Routing Security and Tor:
How vulnerable is the Tor Network to BGP Hijacking Attacks?
Who controls #Tor's DNS traffic?
An Analysis of the @torproject DNS Landscape.
Dear @torproject exit relay operators,
only 74% of the tor exit capacity does #DNSSEC validation, let's increase that figure to >90%. Please look into your DNS setup if your ContactInfo string is mentioned on this page:
Want to help grow the torproject network by adding #Tor relays? This guide will help you get going:
(joined blog post with flexlibris)
If you need help the tor-relays mailing list is happy to answer your questions
This is an important new #Tor feature for relays and the entire network: The new denial of service mitigation got merged into the MASTER branch.
If you can't wait for the next alpha release to try it out, you might be able to use provided nightly builds if you use a debian-based OS.
This is a quick reminder that in one week , #Tor 0.3.0.x will reach its end of life date (2018-02-01).
>300 relays are still running that major version.
Consider enabling auto-updates to keep your relays safe
The #Tor relay documentation has shown its age, some of us have been working on writing something new. Currently it lives on trac but will move eventually.
The Tor Relay Guide
Lots of new #Tor releases fixing 5 #vulnerabilities: -Replay-cache ineffective for v2 onion services -Remote DoS attack against directory authorities -An attacker can make Tor ask for a password -Relays can pick themselves in a circuit path -Use-after-free in onion service v2
#OrNetRadar has a new check that detects #Tor exit relays that route their traffic back into the #tornetwork (so they can perform man in the middle attacks without exiting any traffic) first detected #badexits
Since #tor 0.3.2.1-alpha you can display the expiry date of your online signing keys (I overlooked that)
If you need a reason why you should use a @whonix like setup to prevent your real IP from leaking in case of #tor browser bugs and exploits:
Follow friends and discover new ones. Publish anything you want: links, pictures, text, video. This server is run by the main developers of the Mastodon project. Everyone is welcome as long as you follow our code of conduct!