[tor-relays] 7 relays gone because of spammers

[Thomas White]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As a due note, anything above say 16 characters offers only
theoretical protection really and making it too difficult to remember
(ie making you write it down or store it elsewhere) can decrease the
security.

Also, too much "hardening" can be a bad thing. Me and my partner in
running our services (s7r) take care not to go overboard on security
and matters. Get the ssh to disable root, allow for a specific
non-generic user only, use pub-key authentication, non-standard ports
and basic hardening on things like webservers and you're golden. We
have never had real problems with this simple approach and if we have
ever suspected a breach we would simply reinstall the whole system.

Regarding OVH: I have a very good relationship with OVH and have a
partner agreement in place with them at the moment (my company
launches in the coming weeks). Generally the agreement I have is that
they will host whatever is legal - nothing more nothing less, so I am
quite surprised at this hair trigger sensitivity. I'll bring the
matter up with them if that's ok with you, and see if I can get the
senior support people to look into it since they generally have much
more power than retail support staff. Of course still proceed with the
chargeback even if you are happy for me to do this, but for what it's
worth extracting a definitive statement from them regarding Tor can't
hurt.

T

On 26/02/2015 15:41, Speak Freely wrote:
> justaguy,
> 
> Seriously, who cares?
> 
> The relays are gone. I just checked the passwords now. If you'd
> like, I will email you all the passwords - as it doesn't matter.
> They have no value as they are protecting nothing.
> 
> 
> Oh no, I checked the password strength of a dead relay...  the
> heavens will fall as the ether's protective shield collapses
> against the weight of my egregious stupidity...
> 
> 
> 
> Speak Freely _______________________________________________ 
> tor-relays mailing list tor-relays at lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

- -- 
Activist, anarchist and a bit of a dreamer.
Keybase: https://keybase.io/thomaswhite

PGP Keys: https://www.thecthulhu.com/pgp-keys/
Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
Key-ID: 0CCA4983
Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
Key-ID: EF1009F0

Twitter: @CthulhuSec
XMPP: thecthulhu at jabber.ccc.de
XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBAgAGBQJU70NYAAoJEFwqjFoMykmDqDcP/2C81QXHukdAt1qFnC/QFvlP
hMaCS2I+T5WVBGEIEkAyY6U0e4pOmAa97OGW5U5VrysojLPKlZR4HL3vcxI2Gl9e
RvKbzo/PtYww4k1U4fkhD3rLmpoiDYRO68y3nAwib/ZmPEyDZlppzt7134GKQ2Xz
d3o9alV+JuCLE8p22V4g4Y7uR9+aTs4YqWk17uCmx7L/IIqWi2hp/EeGxwyi1G8m
53cMKfU0OwXim+HtcDDVu1CUv/NPRK3rmf+VouzgcXaRdu3iDbeHjeLddbJRtmek
ncylP3o44MnPODuqLdmXZnC6h5KZN4ww5qJ7AHULITFQvXyBfxy3cigMU9Ytiz1i
tPP2VlAj7r1YvuUgighj4s6mNWGhRI1VltBqFrmlJX/r+XBmjrDRpr0hY3WI4/h/
HKZsZdHsoyP//632kcoXJKLAu4EHD9850N6qKCCv18mL9frzgjt+bZfTVHsgZCK0
lo8oG3NyglgKBXRYw3bqC4Bd9OpONLAMKkA1N3zpUwQIUTvlLioic6nq4KZ5u9+I
1ghPpchIpboPTl4mcshWXkHDrowxrHRJP6KP5RVWD1y2WyV5TuQgOj4dp/AeU+H6
Ng3Cd9JBV4uw0qf9Cx/6i+EZOQoj3CqhyhmdsR19TXJaQogXMtB3PyQGIDBCaJGE
umqkwU9EzMxDndV6QLSX
=J2fe
-----END PGP SIGNATURE-----