[tor-relays] Verizon AS701 blocking Tor consensus server tor26 (86.59.21.38)
Roger Dingledine
arma at mit.edu
Wed May 16 15:05:29 UTC 2018
On Tue, May 15, 2018 at 08:12:50PM -0400, Neel Chauhan wrote:
> Hi tor-relays mailing list,
>
> I have noticed that the Tor consensus server tor26 (https://metrics.torproject.org/rs.html#details/847B1F850344D7876491A54892F904934E4EB85D)
> is blocked on Verizon's UUNET (AS701) backbone, and therefore, Verizon's
> retail services like FiOS and Wireless.
I've been assuming the reason is something like wannacry: the wannacry
malware shipped with a Tor client, which means if you watch its behavior,
one of its early steps is to bootstrap into the Tor network. So my
bet is that some Verizon analysis person watched it bootstrap, and saw
the connection to tor26, and decided to blacklist tor26 network-wide in
order to protect their customers from wannacry... and then of course they
moved on to something else and they never realized (still don't realize)
that their block rule had anything to do with Tor.
This reminds me of the Australian dentist website story, where the
dentist website ended up on the nationwide censorship list, presumably
because the website was compromised and serving malware at the time
they made the list -- but then once they'd cleaned up the website, it
turned out there was no mechanism for being removed from the blocklist,
because nobody had ever thought of that side of the issue.
The fix (if my theory is right) would be to reach whatever engineer made
this leap, and teach them about Tor. But it will be extra challenging
because they don't even know that there's something they need to learn.
--Roger
More information about the tor-relays
mailing list