[tor-relays] 130 "11BX1371" relays joined on 2015-10-30
ncl at cock.li
ncl at cock.li
Sun Nov 1 17:41:44 UTC 2015
Tom van der Woerdt:
> Should they actually be blocked though?
>
> I mean, it's a lot of relays, but they're also contributing actual exit
> bandwidth and it's not like they're spread over hundreds of /16s.
I was just about to write a bit of clarification actually:
They shouldn't be in a position to be able to really de-anon anyone via
sybil, the oldest relays seem to be 3 days old, so there's still at
least another 4 until they can get Guard, and that will still take a
while to get users on it. Not to mention tor doesn't build circuits with
more than one node on the same /16 (although now this batch has taken on
another range)
Though, they could have already set up a number of guards prior to this
that may not be obviously linkable to the same entity.
Assuming this is not the case, for now they just have a better advantage
at sniffing/injecting as an exit, but you should already be (trying to)
use encryption as much as possible.
With intentions and scenarios unknown, it could also be someone who
wants to help, there /was/ a call for exits not too long ago, after all.
So, If you're a relay, you shouldn't bother trying to filter these, the
Authorities should figure it out.
If you're a client, I guess that's up to you, there might not be a whole
lot of benefit if you do.
More information about the tor-relays
mailing list