community team highlights: Relay Advocacy

FYI -------- Forwarded Message -------- Subject: [tor-project] community team highlights -- November and December Date: Wed, 09 Jan 2019 18:15:00 +0000 From: Alison Macrina <alison@torproject.org> Reply-To: tor-project@lists.torproject.org To: tor-project@lists.torproject.org Relay Advocacy ================================================================== Colin resumed running once a month IRC relay operator meetings. He also started planning the FOSDEM relay operator meet-up. Steph and Colin are working on updating the relay flyers. Colin continues to work on communicating with OVH regarding relays without contactinfo added to the network. Finally, Colin has been working with Bill from EFF on a Tor relay challenge.

On Sat, 12 Jan 2019 11:54:00 +0000 nusenu <nusenu-lists@riseup.net> wrote:
communicating with OVH regarding relays without contactinfo added to the network.
Is it *really* a good idea to poke OVH over this? Basically it's trying to imply that running Tor should be OK, but running Tor "improperly" (per your own specific definitions and rules) should be illegal in their ToS. I feel this can backfire in a bad way, i.e. rather than spend resources to educate all staff on what "Tor" is, what "ContactInfo" is, is it actually an issue, then track down and warn all the clients which don't comply, surely it is easier to ban all this "Tor" entirely? (Not to mention free up a huge chunk of bandwidth in the process). -- With respect, Roman

communicating with OVH regarding relays without contactinfo
Is it *really* a good idea to poke OVH over this? in their ToS I feel this can backfire in a bad way is easier to ban all this "Tor" entirely?
Though there can be some context, in general harassing and busywork for ISP is indeed not good. Especially when Tor has recourse and discipline of simply dropping the nodes from consensus with log referral. That's the better way, nodes will get clue eventually. Another bettwer way is creating anti-Sybil web of trusts and node selection meta metrics that operators and users can contribute to and choose among. Which is still an open project ripe and waiting since *years* to be done by whoever wants to explore it.

On 13. Jan 2019, at 22:54, grarpamp <grarpamp@gmail.com> wrote:
communicating with OVH regarding relays without contactinfo
Is it *really* a good idea to poke OVH over this? in their ToS I feel this can backfire in a bad way is easier to ban all this "Tor" entirely?
Though there can be some context, in general harassing and busywork for ISP is indeed not good. Especially when Tor has recourse and discipline of simply dropping the nodes from consensus with log referral. That's the better way, nodes will get clue eventually.
Another bettwer way is creating anti-Sybil web of trusts and node selection meta metrics that operators and users can contribute to and choose among. Which is still an open project ripe and waiting since *years* to be done by whoever wants to explore it.
I really need an ELI5 why this is a good idea. OVH is a European company, we have privacy laws here. When asking if you can get the personal information for this servers you only will get a more or less friendly FuckYou. And they have a CW fraction of 15%, if we nag them enough they may change their TOS and start kicking all relays. This will be an even bigger nightmare than DigitalOcean. Let sleeping dogs lie. Markus

Hello everyone, As there is some concern / confusion about what occurred here, I wanted to take a moment to explain: After Nusenu discovered the cluster of relays on OVH not reporting contactinfo, I reached out to a contact we have at OVH to ask if they can pass along information to the user running these relays. This was in the hopes that the user may have configured things incorrectly by accident, and rather than immediately potentially marking the relays as bad; the hope was to give the user a chance to resolve the issue. OVH’s general abuse address was not contacted regarding this issue. That said, this did not end up resolving the issue and next steps will now need to be taken. I hope you all had a nice weekend.
On Jan 13, 2019, at 4:21 PM, niftybunny <abuse@to-surf-and-protect.net> wrote:
On 13. Jan 2019, at 22:54, grarpamp <grarpamp@gmail.com> wrote:
communicating with OVH regarding relays without contactinfo
Is it *really* a good idea to poke OVH over this? in their ToS I feel this can backfire in a bad way is easier to ban all this "Tor" entirely?
Though there can be some context, in general harassing and busywork for ISP is indeed not good. Especially when Tor has recourse and discipline of simply dropping the nodes from consensus with log referral. That's the better way, nodes will get clue eventually.
Another bettwer way is creating anti-Sybil web of trusts and node selection meta metrics that operators and users can contribute to and choose among. Which is still an open project ripe and waiting since *years* to be done by whoever wants to explore it.
I really need an ELI5 why this is a good idea.
OVH is a European company, we have privacy laws here. When asking if you can get the personal information for this servers you only will get a more or less friendly FuckYou. And they have a CW fraction of 15%, if we nag them enough they may change their TOS and start kicking all relays. This will be an even bigger nightmare than DigitalOcean.
Let sleeping dogs lie.
Markus _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>

