[tor-talk] A month with BADONIONS
nusenu at openmailbox.org
Fri Jun 26 11:45:13 UTC 2015
thanks for the pointer.
> This was interesting - not sure if I've missed discussion of it
> here, but I didn't find anything with a quick search.
> Tl:dr; the author set up a very basic honeypot to detect
> potentially abusive guard and exit nodes, and found some. (Quelle
> The claim that they reported the naughty guard nodes to Tor but
> have not seen any remediation is something which might merit a
> response, if nothing else.
The set of "15 fingerprints" contains only 7 unique fingerprints.
4 are currently (2015-06-26 08:00:00 UTC) running and don't have the
3 of them signed up on 2014-04-09 but have a consensus weight < 5.
Fastest relay is 'AviatoChortler':
which signed up 2015-05-21 and has an advertised bw of 31MB/s.
Relay nicknamed 'Hackosaurusrex' appeared already previously (although
with different fingerprint):
overview table (includes reported relays that were running in the last
7 days only):
Generally speaking I don't worry to much about sniffing relays (or
upstreams), that problem is not specific to tor but I agree that it is
probably easier to sniff tor traffic than non-tor traffic for a
low-budged attacker. (I worry more about big groups of hidden families.)
@chloe: thanks for reporting them, a timeline would be appreciated and
an info to tor-talk (after you reported them to bad-relays)
@phw: did the dir authorities blacklist
09A880567B0839B4085C2EC14002DE34AAFE8548 or did it disappear on its
own? (downtime 4 days)
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the tor-talk