[tor-talk] How can an external observer detect if a malicious relay does excessive logging?
Georg Koppen
gk at torproject.org
Thu Jun 24 06:13:31 UTC 2021
Anders Andersson:
> Having had little luck with my question posted on
> tor.stackexchange.com[1] I will try here, perhaps there are more
> "eyes" on the mailing list.
>
> Under "Criteria for rejecting bad relays" on the Network Health Team's
> wiki[2] there is a list of things that makes a relay be "malicious".
> Everything there seems possible to find out (with some effort) except
> this:
>
> "- Excessive logging (over notice) during normal operation"
>
> I've tried to figure out how this can be probed from the outside, but
> can't come up with anything realistic. How can it be probed?
I am not sure, it probably can't. However, there are other ways one can
get to know about this practice (e.g. due to mistakes the operator
makes), so it's still important to list it as a criterion even though it
is not straightforward how to verify that no excessive logging is taking
place.
Georg
>
> [1] https://tor.stackexchange.com/questions/22430/how-can-an-external-observer-detect-if-a-malicious-relay-does-excessive-logging
> [2] https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Criteria-for-rejecting-bad-relays
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20210624/50854f32/attachment.sig>
More information about the tor-talk
mailing list