[tor-talk] State of bad relays (March 2017)

nusenu nusenu at openmailbox.org
Fri Mar 3 19:36:00 UTC 2017


Thanks for this email.

> Two common Tor network abuses are:
> 
> a) Bad exit nodes sniffing and messing around with client traffic.
> 
> b) Bad HSDir nodes. The hidden service hash ring is a particularly juicy
>    target, since participating relays get to see the addresses of onion
>    services when they publish their descriptors.

I hoped tor directory authorities would care [1] about tor relay groups
with end-to-end capabilities as much as about HSDirs.

https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt
(this list is truncated)

(even though they might not be intentionally malicious;
yes contactinfo can be arbitrarily forged)

I think an actual step to help protect tor users and to improve the
current situation is to implement proposal 242 (better families) [2]
followed by a stricter enforcement of it by dir auths (unlikely to happen).
Proposal 242 reduces the burden from tor relay ops when running more
than one relay and hopefully decreases the number of undeclared families
that put users at risk because they potentially see traffic entering
_and_ leaving the tor network (which breaks the assumption that not
every relay in a circuit is operated by the same operator).

Even with prop 242 available in a released tor version its usefulness
depends on the actual adoption by relay ops, something that is hard to
predict,
but implementing prop242 certainly scales better than contacting every
tor relay operator that does not set MyFamily (properly).

[1]
protecting users from known relay groups with end-to-end correlation
capabilities
https://lists.torproject.org/pipermail/tor-dev/2016-December/011714.html

[2]
https://gitweb.torproject.org/torspec.git/tree/proposals/242-better-families.txt
https://trac.torproject.org/projects/tor/ticket/5565

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20170303/0d6788b9/attachment.sig>


More information about the tor-talk mailing list