[tor-relays] Article: The Growing Problem of Malicious Relays on the Tor Network

Wed Dec 11 10:23:30 UTC 2019

Hi!

Let me use this mail to reply to both niftybunny's and Dirk's points as
they are kind of related.

niftybunny:
> The main issue I see here is the 10%. Thats a really big chunk. They were bigger than me :(  I also mailed the Tor Project after Nusenu did not receive an answer. This has to be much faster in the future.

We plan to make needed improvements here, yes, see below.

>> On 9. Dec 2019, at 20:26, Dirk <tor-relay.dirk at o.banes.ch> wrote:
>>
>> Dear all,
>>
>> I was made aware today of the article be nusenu [1]. Please read it.
>>
>> So even I theoretically new Sybil attack scenario against the tor
>> network - I never was aware it could affect so much of the tor network
>> infrastructure:
>> "At their peak they reached >10% of the Tor network’s guard capacity".
>>
>> The article leaves me with some thoughts:
>>
>> + Due to the natrue of the tor network the problem can never be solved
>> by 100%
>>
>> + How can the tor network be improved to be more resilient against this
>> attach (Software & Operation)

I think there are plenty of improvements possible both on the software
and the operation's side.

nusenu's points at the end of the medium post are good ones for getting
the discussion started. In general, it makes a lot of sense to adjust
requirements for getting the various relay flags. There are some
informal proposals and ideas floating around and I hope we can
consolidate those early next year to then have a proposal up for wider
discussion.

Another angle we should try to focus on is detecting attacks earlier and
acting on them in a timely manner. I hope we can try to improve in that
area by incorporating all the bad relay activities into the (upcoming)
network-health team and having people working full-time in that field
coordinate all the efforts so that we are spending our scarce resources
more effectively.

>> + Is there currently already activity ongoning by the tor project and
>> how can we as organizations and operators support it

There have been a lot of efforts going on from the Tor Project side in
dealing with bad relays. However, those were and are mostly done by
volunteers who are doing a great job. Roger posted roughly a year ago[1]
a potential roadmap for a potential network-health team. While the
roadmap is still not done yet we made progress during this year in
setting up such a team. It will be officially starting to work next
month being a first-class citizen among all the other Tor Project teams,
which means regular open meetings, an own mailing list[2], community
participation etc. Please check that out if you are interested as we
need help as always. :)

Without going into detail in this mail about all the things the network
team currently thinks to focus on, suffice it to say making our bad
relay prevention/detection/action more streamlined and effective is one
of the most important things on its agenda.

As to how organizations/operators running relays can support dealing
with bad relays I am not sure. I think setting ContactInfo and where
appropriate the MyFamily flag and similar means is a good move here.
Then strengthening the relay community by having relay operator meetups
seems to be a good idea as well. Furthermore, I suspect we'll need relay
operator input for specific bad relay related proposals and discussions
I alluded to above. So, please participate.

Georg

[1]
https://lists.torproject.org/pipermail/tor-project/2018-December/002138.html
[2] https://lists.torproject.org/cgi-bin/mailman/listinfo/network-health

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20191211/7b7abe55/attachment.sig>