Pinned toot

a story about a huge malicious tor exit operation:

Blog: "How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
>23% of the Tor network’s exit capacity has been attacking Tor users"

medium.com/@nusenu/how-malicio

I'm happy to announce version 2 of the Tor ContactInfo Information Sharing Specification.

nusenu.github.io/ContactInfo-I

It comes with an easy to use ContactInfo generator, which is maintained by Eran Sandler:
torcontactinfogenerator.netlif

relayor v20.1.0 is released.

It contains a bugfix, for corner cases where the new tor configuration would not be used.

relayor users are encouraged to update to this release.

changes:
* bugfix: restart tor instead of reloading it when configuration changed (reloading is not supported by tor in all cases)
* make tor_ContactInfo variable mandatory
* update tor alpha version: 0.4.3 -> 0.4.4
* add support for FreeBSD 11.4
* increase min. ansible version to 2.9.12

github.com/nusenu/ansible-rela

Since the Tor directory authorities are no longer removing such relay groups and I feel bad about sitting on this list without doing anything with it I'm posting it here for your information.

This is a set of over 600 Tor relays that got added since 2020-01-29 on a limited set of hosters (primarily at Microsoft).
They have some similarities in their sign-up pattern and properties.

total guard probability: 3.6%
total middle probability: 10.1%
(no exit relays)

github.com/nusenu/tor-network-

This time the malicious Tor relays (same entity) got caught intercepting traffic to changenow.io

published by twitter.com/notdan/status/1295

In my recent blog post I mentioned that the Tor network attacker likely still runs >10% of the networks exit capacity.

Some of of them got confirmed yesterday and their actual fraction was likely even bigger than ">10%" at the time.

lists.torproject.org/pipermail

Two weeks ago they didn't exist, today they are by far the biggest guard relay operator on the Tor network.

Yet another OVH-based no-name relay group:
nusenu.github.io/OrNetRadar/20

The Tor network is changing these days, changing fast.

Take care.

a story about a huge malicious tor exit operation:

Blog: "How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
>23% of the Tor network’s exit capacity has been attacking Tor users"

medium.com/@nusenu/how-malicio

I'm aiming to generate some Tor network graphs that show attributable network fraction over time.
Would you like to contribute your tor relay capacity to these graphs?

Help me attributing your relays by using ContactInfo/operatorurl and verifyurl fields:

github.com/nusenu/ContactInfo-

I'm happy to announce version 1 of the Tor ContactInfo Information Sharing Specification
github.com/nusenu/ContactInfo-

ContactInfo generator website:
torcontactinfogenerator.netlif (thanks to Eran)

relayor v20.0.2 got released

github.com/nusenu/ansible-rela

added support for OpenBSD 6.7 and Ubuntu 20.04

The Tor Project will release updated versions of tor to fix multiple denial-of-service vulnerabilities affecting relays and clients.

lists.torproject.org/pipermail

Today is a big day for the Tor network, in many ways.
The biggest exit operator moved to a new (and upstream wise better) place.

On 2020-03-25 another tier1 transit provider will drop RPKI invalid BGP announcements: NTT/AS2914

You can check if you are affected by visiting the RPKI Observatory
nusenu.github.io/RPKI-Observat

In the first two months of 2020 the Tor network has seen more potential Sybil attacks than in the entire 3 years before 2020.

Onion v3 services are a lot safer than onion v2 services.

One of the main reasons why onion v3 services haven't seen much adoption by large scale sites is the missing support for onionbalance. This is about to change.

If you want to help test onionbalance for v3 onion services:
github.com/asn-d6/onionbalance

The Tor directory authorities are affected by what looks like a small scale distributed denial of service attack.

Tor developers are preparing and testing patches to separate legitimate directory requests from non-tor software based requests.

Today marks the end of Tor version 0.4.0.x

Currently over 10% of the Tor network is running on end-of-life tor releases.

This is bad.

This is the list of affected relays:
nusenu.github.io/OrNetStats/eo

In the past 24 hours I reported over 200 tor relays for removal from the network.

tor v0.4.0.x will reach its end-of-life in under 3 weeks on 2020-02-02.

There are currently over 400
relays still using that version.
They make up >10% of the tor network's guard capacity
and >7% of the exit capacity.

List of affected relays:
metrics.torproject.org/rs.html.

Show older
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!