[tor-relays] unflagged BAD EXIT nodes

Damian Johnson atagar at torproject.org
Sat Jul 4 19:12:29 UTC 2015


> I find it more worrying that we do not "hear" about the 'more serious
> attacks' that keep them busy and don't allow them to look into i.e.
> 'AviatoChortler' (even after a few weeks). That might mean that there
> is a constant stream of 'more serious attacks' (without information I
> can only guess).

... or it could also be that we're simply spread too thin. ;)

Bad relay detection is a space that doesn't traditionally get much
focus. Presently Philipp is the only person investing time here, and
he both has a day job and would prefer to do more interesting things
(like write code!) in his free time.

As I see it there's three areas that need to be improved in this space...

1. Bad relay detection. Philipp's ExitMap [1] and my naive sybil
checker [2] are the only automated checks I'm aware of right now. That
leaves a lot of room for improvement.

2. Openness. Traditionally there's been some contention about where to
draw the line between openness and secrecy. Personally this is what
turned me off to this space [3]. Thankfully Philipp's moving us toward
being a little less secretive. [4]

3. Responsiveness. To get a relay flagged we need to persuade
directory authority operators to manually intervene by editing their
torrc. I get the impression all the dirauths that vote on BadExit now
use Philipp's git repository so hopefully this is better than it once
was.

All this is to say 'help welcome!'. If this is a space you truly care
about then please make it better! Philipp can best say where more
hands would be useful.

Cheers! -Damian

[1] http://www.cs.kau.se/philwint/spoiled_onions/
[2] https://gitweb.torproject.org/doctor.git/tree/sybil_checker.py
[3] see the 'As of April 2013 this list is no longer being maintained'
note on https://trac.torproject.org/projects/tor/wiki/doc/badRelays
[4] https://trac.torproject.org/projects/tor/ticket/13302


More information about the tor-relays mailing list