Exit node connection statistics

[Sebastian Hahn]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Jul 18, 2008, at 7:39 PM, mplsfox02 at sneakemail.com wrote:
> Of course you can. And if you are able to bring yourself under the  
> top 100 of 500 exit nodes in one day, you can solve it even in two  
> days. Just use a different destination IP for each exit node, then  
> you don't need the bisection method. ;-)
>
> But you are right. Maybe top 100 is too much and I should switch to  
> a top 20 or so?

No, you should turn it off. Having those statistics doesn't add any  
value to the Tor network, you cannot even make broad statements like  
"30% of all traffic in Tor goes to xy.com", because you see only a  
tiny fraction and the real usage is likely to be entirely different -  
think about how different exit policies etc come into play. Generally,  
it's always recommended to not log unless you have a reason (for  
example a bug you're trying to find).

The less verbose your logs are, the less likely it is someone will  
find them interesting and makes you give them out. This applies to the  
whole community of relay operators - if it is a well-known fact that  
most of them log, adversaries might become more persuasive when they  
ask for logs.

Generally, Tor exit nodes must always be assumed to be malicious, but  
this of course doesn't mean that once it's a proven fact that an exit  
is malicious, it will be excluded.

So, a personal question: What is your motive? Do you feel you have a  
right to know what people are doing? Because this is where the ice  
gets really thin...

Sebastian
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAkiA1/kACgkQCADWu989zuZ+aQCfT0Ltx1Bd1NMhpgGd/HKBds4e
JecAoJcjDWLX7o2oG4KbDzalyQlCfwJi
=KWpa
-----END PGP SIGNATURE-----