[tor-talk] 3347 "lizardNSA" Relays on google cloud.

Thomas White thomaswhite at riseup.net
Fri Dec 26 20:13:42 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

I am not turning down "More bandwidth" in of itself. When a single
party controls too much of the network bandwidth they can launch a
sybil attack on the network to effectively deanonymise users. With
several ports such as SMTP still open, it will also be used for spam
and could really damage Tor's reputation.

Along with this, the MyFamily option prevents users from connecting
from a server group which is controlled by the same operator. This is
to prevent scenarios where a user uses a circuit controlled by a
single party (who can therefore deanonymise them by seeing the whole
connection). Without this set and controlling a large % of the
network, it creates a dangerous concoction of elements for users. Only
the relay operator can set the MyFamily option, the DirAuths etc can't
do it for them.

Fortunately their cluster has a very low % of weighting and right now,
I'm not too concern about it until it grows.

- -T

Soul Plane:
> On Fri, Dec 26, 2014 at 1:52 PM, Thomas White 
> <thomaswhite at riseup.net> wrote:
> 
>> It is dangerous. I've run a cluster of exits for a long time and
>>  people like myself and Moritz know the dangers of reducing the 
>> diversity pool. Adding even a gigabit of exits to a single AS 
>> right now is dangerous and I've consulted arma on the topic 
>> before who agreed. Beyond 25% of the network is dangerous and 
>> higher than that could cause serious anonymity implications.
>> 
> 
> Why turn down more bandwidth? If all of the exits are being run by 
> the same person or group why not mark them all as family members
> of the same group? I checked a few of them and I don't see that
> they list family members. Unless I misunderstand what family
> members is for?
> 
> https://www.torproject.org/docs/faq.html.en#MultipleRelays
> 

- -- 
Activist, anarchist and a bit of a dreamer.

PGP Keys: key.thecthulhu.com
Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
Key-ID: 0CCA4983
Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
Key-ID: EF1009F0

Twitter: @CthulhuSec
XMPP: thecthulhu at jabber.ccc.de
XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJUncF1AAoJEFwqjFoMykmDQxQP/1Ys+K5q8dyIkNliZ4Bcv6uY
ISkR0D8x2J7Rq/WoFXfgw9U/MGw2j4IvO8x5XiMubkr/NbeEfN63UoQUv1bQy6L+
i1UMggrix99mXTEL5snr02yebcb4QGS9mMHkoqZZu2iZBK+JTRANgcNKMAcmXMql
c0/h8/FCcRy6FFagJyNltqkevmLCfJhffSsb4MjsuRp3pRoVWAdV8UPCU6zX4vSp
xbr2bWcmNZX5bjMWRHO4yuL18ESAseVhHZpyfnqOKZq4DEe873cSl0f4kYNxJmX4
zrg5mHv7groNF5FNY3mWpNCfFEY/UtTis1kOn5Ukp0qW+M7emwgcraWj+50/8CcL
kdSv+V7HrPGdWK0Y6Vp5wDDHe+ib/1MXlzdm2UblbDXnW2R6uPtS4/RrwDj4ZOT+
H6zHkAMbOrjtk6D+L1sbkj7JNN9VHxfs/qfSuaTYxN89lv6PS8wBz67hMXuZNY3/
3oZCPuNjb8MGc7rxqrjSF3zzczidJNfXh0hVbCvPCS43haklFNWsVdwQgy8Y5IKF
sCtTCSpaH91Qg+X7rMsT3RDDmZJd3wbFBVqQaEKQaZGnMphmxekYBjF3VCs0ruRE
JcSKeMivZTl6foz2fvs95a7kVOt8SBlOordB96zAHI8Gy3Ylc3B7oykZg9qV188l
M44Bg++h2oU+7U4NFTzn
=VvyZ
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list