[tor-relays] Go home GeoIP, you're drunk.

[teor]

> On 6 Aug 2017, at 02:38, Alexander Nasonov <alnsn at yandex.ru> wrote:
> 
> Ralph Seichter wrote:
>> I moved a Tor relay to new hardware, keeping the keys. Both old and new
>> server are located in Germany and provided by the same hosting company.
>> After the latest Atlas update, I was surprised to see that the IPv4
>> address is listed as belonging to an AS in Ukraine. A little more
>> digging returned Guangzhou, China, as the supposed location based on the
>> server's IPv6 address.
> 
> A bit off-topic but after updating the client to 0.3.0.10 I noticed that
> torstatus.rueckgr.at some times reports US based exits which are excluded
> by my config (ExcludeExitNodes {US}).

Different GeoIP sources have different country allocations.

Also, this option only blocks exit nodes with ORPort addresses in the US.

For example, I run an exit in Canada, where some addresses were allocated
from an Canadian block, and others were allocated from a US block. So if
I wanted to, I could ORPort on a Canadian address, and Exit on a US one.

> Not a big deal for me but GeoIP
> manupulation is a potential attack vector to reveal identities of people
> who try to avoid certain countries.

Behaving differently to most tor clients has always been a
fingerprinting vector.

We need more research on how to exclude some nodes for some users
safely. (It might not even be possible to do it safely.)

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170807/e853b0f2/attachment-0001.sig>