OVH only allows Tor relays and exits on their dedicated servers, it's not allowed on VPS and Cloud. I do not believe they're actively checking though, you could probably get away with a non-exit relay, or even an exit relay on the reduced-reduced exit policy (brush off the occasional abuse / dmca notice with what anti-hack (abuse dept) wants to hear) and nothing occur. I do not think they would take any issue with you hosting a bridge (maybe it's a good idea to ask first?). Back before Conrad Rockenhaus disappeared from the lists and shutdown his company, we ran several Tor Exit Relays on a few dedicated servers then private cloud. It's my understanding OVH suspended one account saying too many complaints then backtracked on it. Your milege may vary, however if someone for instance sent a DoS attack, saying it was a Tor Exit wouldn't help you and you'd be perma suspended from OVH likely without their mercy. Cordially, Nathaniel Suchy Jan 13, 2019, 4:54 PM by grarpamp@gmail.com:
communicating with OVH regarding relays without contactinfo
Is it *really* a good idea to poke OVH over this? in their ToS I feel this can backfire in a bad way is easier to ban all this "Tor" entirely?
Though there can be some context, in general harassing and busywork for ISP is indeed not good. Especially when Tor has recourse and discipline of simply dropping the nodes from consensus with log referral. That's the better way, nodes will get clue eventually.
Another bettwer way is creating anti-Sybil web of trusts and node selection meta metrics that operators and users can contribute to and choose among. Which is still an open project ripe and waiting since *years* to be done by whoever wants to explore it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>

OVH are not monitoring: I did not see it in the T&Cs that you only run on Tor with OVH on dedicated servers. I have been running an exit on OVH VPS for many months now at 17TB a month and not a squeak from OVH, and not a single complaint forwarded to me so far. The Tor is open to many 1000s of ports but not the major obvious abused ones, and a very limited subnet for 80, 443 wide open. I am sure if I opened up port 80 worldwide complaints would start and attention would be drawn to it so they could initiate immediate shutdown. Gerry -----Original Message----- From: tor-relays <tor-relays-bounces@lists.torproject.org> On Behalf Of Nathaniel Suchy Sent: 14 January 2019 03:23 To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] community team highlights: Relay Advocacy OVH only allows Tor relays and exits on their dedicated servers, it's not allowed on VPS and Cloud. I do not believe they're actively checking though, you could probably get away with a non-exit relay, or even an exit relay on the reduced-reduced exit policy (brush off the occasional abuse / dmca notice with what anti-hack (abuse dept) wants to hear) and nothing occur. I do not think they would take any issue with you hosting a bridge (maybe it's a good idea to ask first?). Back before Conrad Rockenhaus disappeared from the lists and shutdown his company, we ran several Tor Exit Relays on a few dedicated servers then private cloud. It's my understanding OVH suspended one account saying too many complaints then backtracked on it. Your milege may vary, however if someone for instance sent a DoS attack, saying it was a Tor Exit wouldn't help you and you'd be perma suspended from OVH likely without their mercy. Cordially, Nathaniel Suchy Jan 13, 2019, 4:54 PM by grarpamp@gmail.com:
communicating with OVH regarding relays without contactinfo
Is it *really* a good idea to poke OVH over this? in their ToS I feel this can backfire in a bad way is easier to ban all this "Tor" entirely?
Though there can be some context, in general harassing and busywork for ISP is indeed not good. Especially when Tor has recourse and discipline of simply dropping the nodes from consensus with log referral. That's the better way, nodes will get clue eventually.
Another bettwer way is creating anti-Sybil web of trusts and node selection meta metrics that operators and users can contribute to and choose among. Which is still an open project ripe and waiting since *years* to be done by whoever wants to explore it. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

