Feedback wanted: letter to my university's library
Hey, all! I'm AJ; I've been lurking on this list for many years but have never had cause to post. I've run a Tor relay (`strugees`) on AWS for a number of years now, but haven't been able to dedicate all that much bandwidth to it due to cost concerns. However I've just started college at the University of Rochester, which obviously presents a great opportunity to set up a relay on a really great network. I'm planning to reach out to the library with the following email and would love some feedback:
Does anyone who's done something like this before have any tips or suggestions? Am I going about this in the best way? Cheers! AJ
AWS is an expensive way to run a relay, because they charge per GB. Capped providers can cost less, and you can use AccountingMax to limit your usage. Here's a list of providers that allow tor: https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
I've CC'd Alison, who heads up the Library Freedom Project. She has a lot of experience working with libraries and tor relays. Tim
On 01.10.2017 22:52, teor wrote:
For non-exit relays, you actually don't have to limit yourself to ISPs that "allow Tor". Be careful with "unmetered/unlimited" offers. I would be honest up front in terms of data usage, and find out what kind of "fair use policy" the ISP has. Often, the customer support can give you an exact number, even if it's not stated anywhere on their website. lowendbox.com is a good place to find cheap virtual machines, for example. Again, for non-exits (like the current "strugees"), I wouldn't tell the ISP that what you're doing is pushing encrypted traffic for some network. For exits, it's a bit more difficult. I hope Alison can help you with the uni library. That's a really good idea. Internet and policies can be hugely different between different universities, so at least for non-exit relays, it should be pretty straightforward: Here also, I would suggest to first (without making a lot of noise about it) to find out what the rules around Internet usage are, and just set one up. -- Moritz Bartl https://www.torservers.net/
On Mon, Oct 02, 2017 at 07:08:35AM +0200, Moritz Bartl wrote:
Thanks (to both you and Tim); this is really good advice. I'll look into it... assuming I can find the time, of course :/
The problem is that logistically I can't without help, unfortunately. I don't have a spare machine to run it on and more importantly, I don't have access to a good wired connection. The only Ethernet jack I know of is in my dorm room and I can't imagine it's very good compared to a datacenter connection. So there's two things I'd need from IT. Cheers, AJ
On 2 Oct 2017, at 01:18, AJ Jordan <alex@strugee.net> wrote:
You might be surprised. When I was at university, the Ethernet in my room was one hop from the campus fibre mesh network, so it was pretty good. (Of course, it was in Australia, so it would never have sent much tor traffic.) *If* it falls within your dorm's acceptable use policies, setting up a relay with a low RelayBandwidthRate would be a good way to see how well tor works on campus. But you need to make a judgement call, because having a dorm relay shut down might affect the library's willingness to run one. Tim
Hi AJ, not sure if anyone's brought this up, but you may want to look at: https://libraryfreedomproject.org/ " Library Freedom Project is a partnership among librarians, technologists, attorneys, and privacy advocates which aims to address the problems of surveillance by making real the promise of intellectual freedom in libraries. By teaching librarians about surveillance threats, privacy rights and responsibilities, and digital tools to stop surveillance, we hope to create a privacy-centric paradigm shift in libraries and the communities they serve." In practice as I understand it this in large part involves Libraries running Tor exits to facilitate their privacy and education goals. -Jon On Mon, Oct 02, 2017 at 11:51:42AM -0400, teor wrote: :On 2 Oct 2017, at 01:18, AJ Jordan <alex@strugee.net> wrote: : :>> find out what the rules around Internet usage :>> are, and just set one up. :> :> The problem is that logistically I can't without help, :> unfortunately. I don't have a spare machine to run it on and more :> importantly, I don't have access to a good wired connection. The only :> Ethernet jack I know of is in my dorm room and I can't imagine it's :> very good compared to a datacenter connection. So there's two things :> I'd need from IT. : :You might be surprised. : :When I was at university, the Ethernet in my room was one hop from :the campus fibre mesh network, so it was pretty good. :(Of course, it was in Australia, so it would never have sent much tor :traffic.) : :*If* it falls within your dorm's acceptable use policies, setting up a :relay with a low RelayBandwidthRate would be a good way to see :how well tor works on campus. : :But you need to make a judgement call, because having a dorm relay :shut down might affect the library's willingness to run one. : :Tim :_______________________________________________ :tor-relays mailing list :tor-relays@lists.torproject.org :https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays --
Hi AJ, First, thank you for supporting Tor! Second, you're smart to contact the library, as IT would immediately shut down the idea as they don't want to receive more abuse emails than they already do (I know we did when I worked in academia). An additional resource you may wish to research is the https://libraryfreedomproject.org/ by Alison Mecrina. The resources available on this site speak directly to librarians on such issues. Good luck! Thank you for your email, Isaac, Tor@SechsNullDrei.org -----Original Message----- From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of AJ Jordan Sent: Sunday, October 01, 2017 3:20 PM To: tor-relays@lists.torproject.org Subject: [tor-relays] Feedback wanted: letter to my university's library Hey, all! I'm AJ; I've been lurking on this list for many years but have never had cause to post. I've run a Tor relay (`strugees`) on AWS for a number of years now, but haven't been able to dedicate all that much bandwidth to it due to cost concerns. However I've just started college at the University of Rochester, which obviously presents a great opportunity to set up a relay on a really great network. I'm planning to reach out to the library with the following email and would love some feedback:
Does anyone who's done something like this before have any tips or suggestions? Am I going about this in the best way? Cheers! AJ
"Tor Node Admin @ SechsNullDrei.org" <tor@sechsnulldrei.org> wrote:
