[tor-relays] 4 of Conrad Rockenhaus trial servers are in the top ten exit relays for Canada

Nathaniel Suchy me at lunorian.is
Tue Aug 28 00:47:46 UTC 2018 

Jordan,

Tor will already avoid making circuits where two IP Addresses in the same
/24 are involved. The research in this paper (
https://www.freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf) is
becoming more relevent and is worth discussing as more ISPs come out with
the goal of hosting lots and lots of exit relays.

Lives are involved and we've invested a lot of time in protecting our
infrastructure. tCould Conrad and I go rouge and collect relay keys? Yes we
have the technical capability to access data on any virtual machine hosted
on our infrastructure, but so could DigitalOcean, Scaleway, BuyVM, and the
several other big ISPs hosting exit relays on Virtual Machines.

> There is little administrative overhead for Conrad to distribute a
MyFamily directive for use with relays hosted on his systems.
*Two things:*
1) Today, sure, I guess its easy, what if we have 100 or 1000 clients
tomorrow all hosting exit relays. It suddenly gets much more complicated
than it was at first. Why aren't people asking Digitalocean and Scaleway to
do the same? After all Digitalocean and Scaleway have way more staff who
could be dedicated Tor relay managers. See the logic here?
2) We can't force our clients to modify their MyFamily directive in their
torrc files. There's the possibility they refuse to modify.

In the end, it's about trusting your provider. Tor's threat model shouldn't
rely on hosting providers playing nice. It should continue to rely on the
continued split of trust. Although, better path selection could play in
here :)

Cordially,
Nathaniel Suchy

On Mon, Aug 27, 2018 at 8:37 PM Jordan <jordan at yui.cat> wrote:

> >> No, because Digital Ocean doesn't market itself as a relay hoster-- the
> >> percentage of relay-hosting clients wouldn't even near 0.1%.
> >
> > What difference does that make?
>
> You quoted it, you can read it again if you'd like.
>
> There is little administrative overhead for Conrad to distribute a
> MyFamily directive for use with relays hosted on his systems.
>
> I care not for petty back-and-forth's when lives are at stake, sorry.
>
> --
> Jordan
> https://yui.cat/
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180827/04760008/attachment.html>

More information about the tor-relays mailing list