[network-health] Tor relay "1chandotus" publishes bandwidth at high granularity?
Roger Dingledine
arma at torproject.org
Tue Oct 15 07:24:16 UTC 2019
On Mon, Oct 14, 2019 at 10:16:33AM -0700, Trevor Slocum wrote:
> Hey Roger, thanks for the heads up regarding this vulnerability. I am simply using the default netdata config and don't really need the networking IO, if I remove that completely and leave CPU/Mem/etc. would that resolve this?
Hm! Well, it would make the research questions more complicated. That's
sort of like resolving it, but not quite the same. :)
For a recent paper looking at bandwidth correlation from published data,
see https://www.freehaven.net/anonbib/#dropping-pets2018
My guess is that CPU load is some sort of approximation of bandwidth
use. And changes in memory use might be correlated too.
So I would say to actually resolve the issue, no, please don't publish
fine-grained load statistics about your relay, even if they're only
indirect bandwidth statistics.
To be fair, to some extent people can measure these things about your
relay on their own, e.g. by sending ICMP ping packets or by sending
in-protocol Tor cells that generate a response. But that's still an active
thing that they need to do to your relay, and they need to be doing it at
the time of the data they want, which might be before they realize they
want it. It *probably* won't matter, but a lot of maybes add up over time.
--Roger
More information about the network-health
mailing list