[tor-relays] Onionoo bandwidth recording stopped?

teor teor2345 at gmail.com
Sun Jan 21 16:12:07 UTC 2018 

> Gesendet: Samstag, 20. Januar 2018 um 17:06 Uhr
> Von: "Iain Learmonth" <irl at torproject.org>
> An: tor-relays at lists.torproject.org
> Betreff: Re: [tor-relays] Onionoo bandwidth recording stopped?
> Hi,
> 
> On 20/01/18 10:25, Ralph Wetzel wrote:
> > As a consequece, I'll consider implementing a recording function into
> > The Onion Box.
> When you do this, please make it clear to users that making their
> fine-grained bandwidth usage information public may harm the anonymity
> properties of the Tor network.

> On 21 Jan 2018, at 04:03, Ralph Wetzel <theonionbox at gmx.com> wrote:
> 
> Isn't this an inherent contradiction?

No. Making bandwidth information public makes it easier to link onion
services with their guards. It might also allow other kinds of attacks.

We think it's safe to release a daily bandwidth figure for each relay.
Or, more precisely, relays publish daily bandwidths so we can do
bandwidth measurement and statistics. We don't like releasing that
level of data, but it would take a lot of development effort to do it
differently.

> If someone exposes his bandwidth usage information to public access, he already harmed the anonymity of *his* relay.

Relays are not anonymous.

Anonymity is a property of the Tor network, not individual relays.
But individual relays can compromise the anonymity of clients that
build paths through them, by making it easier for adversaries to find
a client using that client's traffic.

> Yet, as the bandwidth recording & display is local to the monitoring instance (with no API provided),

I see screenshots of bandwidth on Twitter.
And publicly available munin pages on relays.
You might be surprised what people release.

> even if disclosed to public access, the harm is - according to my understanding of the matter - limited to the node(s) monitored, if at all. How does this (local situation) 'harm the anonymity properties of the [whole] Tor network'?

Relays are not anonymous.
Releasing detailed bandwidth can harm the anonymity of clients.
See above.

T
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20180122/d29de167/attachment.html>

More information about the tor-relays mailing list