[tor-reports] SponsorR October 2015 report
George Kadianakis
desnacked at riseup.net
Wed Nov 4 19:57:57 UTC 2015
Hello,
here is the October 2015 report for SponsorR:
- The first bunch of hidden service statistics is now enabled by default. The
feature was enabled in tor-0.2.7.3 and the coverage graphs have already
climbed slightly: https://metrics.torproject.org/hidserv-frac-reporting.html
The stats enabled are:
* The total number of unique hidden services:
Graph: https://metrics.torproject.org/hidserv-dir-onions-seen.html
* The total volume of hidden service traffic on the network:
Graph: https://metrics.torproject.org/hidserv-rend-relayed-cells.html
- As part of our larger statistical efforts, we did another security and privacy
evaluation of the above stats to ensure that the obfuscatory noise we are
adding is indeed completely covering the tracks of individual users.
We performed the evaluation by extracting all the hidden service statistics
values that were reported by relays over the month of September. Then we
manually inspected them to see that the noise we are adding is significantly
affecting the reports of relays. A more detailed analysis can be found here:
https://trac.torproject.org/projects/tor/ticket/15254#comment:33
We invite people to use or even expand our dataset to evaluate the privacy of
our statistics.
- We also improved on the HSDir health tool that tracks the health of the HSDir
subsystem and the correctness of descriptor uploading by hidden services:
https://gitlab.com/hs-health/hs-health/blob/master/design.md
You can now see its results updated in real time:
http://ygzf7uqcusp4ayjs.onion/tor-health/tor-health/index.html
- As part of our efforts to engage the research community, we met with UCL
researchers and students who have interest in anonymity-related topics like
hidden services, private statistics, and mixnets. We discussed ideas regarding
guard node security, detecting active end-to-end correlation attacks and
hidden service scaling techniques.
- To further lubricate the research community, we published a document
describing the current status of open hidden service proposals. We also
provided a brief summary for each proposal so that researchers and developers
can get up to date faster:
https://lists.torproject.org/pipermail/torz-dev/2015-October/009762.html
- We fixed a TBB issue that allowed website operators to enumerate hidden
service addresses:
https://lists.torproject.org/pipermail/tor-dev/2015-October/009646.html
- We did considerable progress on the implementation of proposal 250. The code
can now perform the whole protocol successfuly. The next task is to improve
the code, seek and destroy bugs, improve test coverage, etc:
https://trac.torproject.org/projects/tor/ticket/16943
We also further refined the shared randomness proposal (prop250):
https://lists.torproject.org/pipermail/tor-dev/2015-October/009812.html
- We improved our detection techniques on finding malicious hsdirs who enumerate
onions. We busted some more adversarial relays over the course of October.
- Discussion was conducted on additional properties of hidden services, like NAT
punching:
https://lists.torproject.org/pipermail/tor-dev/2015-September/009596.html
https://lists.torproject.org/pipermail/tor-dev/2015-October/009604.html
- A new proposal for hidden service scalability was posted by Tom van der Woerdt:
https://lists.torproject.org/pipermail/tor-dev/2015-October/009618.html
More discussion on hidden service scalability was done:
https://lists.torproject.org/pipermail/tor-dev/2015-October/009750.html
https://lists.torproject.org/pipermail/tor-dev/2015-October/009763.html
More information about the tor-reports
mailing list