[tor-dev] [tor-relays] Relays running an unsupported (EOL) Tor version

grarpamp grarpamp at gmail.com
Thu Oct 28 18:53:04 UTC 2021

> mpan:
>> Is there any data available that sheds light on
>> why operators run outdated versions

Besides latent OS packages, or being busy, or simply not
updating things, those are natures of computing world anyway...
or having no network operations crypto-monetization model as
some nextgen p2p overlay-exit networks are now working with...
there can be other reasons people may run different versions...

tor the software is different from from Tor Project Inc.
The software is opensource and BSD licensed. Thus anyone
may copy, run, share, redistribute, fork, modify, support it,
create and vote in any consensus, run relays, run more
networks than just tor on their nodes, run services, etc,
completely without involvement from, and indeed in full
disregard of whatever Tor Project Inc and its people may say.
The tor protocol, code, and operational network are not
the property of Tor Project Inc, nor are its operators
and users under its command and control.
tor's users may run whichever of the many tor client implementations
they wish to run, and may run whatever protocols, applications, and
uses over the tor network that they wish.
tor's relay operators and dirauths are free to run and support
the running of older, different, forked, or project protocol addition
enhancement or migration versions, in part in order to support features
that some of the entire global userbase of tor are using, and have
no good replacement for, or may wish to develop apps to, and run
them upon or over, such features and capabilities in the future.

Such as the censored topic of v2 onions with OnionCat,
OnionVPN, etc in order to continue or design, deploy, and
run new p2p apps comms, etc over those, ie...


So a large number of relays may be freely and rightly choosing,
as is their right if they wish, to continue running a v2 onion version
for that.

And overlay nets have some great uses, some examples
of which Tor Project advertises, such that those users or
even operators may prefer not to post, so you may want to
consider some of those good uses for them in their stead,
even ones that are dependent on such versions.

And another topical fact re versions, which will be censored, is
that attackers do falsify their version strings, and a lot more, in
order to run whatever custom exploits they want against the network.
And that Traffic Analysis and Sybil attacks nodes are real and in use.
And that there is no longer sufficient warning and ongoing visibly
posted education on these and other matters, in particular
at point of download, install, splashpage, and frontpage...
even some warnings were removed... versioned away.
These are the sort of lack of info that can put users at severe risk.
Tor Project Inc is censoring embarassing or simple facts / info.
And is now attempting to silence and kill useful and in use features
and future application possibilities based on them, whitewashing
them with handwavy vague absolutist claims such as "old" or
"insecure", instead of creating detailed comparisons for users.
tor's users and operators are the ones who get to choose their own
versions, and use appropriate features / freedom / security tradeoffs,
not by the sole dictate of Tor Project Inc.
Which by the way is funded to $Millions per year so that is not
an argument to killing otherwise modularizable features either,
but may be why there are insufficient disclaimers, and censors.

On 10/28/21, Georg Koppen <gk at torproject.org> wrote:
> I don't think we have [...] feedback

Well when Tor's hypocrites, liars, and frauds are censoring feedback
etc off all their "bricked up" fora, full stop. Thus their users and operators
are missing information and topical discussions may hardly flourish
can they in an environment of censor, chilled, and steered speech.
The censorship of conversation on tor by Tor Project Inc and its people...
while publicizing claims to cherish and uphold Free Speech ideals...
is blatantly hypocritical, and it must end.

More information about the tor-dev mailing list