[tor-relays] NSA knew about Heartbleed

Mateusz Błaszczyk blahu77 at gmail.com
Sun Apr 13 18:08:36 UTC 2014 

I am wondering that another effect of the heartbleed was increased TLS overhead, that I saw many times also before April-7.
Unfortunately I do not store more than 7 files worth of logs:

Apr  1 02:50:23 localhost Tor[394]: TLS write overhead: 7%
Apr  1 08:51:35 localhost Tor[394]: TLS write overhead: 7%
Apr  1 14:52:45 localhost Tor[394]: TLS write overhead: 7%
Apr  1 20:53:52 localhost Tor[394]: TLS write overhead: 7%
Apr  2 02:55:02 localhost Tor[394]: TLS write overhead: 7%
Apr  2 08:56:08 localhost Tor[394]: TLS write overhead: 7%
Apr  2 14:57:20 localhost Tor[394]: TLS write overhead: 7%
Apr  2 20:58:28 localhost Tor[394]: TLS write overhead: 7%
Apr  3 02:59:37 localhost Tor[394]: TLS write overhead: 7%
Apr  3 09:00:44 localhost Tor[394]: TLS write overhead: 7%
Apr  3 15:01:53 localhost Tor[394]: TLS write overhead: 7%
Apr  3 21:03:04 localhost Tor[394]: TLS write overhead: 7%
Apr  4 03:04:12 localhost Tor[394]: TLS write overhead: 7%
Apr  4 09:05:22 localhost Tor[394]: TLS write overhead: 7%
Apr  4 15:06:30 localhost Tor[394]: TLS write overhead: 7%
Apr  4 21:07:39 localhost Tor[394]: TLS write overhead: 7%
Apr  5 03:08:49 localhost Tor[394]: TLS write overhead: 7%
Apr  5 09:09:58 localhost Tor[394]: TLS write overhead: 7%
Apr  5 15:11:06 localhost Tor[394]: TLS write overhead: 7%
Apr  5 21:12:16 localhost Tor[394]: TLS write overhead: 7%
Apr  6 03:13:24 localhost Tor[394]: TLS write overhead: 7%
Apr  6 09:14:33 localhost Tor[394]: TLS write overhead: 7%
Apr  6 15:15:42 localhost Tor[394]: TLS write overhead: 7%
Apr  6 21:16:52 localhost Tor[394]: TLS write overhead: 7%
Apr  7 23:43:41 localhost Tor[523]: TLS write overhead: 6%
Apr  8 05:43:41 localhost Tor[523]: TLS write overhead: 6%
Apr  8 11:43:41 localhost Tor[523]: TLS write overhead: 6%
Apr  8 23:06:23 localhost Tor[58851]: TLS write overhead: 41%
Apr  9 05:06:23 localhost Tor[58851]: TLS write overhead: 37%
Apr  9 11:06:23 localhost Tor[58851]: TLS write overhead: 29%
Apr  9 17:06:23 localhost Tor[58851]: TLS write overhead: 23%
Apr  9 23:06:23 localhost Tor[58851]: TLS write overhead: 19%
Apr 10 05:06:23 localhost Tor[58851]: TLS write overhead: 18%
Apr 10 11:06:23 localhost Tor[58851]: TLS write overhead: 14%
Apr 10 17:06:23 localhost Tor[58851]: TLS write overhead: 8%
Apr 11 02:00:13 localhost Tor[65758]: TLS write overhead: 6%
Apr 11 08:00:13 localhost Tor[65758]: TLS write overhead: 5%
Apr 11 14:00:13 localhost Tor[65758]: TLS write overhead: 5%
Apr 11 20:00:13 localhost Tor[65758]: TLS write overhead: 5%
Apr 12 02:00:13 localhost Tor[65758]: TLS write overhead: 5%
Apr 12 08:00:13 localhost Tor[65758]: TLS write overhead: 5%
Apr 12 14:00:13 localhost Tor[65758]: TLS write overhead: 5%
Apr 12 20:00:13 localhost Tor[65758]: TLS write overhead: 5%

Especially as it looks to be highly increased after the release of the vulnerability.
I am not sure I am on right track but it does look suspicious.

-mateusz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20140413/c394bfa6/attachment.sig>

More information about the tor-relays mailing list