[tor-relays] Grouping cloud relays running within same provider

mr.curtis at urssmail.org mr.curtis at urssmail.org
Sat Apr 19 13:31:44 UTC 2014

> In its default configuration, Tor ensures that each relay in a circuit
> belongs to another /16 subnet (cf. Tor Path Specification [1], section
> "2.2. Path selection and constraints"). However, in the case of Amazon
> EC2, this constraint does not suffice as Amazon uses IP addresses from
> several different /16 subnets.

As does all of the bigger VPS providers that have connectivity in multiple
countries. But the servers themselves are probably centrally managed
by one company entity -- typically in the US. I would not be surprised
if a single evil sysadmin could access any hypervisor machine having Tor
relays running on them and steal their keys, without the relay operator
noticing anything.

More information about the tor-relays mailing list