[metrics-team] Q&A about onionoo.torproject.org/details

Mon Oct 28 16:34:17 UTC 2019

On Mon, Oct 28, 2019 at 10:58:41AM +0200, Владислав Прачик wrote:
> Hello.
> I started using "onionoo.torproject.org/details" and I get confused by a few
> points. I would be very grateful if you help me with this.
> 
> 1) There are less than 1200 bridges on the metrics.torproject.org/
> networksize.html bar, but about 1600 bridges on onoooo.torproject.org/
> details. How is this possible?

I think this is because networksize.html only shows bridges that are
running. On the right side of https://metrics.torproject.org/networksize.html
you will find a link to https://metrics.torproject.org/reproducible-metrics.html#servers
which says under "Running Bridges," "If there is no 'Running' flag, skip
this entry."

If you filter Onionoo by only bridges that are running, you should get
numbers that match.
$ curl -s https://onionoo.torproject.org/details?type=bridge | jq '.bridges|length' 
1821
$ curl -s https://onionoo.torproject.org/details?type=bridge | jq '.bridges|map(select(.running))|length'
1217

> 2) Why https://metrics.torproject.org/rs.html does not display information
> and bridges although on "onionoo.torproject.org/details" it is completely
> accessible to everyone.

How are you searching on rs.html? You need to search by nickname,
fingerprint, or hashed_fingerprint. Searching by IP address won't work,
because the IP addresses in Onionoo are fake.

> 3) Why are you distributing information about all bridges to
> "onionoo.torproject.org/details". This incredibly simplifies their blocking.
> Torproject writes that the idea of bridges is that at once they are not
> accessible. And onionoo.torproject.org/details seems to provide, if not all
> bridges, then obviously a very large part of them.

The IP addresses and ports of bridges in Onionoo are fake (sanitized).
You can't use it to make a blocklist.

https://metrics.torproject.org/onionoo.html#details_bridge_or_addresses
"Sanitized IP addresses are always in 10/8 or [fd9f:2e19:3bcf/48] IP
networks and are only useful to learn which IP version the bridge uses
and to detect whether the bridge changed its address. Sanitized IP
addresses always change on the 1st of every month at 00:00:00 UTC,
regardless of the bridge actually changing its IP address. TCP ports are
not sanitized."

The documentation says that port numbers are not sanitized, but I
believe that is an error since https://bugs.torproject.org/19317.

> 4) It is stated that this list includes bridges from BridgeDB. How do you get
> them? I checked, and the bridges that BridgeDB were given to me during the day
> are not on this list. Why?

Try searching by fingerprint, if you haven't tried that already.

> 5) What bridges are not published in this list. And if so, how can I find out
> the approximate number of all bridges in the world?

Some people may run their own private bridges that do not report to the
Tor bridge authority. You can do this by setting
"PublishServerDescriptor 0" in torrc, for example.

> 7) The consensus is published every hour, but it seems that
> https://onionoo.torproject.org/details is being updated at a slower
> rate. What is the reason for this?

I don't know the answer to that. I believe that Onionoo is meant to be a
convenience service. If you are doing serious data processing and need
an archive of past data, you will need to use descriptor documents
directly.