[tor-talk] badfamilies: searching for undeclared families (detection method: contactInfo)
nusenu at openmailbox.org
Sat Mar 28 15:14:22 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
(if you are on CC you might want to jump to the URL and have a look at
your relays' MyFamily config)
as a tor client one probably doesn't wish to use relays from one
entity only when creating circuits. So it might make sense to find
This first very simple approach uses contactInfo data to detect
myfamily misconfiguration - so it detects potential families that are
not "hiding" on purpose.
The last column shows the number of relays which have the given
contact string and the 3th column shows the number of family members
this relay has (in a perfect setup these numbers match).
This is obviously a non-perfect approach and might contain false
positives since everyone can set a contactInfo string on his relay as
Should this list worry you?
The two biggest undeclared families (by relay count) - perfect-privacy
& torpids run relays in over 30 distinct /16 netblocks but they don't
seem to run any exits which makes it currently impossible to create
exiting circuits through them exclusively.
torservers.net on the other hand seems to have a current guard
probability of 0% according to compass, but as one can see in the
atlas graphs that is not always the case. Additionally torservers runs
only in 8 distinct /16 netblocks. I guess the odds are low for one to
create a circuit through torservers only - depending on your currently
selected guard node.
In contrast here the hitlist (by relay count) of *perfectly* declared
10 Felix <zwiebel ta quantentunnel tod de>
8 Frenn vun der Enn
8 tor-relay at guy.net.au
7 rdump at OFTC
7 TEN <abuse-team _at_ tor-exit-node _dot_ org>
I heard about a few of them an know that some are using central
management tools to keep MyFamily in sync: ansible or puppet. That is
probably the reason why they are in good shape.
The good news is that at least one of the big operators not having
perfect MyFamily setup yet might start using a central management as well.
Looking forward to find actually hiding families aka (slow) sibyl
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the tor-talk