[tor-relays] Blog: How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
niftybunny
abuse-contact at to-surf-and-protect.net
Fri Aug 14 17:36:58 UTC 2020
https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac <https://medium.com/@nusenu/how-malicious-tor-relays-are-exploiting-users-in-2020-part-i-1097575c0cac>
There are multiple indicators that suggest that the attacker still runs >10% of the Tor network exit capacity (as of 2020–08–08)
And on this one: I trust nusenu who told me we still have massiv malicious relays.
> On 14. Aug 2020, at 19:12, Roger Dingledine <arma at torproject.org> wrote:
>
> On Thu, Aug 13, 2020 at 03:34:55PM +0200, niftybunny wrote:
>> This shit has to stop. Why are the relays in question still online?
>
> Hm? The relays are not online -- we kicked them in mid June.
>
> We don't know of any relays right now that are attacking users.
>
> Or said another way, if anybody knows of relays that are doing any attacks
> on Tor users, ssl stripping or otherwise, please report them. I believe
> that we are up to date and have responded to all reports.
>
> That said, there is definitely the uncertainty of "I wonder if those
> OVH relays are attacking users -- they are run by people I don't know,
> though there is no evidence that they are." We learned from this case
> that making people list and answer an email address didn't slow them down.
>
> I still think that long term the answer is that we need to shift the
> Tor network toward a group of relay operators that know each other --
> transparency, community, relationships, all of those things that are
> costly to do but also costly to attack:
> https://gitlab.torproject.org/tpo/metrics/relay-search/-/issues/40001
> https://lists.torproject.org/pipermail/tor-relays/2020-July/018656.html
> https://lists.torproject.org/pipermail/tor-relays/2020-July/018669.html
>
> But the short term answer is that nobody to my knowledge has shown us
> any current relays that are doing attacks.
>
> Hope that helps,
> --Roger
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20200814/13f5e645/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20200814/13f5e645/attachment-0001.sig>
More information about the tor-relays
mailing list