Probably just misconfigured. If there are emails attached to the nodes you could try mailing them directly about it.
brwyatt
On Fri, 6 Jan 2012 01:29:42 +0100, "Aurel W." aurel.w@gmail.com wrote:
Hi,
when I browse through the list of relays I find many router names, which correlate in some way, but which don't specify a family in their descriptors.
Just to name a few:
- 2* c5VycfOP
- 3* c516a
- Caldron, Caldron2, Caldron3
- BlgTOR2, BlgTOR
- DwarfHappy, DwarfSleepy, DwarfSneezy, DwarfDopey
- DONATIONxTORx0 - DONATIONxTORx7
and so on,...
is there a reason, why there is such a high number of relays, which fail to specify a family, since this seams rather striking?
aurel _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
(I'm quite new here, but...) If you only run 1 node, is there any reason to set the Family? My reading of https://www.torproject.org/docs/tor-manual.html.en (MyFamily, NodeFamily) suggests that it's not relevant for the 1-node case.
Thanks, Greg
2012/1/5 Tor Relays at brwyatt.net tor@brwyatt.net:
Probably just misconfigured. If there are emails attached to the nodes you could try mailing them directly about it.
brwyatt
On Fri, 6 Jan 2012 01:29:42 +0100, "Aurel W." aurel.w@gmail.com wrote:
Hi,
when I browse through the list of relays I find many router names, which correlate in some way, but which don't specify a family in their descriptors.
Just to name a few:
- 2* c5VycfOP
- 3* c516a
- Caldron, Caldron2, Caldron3
- BlgTOR2, BlgTOR
- DwarfHappy, DwarfSleepy, DwarfSneezy, DwarfDopey
- DONATIONxTORx0 - DONATIONxTORx7
and so on,...
is there a reason, why there is such a high number of relays, which fail to specify a family, since this seams rather striking?
aurel _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
No, there no reason to set MyFamily when you only admin a single node.
That said, I just followed the link you referenced, and it leaves my scratching head a little. The description of NodeFamily is:
"The Tor servers, defined by their identity fingerprints or nicknames, constitute a "family" of similar or co-administered servers, so never use any two of them in the same circuit. Defining a NodeFamily is only needed when a server doesn’t list the family itself (with MyFamily). This option can be used multiple times."
What? Suppose I operate 3 nodes. I could specify
MyFamily $00000000000000000000000000000000,$111111111111111111111111111111,$22222222222222222222222222222222
The doc says:
NodeFamily node,node,…
MyFamily node,node,…
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
On 01/05/2012 09:29 PM, Greg wrote:
(I'm quite new here, but...) If you only run 1 node, is there any reason to set the Family? My reading of https://www.torproject.org/docs/tor-manual.html.en (MyFamily, NodeFamily) suggests that it's not relevant for the 1-node case.
Thanks, Greg
2012/1/5 Tor Relays at brwyatt.nettor@brwyatt.net:
Probably just misconfigured. If there are emails attached to the nodes you could try mailing them directly about it.
brwyatt
On Fri, 6 Jan 2012 01:29:42 +0100, "Aurel W."aurel.w@gmail.com wrote:
Hi,
when I browse through the list of relays I find many router names, which correlate in some way, but which don't specify a family in their descriptors.
Just to name a few:
- 2* c5VycfOP
- 3* c516a
- Caldron, Caldron2, Caldron3
- BlgTOR2, BlgTOR
- DwarfHappy, DwarfSleepy, DwarfSneezy, DwarfDopey
- DONATIONxTORx0 - DONATIONxTORx7
and so on,...
is there a reason, why there is such a high number of relays, which fail to specify a family, since this seams rather striking?
aurel _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
NodeFamily can be specified by a client, if the relays don't specify their MyFamily by themselfs.
aurel
On 6 January 2012 04:27, Steve Snyder swsnyder@snydernet.net wrote:
No, there no reason to set MyFamily when you only admin a single node.
That said, I just followed the link you referenced, and it leaves my scratching head a little. The description of NodeFamily is:
"The Tor servers, defined by their identity fingerprints or nicknames, constitute a "family" of similar or co-administered servers, so never use any two of them in the same circuit. Defining a NodeFamily is only needed when a server doesn’t list the family itself (with MyFamily). This option can be used multiple times."
