[tor-relays] Platform diversity in Tor network [was: OpenBSD doc/TUNING]
Daniel Jakots
vigdis+tor at chown.me
Wed Nov 5 17:28:35 UTC 2014
On Wed, 05 Nov 2014 10:35:01 -0500, Libertas <libertas at mykolab.com>
wrote:
> Agreed. Thanks for pulling together the statistics, too. However, I'd
> like to make an argument for OpenBSD specifically.
>
> It isn't very inviting for people
> that don't know at least intermediate Unix.
You're wrong, OpenBSD's documentation (and other BSDs' too) is awesome.
I learn to use Unix systems with OpenBSD.
> It's possible that governments like China's are trying to hack Tor
> relays in an attempt to deanonymize users. It's almost definite that
> malicious hackers try to break into exit nodes to troll traffic. Even
> an up-to-date, hardened Linux or FreeBSD system probably can't weather
> all such attacks. For such a simple, single-use, security-critical
> application, something as sturdy and impenetrable as OpenBSD is the
> best option.
You have to find OS vulnerabilities when the sysadmin does the job
correctly. You think that all the relays have their (for instance) sshd
configured correctly? (like PermitRootLogin set to no, no password
and so on). And that's only one daemon.
> I would love to start a larger conversation about running Tor on
> OpenBSD. I've been considering making a guide describing the process.
> However, that violates the OpenBSD philosophy to some extent.
What?
One of the point of OpenBSD is to provide a correct documentation. The
only problem is people asking for stuff which is already written down in
the FAQ or in the man page.
Just write the guide, I'd be happy to review it. You can even
ask for help on the Tor-BSD mailing list[1].
[1]: http://lists.nycbug.org/mailman/listinfo/tor-bsd
Cheers,
Vigdis
More information about the tor-relays
mailing list