[tor-talk] Tor blacklist

[Nick Mathewson]

On Wed, Aug 7, 2013 at 9:09 PM, LEE <zeusy22k at gmail.com> wrote:
> I found that there is a blacklist in Tor system
>
> I guess blacklist is like prison of onion routers. in other world, if
> Tor system detect some onion router runs
>
> abnormally, Tor system put that router in blacklist and never use again.
>
> Is this true?
>
>
> who manages the blacklist?
>
> Once some onion routers are included into blacklist, Are they not able
> to get out of blacklist??

Huh?  Are you talking about the BadExit flag?  Or the ability that
authorities have to stop voting for particular nodes?  Something else?

I'm going to guess that you're talking about one of those features.

The way that the directory system works is, nodes publish information
about themselves to all the directory authorities.  A node is listed
in the consensus document if a majority of the voting authorities vote
for it (more or less, it's complicated, see dir-spec.txt for full
details).

Additionally, there are some flags that affect how nodes are used
(like Running and Valid and BadExit).  A node gets a flag in the
consensus if the majority of the authorities who vote about that flag
vote for it (again, see dir-spec.txt for the full details).

An authority operator can configure their directory authority to vote
for a node as BadExit, never vote for a node as Valid, or never vote
for it at all.  (The code for this is in src/or/dirserv.c).

The directory authorities, and the authority operators are listed in
every directory consensus document.

Generally, the likeliest way for a node to get the BadExit flag would
be to get caught altering traffic. (Mostly, this isn't done
intentionally: The majority of nodes with the BadExit flag are ones
that have upstream ISPs that alter traffic somehow.)

The best way to get authorities to manually stop listing a node
entirely would be to fire up a whole bunch of nodes in an obvious
Sybil attack.  (Frequently, this isn't done intentionally: in at least
once case, IIRC, it was a sysadmin who got a "brilliant idea" to run
Tor on every system he had access to.)

Either of these statuses will last till enough authority operators
stop voting against those nodes.  If somebody thinks that the votes
have been made in error, they should contact the authority operators,
or the tor-assistants mailing list, or post here, or something.

(I'm not an authority operator myself; somebody who is can post here
to say more about how they make choices.)

There's some other stuff that will make authorities *automatically*
not vote for a node -- like if it isn't running when they try to
contact it, or if it can't build circuits when the authority tries it,
or if its bandwidth is way too low to be useful for the network, or if
it's running a way-too-old version of Tor.

I hope this answer your question!

best wishes,
-- 
Nick