[tor-relays] Tor related talks @ rC3

Georg Koppen gk at torproject.org
Mon Jan 17 15:21:40 UTC 2022

Georg Koppen:
 > Georg Koppen:
 >> Hello!
 >> nusenu:
 >>> in chronological order:
 >>> ------------------------------------------------------
 >>> title: Towards a more Trustworthy Tor Network
 >>> when: 2021-12-28, 17:00 CET
 >>> where: https://streaming.media.ccc.de/rc3/csh
 >>> primary target audience:
 >>> - Tor user
 >>> - Tor relay operators
 >>> - onion service operators
 >>> - and everyone that cares about Tor
 >> Thanks for the talk. While watching it yesterday I saw on the KAX17
 >> timeline that the attacker "attempts to restore their foothold" after
 >> they got kicked out of the network. Could you please send the
 >> fingerprints of their new relays to the bad-relays mailing list so we
 >> can get them eventually rejected and provide a safer Tor experience
 >> for all of our users?
 >> Somewhat related I was wondering about what happened to the BTCMITM20
 >> attacker. The image with the exit fraction and concurrently running
 >> malicious relays graphs seems to be claiming that never all of their
 >> relays were gone and the number is in fact growing again starting
 >> around mid-March 2021. Are there still relays from them running on the
 >> network? If so, please send their fingerprints to the bad-relays
 >> mailing list, too, so we can get those relays removed.
 > Bumping this thread to be sure it does not fall through the cracks and
 > we get all remaining relays kicked out in case there are any left. (We
 > have not received any fingerprints so far on the bad-relays@ list)

I am not in the mood of pinging this thread any further. We did not get 
any fingerprints sent over nor any clarification so far either. Thus, it 
seems no known attackers belonging to those two groups are currently on 
the network anymore, which is good news.

Just as a general reminder (not just for nusenu but anyone else wanting 
to help us as well in hunting bad relays): for the sake of our users, 
please report all your findings to the bad-relays mailing list[1]. It's 
only the bad-relay team who can get malicious relays kicked out of the 
network. Keeping that information away from us and using some 
ExcludeNodes hacks instead is *not* the way to go for, if the safety of 
our users and the safety of our network is your goal.


[1] https://community.torproject.org/relay/community-resources/bad-relays/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20220117/e14480ec/attachment.sig>

More information about the tor-relays mailing list