A Few Random Thoughts...

Michael cozzi at cozziconsulting.com
Fri Jun 26 12:16:00 UTC 2009

    Hi all,

    As one of those lucky souls with access to almost limitless 
bandwidth and the skills (or stupidity) to use it, I suppose an apology 
is in order:

    I'm sorry- after reviewing what *could* be the consequences, I have 
to whimp out based on professional risk factors... I can't run an exit 
node. So I have to leave it to other folks who have a different 
situation to do the heavy lifting.

    What I *am* doing is deploying a couple of heavy iron closed relays 
on OC3 or better bandwidth. The first is now deployed after a lot of up 
and down testing, and I'll get to the second in due time.

    I've been watching Tor for a long time and just recently decided to 
get involved. The Iran situation cemented that decision.

    Anyhow, here are some random thoughts:

    On the "Who uses Tor?" section of the website, I see no mention of 
IT people. I've used the Tor network for many practical uses as an IT 
Director. These range from bypassing my own firewall to test incoming 
connections, to helping my legal department do research on a pending 
lawsuit without the opposition *knowing* we even looked at their 
website. Having a random and easily accessible IP to initiate 
connections from is a priceless testing tool. Especially when dealing 
with niggling routing problems.

    On one occasion my ISP was having routing/DNS problems, and Tor was 
able to find an entrance node and allow me to work even though I 
couldn't get to my remote servers directly. This saved my client a lot 
of downtime, and might have saved me the account. Also, my employer's 
R&D department sometimes needs to look at things they don't want anyone 
to know they looked at (All quite legal mind you).

    Quite frankly Tor is an undervalued IT tool and it's capabilities 
should be trumpeted loudly on the web page. You might also find IT guys 
like me throwing up some relays in exchange. After all- who has the 
bandwidth anyway?

     And before anyone accuses me of it, I'm not nearly stupid enough to 
do a port scan over Tor. Phew.

    One of the issues I ran into when looking into running an exit relay 
had to do with not only the legalities, but identifying a server vendor 
that was offshore from my home country and friendly to a Tor exit. In 
order for me to run an exit node, I have to be completely shielded.

    As it stands now, I can probably run an exit for instant messaging- 
and that's it. However, if Tor itself had a relationship with someone 
who rents hardware, perhaps a partnership, Tor could get the exit nodes 
it needs, and the server vendor could get lots of cash. From my 
standpoint, it doesn't matter whether I rent or colocate my hardware. So 
if Tor as an organization had a partnership with a few server rental 
whores (in multiple countries), it would simplify getting more exits. I 
need servers, Tor runs with little impact on my server, I could care 
less where my remote hardware is provisioned from. Bingo- more exits.

    I read back about 6 months in the or-talk list and there were a 
couple of suggestions inferring that *everyone* should be forced to be 
an exit node. I think this is a very bad idea, and hurts the security of 
the person trying to remain anonymous by causing an identifiable change 
in bandwidth usage that could infer Tor usage (Information leakage).

    Simply speaking, on a default Windows/Vidalia installation, outgoing 
Tor traffic usually looks like https traffic, but on a forced exit, now 
Tor is identified by relatively matched traffic on port 443 both in and 
out of the client's connection (Unless it's entrance node is a *nix 
variant). This could mean death (literal) for a political dissident who 
is now identified as having an in/out matching traffic pattern assuming 
his entrance node is on Windows. It is more likely, that a country 
monitoring it's citizens would miss simple https traffic. But even 
myself as a lowly IT director, would have alarm bells going off if https 
was initiating in two directions from the same machine. Alternative 
ports can also set off alarm bells. But given the nature of Onion 
Routing, two way traffic needs to be avoided in the most sensitive 
sensitive situations. Forcing exit nodes is a bad idea for users. It 
will also drive away anyone who cannot provide an exit node.... that's 
chasing away bandwidth as non exit relays run for the hills.

    Long post. Too much coffee and too much time staring at routing tables.


More information about the tor-talk mailing list