On August 14, 2020 5:12:35 PM UTC, Roger Dingledine arma@torproject.org wrote:
On Thu, Aug 13, 2020 at 03:34:55PM +0200, niftybunny wrote:
This shit has to stop. Why are the relays in question still online?
Hm? The relays are not online -- we kicked them in mid June.
We don't know of any relays right now that are attacking users.
Or said another way, if anybody knows of relays that are doing any attacks on Tor users, ssl stripping or otherwise, please report them. I believe that we are up to date and have responded to all reports.
That said, there is definitely the uncertainty of "I wonder if those OVH relays are attacking users -- they are run by people I don't know, though there is no evidence that they are." We learned from this case that making people list and answer an email address didn't slow them down.
I still think that long term the answer is that we need to shift the Tor network toward a group of relay operators that know each other -- transparency, community, relationships, all of those things that are costly to do but also costly to attack: https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001 https://lists.torproject.org/pipermail/tor-relays/2020-July/018656.html https://lists.torproject.org/pipermail/tor-relays/2020-July/018669.html
But the short term answer is that nobody to my knowledge has shown us any current relays that are doing attacks.
Hope that helps, --Roger
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Roger had Tor Project taken some countermeasures against this type of attack? For example quoting from nusenu's article:
As an immediate countermeasure against this ongoing issue the Tor Project could require physical address verification for all new (joined in 2020) Tor relay operators that run more than 0.5% of the Tor network’s exit or guard capacity. Why 0.5%? It is a balance between the risk of malicious Tor relay capacity and the required effort for verification. Using 0.5% as a threshold is a realistically low number of operators to verify. As of 2020–08–08 there are just five exit and one guard operator that match these criteria (new and big). Some of them have similarities to previously detected malicious groups. Others are somewhat known with a good reputation already. So the amount for this initial verification is limited to sending 6 letters to a provided physical address (more likely actually 3 since some might not request the physical address verification).