[tor-talk] DocTor's 'Possible Sybil Attack' (2015-06-03) report
nusenu at openmailbox.org
Fri Jun 5 12:14:56 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
>> Again, I really dislike the in-transparency here.
> I agree that it needs improvement. In theory, we already have a
> public repository for blacklisting relays:
> In practice, nobody has had time yet to put all existing rules in
> the new repository.
Yes, it appears empty..
How have they been excluded? (specific IPs, entire IP blocks,
>> Why have they been excluded?
> I attached a list of fingerprints that were rejected by the
> directory authorities around May 20.
list based on your fingerprints:
They did not even bother to change IPs, ORport or nicknames.
> All these relays were HSDirs and actively scanned hidden services
> they were responsible for.
What does 'scanned' mean in this context? TCP SYN scans or more tor
specific like 'relay early' attacks (something that came up again when
I saw they all run tor 0.2.4.x).
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-talk