AJ and any others in similar situations, I would add a few comments, beginning with the style of communications with your university library. When you wish to ask for some special consideration, find out whom you need to talk with about your request, and then make an appointment to visit his/her office in person. Sending an email message out of the blue and beginning it with "Heya!" is utterly inappropriate and is not at all likely to get you anywhere. You must act--and write--like an adult, and formality in your initial written communications is essential. They are not going to let someone acting like an ill-mannered adolescent run a server on their department's equipment. If you come across as a responsible adult who makes a good impression and provides a good case for satisfying the request, a case that looks good from the university's point of view, which is to say, convincing them that it would benefit the university in some way, then you may get somewhere with them. If you convince them, however, be prepared to find out that the staff has decided to run the relay itself. The department may well have to run it past the university's legal department. Because you are not acting as a university employee, either or both departments may not be willing to make the university liable for possible consequences of a non-employee's actions. I know that, as a systems programmer at the university here, I would never have let anyone out of our group, much less outside of our department, do anything like running a relay on a machine under my responsibility. I wouldn't have risked having to clean up someone else's mess, and my boss would have been apoplectic at the idea. The security issues would have overwhelmed everything. OTOH, you might still get lucky. It would definitely be worth your time to find out whether the university (e.g., through its computer center or library) or some other individual, department, or college office is already running one or more relays. Faculty members at some universities have been known to get special arrangements to run tor relays, even exits, on university- owned equipment. At some schools, faculty members would not likely even be questioned about it. Note, for example, that many individual faculty members and sometimes even (paid) graduate assistants run web servers to publicize their research and results. Note that any networking staff will want to know how much of the available network capacity your networking program (in this case, tor) would require if the decision were to allow it. Asking to run an exit is almost certain to subject your request to legal department scrutiny, so you might consider running a middle/entry node first for some time, say six or twelve months, before asking to upgrade your relay to an exit relay. That would give time to establish your skill at managing a relay, responding well and quickly when problems occur, to become personally known to the staff, and so forth. Once you've established a good reputation with them, they are more likely to oblige you. In any case, best wishes for your attempt. Please let us know whether you pull it off and, if so, what you did that succeeded. Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *xor* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************
On 1 October 2017, AJ Jordan wrote:
Scott Bennett had excellent advice, and I have a few suggestions along the same lines. (I work in a unversity library.) Academic libraries can be very experimental in some of their work, but they are generally risk-averse. (This is good, because they're in the business of preserving knowledge and cultural artifacts for decades and centuries.) There is, I'm afraid, close to zero chance they would let a non-employee student run a server on their network---and running Tor, even a non-exit relay, makes the chances even lower. However, don't give up. I suggest thinking about this as a long-term project that could get you involved with the library, faculty and campus IT. There must be people on campus interested in privacy issues, who know about Tor, and perhaps who have been thinking about running a relay. These people could be librarians or they could be professors or grad students in political science, communcations, journalism, computer science, privacy studies, etc. Find out who they are and approach them! Perhaps there is a student club interested in the same issues---if not, you could start one. Students and student groups advocating for a Tor relay or exit, while demonstrating the importance of Tor and how it fits in with the library's and university's mission, would very much help the project be successful. In other words, your goal is achievable, but I think you'll need different methods. For a long-term Tor relay to run on a library or university server, they will need to be the ones running it, but a student could be the one to help convince them to do it. Connecting Tor to ongoing or potential research would also be a big help. If someone's going to run a server, they'll want to do more than just run it as a service. Along the way, you might get a part-time job out of it, which is always a bonus. If they do workshops on privacy and online security you could help with them, or do peer workshops, etc. (It's a lot easier to tell people about Tor, and show them how to use it, than to run a server, so it's a good first step.) As for where to start, I suggest dropping by the Digital Scholarship Lab. The digital humanities librarian looks like a good person to chat with. http://humanities.lib.rochester.edu/ Good luck! Bill -- William Denton :: Toronto, Canada --- Listening to Art: https://listeningtoart.org/ https://www.miskatonic.org/ --- GHG.EARTH: http://ghg.earth/ Caveat lector. --- STAPLR: http://staplr.org/
If for library regarding preserving knowledge, and other sales tactics.... You might be able to present for supporting an anonymous encrypted storage platform... such as Tahoe-LAFS, MaidSafe, IPFS, Bitcoin full nodes, Zensystem.io, a Wiki, NNTP, there are many more such "store of data / knowledge" things out there to choose from... all over Tor or I2P or CJDNS. For anti-correlation reasons you're not supposed to run some services on the same box as a relay (or even anywhere administratively, logically, or physically near the box), especially if the service running on top does not itself fully encrypt and distribute the data out of reach thus making seizure moot. Depending on that analysis, you could present to also run the relay [on another box] to help supply the 7x bandwidth and cpu impact the onion service has on the relay network. Anonymity overlay networks are nothing in themselves, it's the applications and usage people run over them that makes them useful. If the overlay network itself isn't interesting enough to attract funding / approval / internet / hardware from somewhere, maybe the applications riding on top can be. You could also further tie it into doing some form of research, education, outreach, overview, tech in operation presentations... all "sponsored by: <sponsor>". Many entities will bend over backwards for a free name drop. Or just sell it like a used car dealer... $1000 runs great! Good luck ;)
participants (8)
-
AJ Jordan -
grarpamp -
Jonathan Proulx -
Moritz Bartl -
Scott Bennett -
teor -
Tor Node Admin @ SechsNullDrei.org -
William Denton