On 12 Jan 2019, at 21:54, nusenu <nusenu-lists@riseup.net> wrote:
-------- Forwarded Message -------- Subject: [tor-project] community team highlights -- November and December Date: Wed, 09 Jan 2019 18:15:00 +0000 From: Alison Macrina <alison@torproject.org> To: tor-project@lists.torproject.org
Relay Advocacy ================================================================== Colin resumed running once a month IRC relay operator meetings. He also started planning the FOSDEM relay operator meet-up. Steph and Colin are working on updating the relay flyers. Colin continues to work on communicating with OVH regarding relays without contactinfo added to the network. Finally, Colin has been working with Bill from EFF on a Tor relay challenge.
Colin also asked relay operators to opt-in as fallback directory mirrors (in the last half of 2018). In December, he helped rebuild the fallback directory mirror list. T

teor:
Colin also asked relay operators to opt-in as fallback directory mirrors (in the last half of 2018). In December, he helped rebuild the fallback directory mirror list.
Thank you for working on this. The fallback directory mirrors are being checked daily by the OONI probe TCP connect test that runs by default from many probes around the world. It currently tests the TCP connectivity (successful connection: true/false) of the directory authorities and bridges. This list lives on the ooni-resources repository [1] it will be really neat if one can drop a notification or open a ticket so that this list gets updated. Thanks! [1] https://github.com/OpenObservatory/ooni-resources/blob/master/bridge_reachab... ~Vasilis -- Fingerprint: 8FD5 CF5F 39FC 03EB B382 7470 5FBF 70B1 D126 0162 Pubkey: https://pgp.mit.edu/pks/lookup?op=get&search=0x5FBF70B1D1260162

Hi,
On 14 Jan 2019, at 11:37, Vasilis <andz@torproject.org> wrote:
Signed PGP part teor:
Colin also asked relay operators to opt-in as fallback directory mirrors (in the last half of 2018). In December, he helped rebuild the fallback directory mirror list.
Thank you for working on this.
The fallback directory mirrors are being checked daily by the OONI probe TCP connect test that runs by default from many probes around the world. It currently tests the TCP connectivity (successful connection: true/false) of the directory authorities and bridges.
This list lives on the ooni-resources repository [1] it will be really neat if one can drop a notification or open a ticket so that this list gets updated.
We rebuilt the list at end of 2018, then I was distracted by the holidays. I just did the tor-relays announcement, and emailed metrics for Relay Search: https://trac.torproject.org/projects/tor/wiki/doc/UpdatingFallbackDirectoryM... Telling OONI is on our list, and I made a ticket for next time: https://trac.torproject.org/projects/tor/ticket/29093 It would be slightly easier for us to cc OONI on the tor-relays email. Is there a mailing list we could use? We don't mind opening GitHub tickets, if that's easier for you. T

teor:
Hi,
On 14 Jan 2019, at 11:37, Vasilis <andz@torproject.org> wrote:
Signed PGP part teor:
Colin also asked relay operators to opt-in as fallback directory mirrors (in the last half of 2018). In December, he helped rebuild the fallback directory mirror list.
Thank you for working on this.
The fallback directory mirrors are being checked daily by the OONI probe TCP connect test that runs by default from many probes around the world. It currently tests the TCP connectivity (successful connection: true/false) of the directory authorities and bridges.
This list lives on the ooni-resources repository [1] it will be really neat if one can drop a notification or open a ticket so that this list gets updated.
We rebuilt the list at end of 2018, then I was distracted by the holidays.
I just did the tor-relays announcement, and emailed metrics for Relay Search: https://trac.torproject.org/projects/tor/wiki/doc/UpdatingFallbackDirectoryM...
Telling OONI is on our list, and I made a ticket for next time: https://trac.torproject.org/projects/tor/ticket/29093
It would be slightly easier for us to cc OONI on the tor-relays email. Is there a mailing list we could use?
We don't mind opening GitHub tickets, if that's easier for you.
Opening an issue (ticket) on ooni-resources Github repository (https://github.com/OpenObservatory/ooni-resources/issues) seems the best option, as it's OONI's main bug tracker and most OONI people watch that space. Thanks! ~Vasilis
participants (9)
-
Colin Childs
-
gerard@bulger.co.uk
-
grarpamp
-
Nathaniel Suchy
-
niftybunny
-
nusenu
-
Roman Mamedov
-
teor
-
Vasilis