What? Suppose I operate 3 nodes. I could specify
MyFamily $00000000000000000000000000000000,$111111111111111111111111111111,$22222222222222222222222222222222
The doc says:
NodeFamily node,node,…
MyFamily node,node,…
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
On 01/05/2012 09:29 PM, Greg wrote:
(I'm quite new here, but...) If you only run 1 node, is there any reason to set the Family? My reading of https://www.torproject.org/docs/tor-manual.html.en (MyFamily, NodeFamily) suggests that it's not relevant for the 1-node case.
Thanks, Greg
2012/1/5 Tor Relays at brwyatt.nettor@brwyatt.net:
Probably just misconfigured. If there are emails attached to the nodes you could try mailing them directly about it.
brwyatt
On Fri, 6 Jan 2012 01:29:42 +0100, "Aurel W."aurel.w@gmail.com wrote:
Hi,
when I browse through the list of relays I find many router names, which correlate in some way, but which don't specify a family in their descriptors.
Just to name a few:
- 2* c5VycfOP
- 3* c516a
- Caldron, Caldron2, Caldron3
- BlgTOR2, BlgTOR
- DwarfHappy, DwarfSleepy, DwarfSneezy, DwarfDopey
- DONATIONxTORx0 - DONATIONxTORx7
and so on,...
is there a reason, why there is such a high number of relays, which fail to specify a family, since this seams rather striking?
aurel _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Shouldn't this be treated more seriously? There are literally over 100 high bandwidth relays, which should specify a family but which don't. If you monitor a client, it is very frequently that circuits are built where two relays are clearly controlled by the same person.
As a first try I mailed to two contact email addresses, but I haven't got any response.
aurel
On 6 January 2012 15:07, Aurel W. aurel.w@gmail.com wrote:
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
NodeFamily can be specified by a client, if the relays don't specify their MyFamily by themselfs.
aurel
On 6 January 2012 04:27, Steve Snyder swsnyder@snydernet.net wrote:
No, there no reason to set MyFamily when you only admin a single node.
That said, I just followed the link you referenced, and it leaves my scratching head a little. The description of NodeFamily is:
"The Tor servers, defined by their identity fingerprints or nicknames, constitute a "family" of similar or co-administered servers, so never use any two of them in the same circuit. Defining a NodeFamily is only needed when a server doesn’t list the family itself (with MyFamily). This option can be used multiple times."
What? Suppose I operate 3 nodes. I could specify
MyFamily $00000000000000000000000000000000,$111111111111111111111111111111,$22222222222222222222222222222222
The doc says:
NodeFamily node,node,…
MyFamily node,node,…
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
On 01/05/2012 09:29 PM, Greg wrote:
(I'm quite new here, but...) If you only run 1 node, is there any reason to set the Family? My reading of https://www.torproject.org/docs/tor-manual.html.en (MyFamily, NodeFamily) suggests that it's not relevant for the 1-node case.
Thanks, Greg
2012/1/5 Tor Relays at brwyatt.nettor@brwyatt.net:
Probably just misconfigured. If there are emails attached to the nodes you could try mailing them directly about it.
brwyatt
On Fri, 6 Jan 2012 01:29:42 +0100, "Aurel W."aurel.w@gmail.com wrote:
Hi,
when I browse through the list of relays I find many router names, which correlate in some way, but which don't specify a family in their descriptors.
Just to name a few:
- 2* c5VycfOP
- 3* c516a
- Caldron, Caldron2, Caldron3
- BlgTOR2, BlgTOR
- DwarfHappy, DwarfSleepy, DwarfSneezy, DwarfDopey
- DONATIONxTORx0 - DONATIONxTORx7
and so on,...
is there a reason, why there is such a high number of relays, which fail to specify a family, since this seams rather striking?
aurel _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Shouldn't this be treated more seriously?
How? The Tor admins have to *request* this behavior of relay operators because there's no way to enforce such a rule.
On Monday, January 9, 2012 5:13pm, "Aurel W." aurel.w@gmail.com said:
Shouldn't this be treated more seriously? There are literally over 100 high bandwidth relays, which should specify a family but which don't. If you monitor a client, it is very frequently that circuits are built where two relays are clearly controlled by the same person.
As a first try I mailed to two contact email addresses, but I haven't got any response.
aurel
On 6 January 2012 15:07, Aurel W. aurel.w@gmail.com wrote:
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
NodeFamily can be specified by a client, if the relays don't specify their MyFamily by themselfs.
aurel
On 6 January 2012 04:27, Steve Snyder swsnyder@snydernet.net wrote:
No, there no reason to set MyFamily when you only admin a single node.
