-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
But bottom line, the Tor Project apparently did nothing with the information.
Well, they apparently made (according to phw) an informed decision on which attacks they should be spending the little available resources. That is certainly more than doing 'nothing'.
Philipp Winter explained the general situation quite clearly (without going into the specifics of the reported relays):
there are not enough people to keep up with all the work. The little resources we have we tend to spend on more serious attacks. That is not to say that traffic sniffing is harmless, but we are forced to prioritise
So if this does not match with ones assumptions and threat model it is probably good to adjust the threat model towards it. It is certainly better to always assume the presence of bad exits because it is impossible to detect them all, all the time, with no delay (and because even good exits have to route their packets through the "bad internet" to its final destination.)
I'm _not_ saying that we should forget about the 'badexit' flag altogether because "we can't get hold of all of them anyway", but now we know more about the resources of those managing badexit flags and its implications.
I find it more worrying that we do not "hear" about the 'more serious attacks' that keep them busy and don't allow them to look into i.e. 'AviatoChortler' (even after a few weeks). That might mean that there is a constant stream of 'more serious attacks' (without information I can only guess).