[tor-relays] I would like to help.

12xBTM 12xbtm at gmail.com
Wed Mar 30 21:36:46 UTC 2016 

A Pi 2 or better could saturate your average <100Mbit/s each way home 
connection running as a middle node. However, the Pi won't have any more 
processing power to spare for anything else, at least that's how it was 
with my Pi 2.

On 30.3.16 1:22, brightsidedarkside wrote:
> Hey Genral G,
>
> as far as I see, you plan to use your home connection for your 
> contribution.
> First of all: thanks for volunteering! [Although I'm not Mr Competence 
> nor Mr InnerCircleofTrust.]
>
> You should not at all run an exit if you can't, i.e. having a 
> dedicated IP with lots of traffic and a provider being fine with Tor 
> exits (which is absolutely not easy to find).
> Under no circumstances run an exit on your home connection (and not 
> with a PI).
> Why? An exit always seems to be the origin of all activity running 
> over it.
> So, every abuse complaint concerns the exit in question. Your 
> favourite law enforcement authority will visit you kindly (based on 
> different values).
> Another point is that IPs from exits are often blocked by webmasters, 
> so even if you don't use Tor for yourself, you won't be able to access 
> certain sites from your home connection any more.
> An exit must be a dedicated server with enough power in terms of traffic.
> I only have legacy PIs, but I can't imagine a recent PI would do the 
> job - at least on my PIs, literally everything including the network 
> is USB-bottlenecked, it won't even stream blue ray quality.
> Exits are not so widespread which means they see literally all the 
> traffic going through the network.
>
> So, you have to decide whether you run a relay or a bridge.
> A bridge helps people in censored and/or oppressive areas because a 
> bridge's IP is not publicly available and therefore is not so likely 
> associated with the Tor network.
> Furthermore, you can setup pluggable transports that obfuscate traffic 
> so a censor can't easily tell a user connects to the tor network.
> All of this is favourable for users in legislations where the sheer 
> use of Tor is sufficient for prosecution, be based on laws or by pure 
> arbitrary will.
> A bridge sees users, but not the huge gigs of traffic, so it suggest 
> it to be the choice for a PI on a home connection.
> It's not likely ordinary criminals from our own homes use bridges - 
> for them, it's legal to use relays that provide the same amount of 
> anonymity and, furthermore, are easier (automatically) to connect to.
>
> I run a bridge and it's the time of political change that drives my 
> users based on statistics.
> A bridges IP is assigned to one of three pools and potential users can 
> request up to three bridge IPs at a time.
> This makes the overall amount of bridges unknown and prevents blocking 
> all of them.
>
> A relay provides the same amount of anonymity, but is aimed at users 
> in legislations letting them legally want to seek anonymity.
> The IPs are publicly available and therefore the avarage western user 
> usually connects automatically, i.e. to a relay.
> Relays see more traffic than bridges and a reason might be the often 
> found better infrastructure in democratic countries including the 
> according offers like high bandwidth streaming.
> On a home connection, abuse complaints and prosecutors won't come for 
> you running a middle relay.
> But, as IPs are public, some webmasters even block all Tor IPs 
> although this affects only the relays' operators as no Tor traffic 
> exits a middle relay.
> This means that you might be restricted from services even if you 
> don't use Tor for yourself which could make your home connection 
> partially useless for your purposes.
>
> Also, I'm "not quite sure" a PI could stand the traffic and I have no 
> experience in setting up a stable relay on a PI without 
> unresponsiveness errors appering in the logs.
> Search this mailing list for answers, the problem seems to be common.
>
> The next question would be if you want to use Tor for yourself.
> I strongly suggest parallel use of Tor Browser Bundle for your own 
> purposes as your PI probably isn't your everyday dektop.
>
> If run on a unixoid desktop, you would have the possibility to set up 
> a virtual address space and iptables rules to route the whole traffic 
