[tor-talk] On verifying security of Tor Routers idea

Chris tmail299 at errtech.com
Thu Dec 22 00:25:18 UTC 2011

>> I think the best approach is to send off an email with the new proposal
>> to
>> all node operators.
> Please do not send a mass-email to all relay operators, especially
> while you're still in a planning phase. This seems pretty obvious, but
> I wanted to make sure that it was clear - relay operators share
> contact information to be notified of issues with their relay, not
> threatened with a port scan.
> The idea has been pretty controversial so if you would like to gather
> more opinions then I'd suggest the tor-relays@ list.

Ultimately they were planning to just do the port scan.

If you are not going to just do it the question is how do you gather the
data as to how many node operators will opt-in or opt-out if you do not
contact them in a preliminary stage? It may not be worth doing if you
don't have enough opt-ins or are unwilling to consider scanning those who
have not opted out. You won't get accurate data from the tor-relays list
as these individuals are active participants. The ones who would be less
likely to response are the less active ones.

Nobody is threatening node operators with a port scan as far as it appears
anyway. A port scan is not itself a security threat no matter how many
think it is. It may be harmful to the project though from a backlash of
node operators. Just because b (exploits) usually follows a (port scan)
does not mean c (something else non-threatening) can never occur.

We shouldn't hang every one else who does a port scan just because of a
few bad apples.

I think the concern is valid however incorrect the security threat aspect
of it is. Thinking about this some more. I think maybe contacting a small
percentage of node operators would result in sufficient data to make some
of these preliminary decisions.

Ultimately though if you are going to say you need permission of some kind
(even if it is just "you must email us to opt out") then you are going to
have to contact the node operators.

Maybe there are a significant number of node operators subscribed to the
tor-relays mailing list. I'm very doubtful of that though. I probably
can't hurt to post there and see the results prior. If there are simply
enough from that alone you could in theory just ignore every one else.

More information about the tor-talk mailing list