[tor-talk] Strange Vanguards behavior? And some related questions!
matheu at danwin1210.me
matheu at danwin1210.me
Wed Jan 29 15:15:06 UTC 2020
On 200108-19:38-0600, Mike Perry wrote:
> On 12/21/19 4:00 AM, hikki at Safe-mail.net wrote:
> > I tried the Vanguards add-on, with all settings set to default.
I'm also using Vanguards addon. Only with Tor client, at this time.
And it only makes sense, with the client, when the connectins are internal,
i.e. within Tor network. I do get longer (=safer) routes to destinations, on
average 1 extra hop to anywhere.
No point however, firing Vanguards when browsing with Tor into clear
network, no benefit, and you are with two primary guards, and on
short routes as when you don't run Vanguards.
> > Question 1:
> > But the first time I started tor with this add-on enabled, it connected to no
> > less than 21 entry nodes! Most of these connections died out after a certain
> > amount of time. But still, is this normal behavior?
hikki, you can find out in Tor specs how this works.
> Without more details this is hard to say. Was this a first-start of the
> Tor client, or was it offline for a long time?
It's probably this below:
> These connections might be directory mirror fetches unrelated to
> vanguards. If Tor's consensus is stale or non-existent, it will
> bootstrap from these mirrors instead of dirauths.
> After this phase, a steady-state vanguards Tor client should use only
> two Tor network connections. If this is not the case, please file a
> ticket on github at https://github.com/mikeperry-tor/vanguards/issues.
hikki, you can also fire up Nyx and see the connections in real time.
Mike, submitting an issue, I mean pseudonymously, without M$ knowing
your real identity, is close to impossible.(Almost as easy, oh, yeah,
just imagine!, as registering into the new Stasibook, oh I meant
Facebook onion. Anybody tried and succeeded?)
However, I can say that running Vanguards with my Tor client --and I
often log and study what happened whenever I'm suspicious-- I can say
Vanguards behaves really cool! I have no complaints!
> > Question 2:
> > If you limit the the `circ_max_megabytes` option in the Bandguards module,
> > will that work as some kind of DoS protection?
> This is unclear. You can see some details at an attempt at this here:
> I think it won't be as helpful as other rate limiting solutions that
> have already been merged to Tor:
> But that fix may not drastically improve things yet either. More
> complete HS DoS fixes are still in the works, and require significant
> Tor protocol upgrades.
> > Question 3:
> > When, approximately, will we see the Vanguards add-on in the Tor source?
> This will be a long project. The vanguards addon has many
> sub-components, some of which still require more research and analysis
> wrt false positives and reliability effects, and some may be
> deprecated/altered by future changes such as conflux (multipath Tor
> circuits). Overall timeline could be multiple years. This is why we put
> the effort into getting the addon itself well-tested, included in
> Debian, etc.
> Of all the defenses, the Proposal #247 multi-layer guards sub-component
> is closest to being ready for inclusion in Tor itself in terms of being
> well-understood, but even this piece by itself is a large engineering
> effort that currently has no funding to complete.
> Mike Perry
Great! Looking forward to it! (And I hope there will be funding.)
Also, pls. keep us with Tor clients who run Vanguards in your mind too!
And, can I ask you about a blog of yours I read once? It was
somewhere on https://blog.torproject.org but I don't find it anymore
on https://blog.torproject.org or anywhere else.
I searched: https://blog.torproject.org/search/node?keys=mikeperry+chrome+leak
It was about IP leaks in Chrome. If it is anywhere, pls. can you tell
More information about the tor-talk