> of a given user including DNS queries through Tor although there's a 
> caveat in kernel package filter resulting in leaks under certain 
> circumstances. Tor wiki addresses this topic.
>
> The third possibility would be to route your whole network including 
> smart tv und DVD players through tor.
> Apart from increased network latency and a PI being slow, you're not 
> anonymous if you send any personal identifiable information over the 
> network.
> In this scenario, this would affect your whole network.
>
> My personal opinion is to forget about the concept of plug and forget 
> and not to be surprised about the concept of ingnorance and surprise.
>
> I would suggest you rely on the wiki.
> First, it's very good and second, you can't yet judge information 
> provided by people like me doing here.
>
> I can't give you a quick introduction to linux administration.
> I don't know if "noob" relates to Tor or to Linux in general.
> As for Tor, you find an easy setup for a bridge or relay in the wiki, 
> and for heavens sake, the most important option is "Exitpolicy reject 
> *:*" in order to prevent obstacles you don't want to face at the 
> beginning. Everything else just causes malfunction at worst.
>
> So, the powepoint abyss ends here and the interesting stuff begins.
> Note: you should be familiar with opening ports in your 
> router/firewall and forwarding them to your PI.
> First, do this:
> https://www.torproject.org/docs/debian.html.en#ubuntu
>
> Now this if you want a relay (not a bridge):
> https://www.torproject.org/docs/tor-doc-relay.html.en
> Notice: on linux, your config is in /etc, so look there for your torrc 
> or a tor subfolder.
>
> On the command line, "ls" lists a directory, "ls -al" shows even the 
> hidden files and sizes and ownership.
> "cd" changes directory. "cd /etc" would jump to /etc. "cd .." would 
> jump to parent directory. Notice the blank space after cd.
>
> Keep this in mind:
> https://www.torproject.org/docs/tor-relay-debian.html.en#after
> If you want overall automatic updates, I could deliver that later on, 
> it would make this mail even longer.
>
> If you want a bridge:
> https://www.torproject.org/projects/obfsproxy-instructions.html.en#instructions 
>
>
> I suggest also offering scramblesuit as not all puggable obfuscation 
> always works for every user.
> This would affect the following line:
> ServerTransportPlugin obfs3,scramblesuit exec /usr/local/bin/obfsproxy 
> managed
> I use Ubuntu and for us privileged, the toproject repository already 
> offers pluggable transport via normal install and then, scramblesuit 
> is already available.
> I'm not sure about debian, torproject debian repos lack that python 
> pluggable transport library.
>
> And of course, that would need another port forwarded in your 
> firewall. The procedure is the same as in obsproxy instructions link.
>
> As I don't know about your noobiness, I suggest you install nano 
> first, a command line text editor suitable for beginners.
> Believe me, vi is hell, but not in Sartre's terms, there are no 
> others, just hell and you stuck in it.
>
> sudo apt-get install nano
>
> After that, you can type "sudo nano /etc/torrc" (always without 
> quotation marks) to edit your tor config.
> If it's not there, serach for a torrc.
> Do "sudo updatedb" and wait.
> then type "locate torrc" and remember the path.
>
> In order not to have to sudo every time to gain administrative 
> privileges, type "su" or "sudo -i".
>
> I hope this helps a bit.
> Have fun with Tor and hopefully linux.
>
> Greetings
>
> christian
>
> Am 30.03.2016 um 03:53 schrieb Generalgrievous:
>> I have a Banana Pi that I would like to use to help the TOR network.
>> I have installed Debian-Jessie and started researching the process 
>> for setting
>> up relay, even an exit.  I am a total noob, but willing to learn.  If 
>> someone is willing to help me step by step, I would be excited to 
>> help. I've tested my internet speed,  Download average 60 mbps, 
>> Upload avreage 6 mbps,
>> If I would be more of a hindrance than a benefit, please say so, no 
>> hard feelings.  Located Central CA.
>>
>>         General G.
>>
>> Sent from ProtonMail <https://protonmail.com>, encrypted email based 
>> in Switzerland.
>>
>>
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160330/1b2c7147/attachment-0001.html>

More information about the tor-relays mailing list