That said, I just followed the link you referenced, and it leaves my scratching head a little. The description of NodeFamily is:
"The Tor servers, defined by their identity fingerprints or nicknames, constitute a "family" of similar or co-administered servers, so never use any two of them in the same circuit. Defining a NodeFamily is only needed when a server doesn’t list the family itself (with MyFamily). This option can be used multiple times."
What? Suppose I operate 3 nodes. I could specify
MyFamily $00000000000000000000000000000000,$111111111111111111111111111111,$22222222222222222222222222222222
The doc says:
NodeFamily node,node,…
MyFamily node,node,…
So how would a NodeFamily declaration differ from the 3-node MyFamily example above?
On 01/05/2012 09:29 PM, Greg wrote:
(I'm quite new here, but...) If you only run 1 node, is there any reason to set the Family? My reading of https://www.torproject.org/docs/tor-manual.html.en (MyFamily, NodeFamily) suggests that it's not relevant for the 1-node case.
Thanks, Greg
2012/1/5 Tor Relays at brwyatt.nettor@brwyatt.net:
Probably just misconfigured. If there are emails attached to the nodes you could try mailing them directly about it.
brwyatt
On Fri, 6 Jan 2012 01:29:42 +0100, "Aurel W."aurel.w@gmail.com wrote:
Hi,
when I browse through the list of relays I find many router names, which correlate in some way, but which don't specify a family in their descriptors.
Just to name a few:
- 2* c5VycfOP
- 3* c516a
- Caldron, Caldron2, Caldron3
- BlgTOR2, BlgTOR
- DwarfHappy, DwarfSleepy, DwarfSneezy, DwarfDopey
- DONATIONxTORx0 - DONATIONxTORx7
and so on,...
is there a reason, why there is such a high number of relays, which fail to specify a family, since this seams rather striking?
aurel _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Mon, Jan 9, 2012 at 7:13 PM, Aurel W. aurel.w@gmail.com wrote:
Shouldn't this be treated more seriously? There are literally over 100 high bandwidth relays, which should specify a family but which don't. If you monitor a client, it is very frequently that circuits are built where two relays are clearly controlled by the same person.
As a first try I mailed to two contact email addresses, but I haven't got any response.
In the end its the same. Relay operators who are willing to place MyFamily in their torrc file are not the ones that are going to try to identify you. Malicious relays trying to de-anonimize people are not going to use MyFamily for obvious reasons, and also they will not choose an obvious nick sequence like MetallicaFan1, MetallicaFan2,etc So it seems to me this option has only theoretical benefit, but in practice it's naive. Or maybe I'm missing something
Malicious relays trying to de-anonimize people are not going to use MyFamily for obvious reasons, and also they will not choose an obvious nick sequence like MetallicaFan1, MetallicaFan2,etc So it seems to me this option has only theoretical benefit, but in practice it's naive.
True, but in theory you also have to consider that nodes could get compromised and then it is very likely that a whole family is affected (may be too paranoid for some).
I also wonder if it gets harder to identify a real threat, of a malicious attacker operating many nodes, if there are so many other cases of not-specified families.
The "MetallicaFan1, MetallicaFan2,.." nodes might not be a problem, because no one with a malicious attempt would name nodes like that. But they are an indication, that there might be a bunch of other nodes, without any such strong sings, but which are also operated by one single individual. Because obviously, it's a very common mistake in configuration.
There might be feasible techniques to find suspicious groups of relays, but with all this non specified families, this would be rather pointless.
aurel
aurel
On 9 January 2012 23:39, Javier Bassi javierbassi@gmail.com wrote:
On Mon, Jan 9, 2012 at 7:13 PM, Aurel W. aurel.w@gmail.com wrote:
Shouldn't this be treated more seriously? There are literally over 100 high bandwidth relays, which should specify a family but which don't. If you monitor a client, it is very frequently that circuits are built where two relays are clearly controlled by the same person.
As a first try I mailed to two contact email addresses, but I haven't got any response.
In the end its the same. Relay operators who are willing to place MyFamily in their torrc file are not the ones that are going to try to identify you. Malicious relays trying to de-anonimize people are not going to use MyFamily for obvious reasons, and also they will not choose an obvious nick sequence like MetallicaFan1, MetallicaFan2,etc So it seems to me this option has only theoretical benefit, but in practice it's naive. Or maybe I'm missing something _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org
-
Aurel W. -
Greg -
Javier Bassi -
Steve Snyder -
Tor Relays at brwyatt.net