. FreeBSD in particular is well suited to the OS and network needs of Tor. And knowing how to admin more Unixes will serve any admin well.
5950 Linux 1593 Windows 173 FreeBSD 55 Darwin 44 OpenBSD 7 NetBSD 6 SunOS 4 Bitrig 2 GNU/kFreeBSD 1 DragonFly _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUWkNLAAoJELxHvGCsI27NjdwP/jic9VAaDu1fON/IZmaFu+gr 5CiuP8njzCQfKHSnN6QHFC0LSraipXqFOfHpK3HLN3Mf2BaC84eM0wkburB4fdfs oqxg9cLii7YftzDTCCOyxC3FXhrpKueH6cWY2eJFvWKkFxOtBpSx/U+sP7ZX9NSW syOL3KtvQ9MZqwgrCfx0xPwrQAshFqJaUf+nd5vwgiIFrLmKdnnOx3/63D9bBZ0b Awid7ABFVerUDXi2bDbW++PgtPsZ9GZxgU+MzLzBITz+ZkW9pJmT5d9T6W4nAOEh tLUCbakmdi5pBLZzSt9OlPuYfhoa7udl4cVKOeZo3iPrCTxLePUy5PYE0aZ7eVd6 e9DvXnepiYVFoLP/tUxNNDNwy4VX0x/3dy5bey9zy5Hd019z1U8mtlBWrb548qEz s3WfzlJW30KTyLy8dVvE/MCgaE/VjanDLWtInLa5GinxwtV9pskXn4RdluM/m9qS xznx/TLzdFzyOPtr834xtvMcuIG1BruFEHQJ80bG4cNmazBhYWly5pU96A6XKQm+ FQ+jD+7UvfAoHiilV9hX8dliC730ffKWTHyOv6CALUTe4o6HZkCYo2W4vKiuVwVa 11Z/V1jhk3hMDyA8hLlXjqbNCfzS7Hm2t8Ickuo0SOk2b0le7bGkFUu+5lIKmyG8 P9I/7pAf0HRWAautAnOM =Qqad -----END PGP SIGNATURE-----