Routing Security and Tor:
How vulnerable is the Tor Network to BGP Hijacking Attacks?
Who controls #Tor's DNS traffic?
An Analysis of the @torproject DNS Landscape.
I'd like to have #DNSSEC indicators (among other new items) on the TorAtlas page of exit relays, lets see what the tor-metrics team thinks about it
Dear @torproject exit relay operators,
only 74% of the tor exit capacity does #DNSSEC validation, let's increase that figure to >90%. Please look into your DNS setup if your ContactInfo string is mentioned on this page:
Want to help grow the torproject network by adding #Tor relays? This guide will help you get going:
(joined blog post with flexlibris)
If you need help the tor-relays mailing list is happy to answer your questions
This is an important new #Tor feature for relays and the entire network: The new denial of service mitigation got merged into the MASTER branch.
If you can't wait for the next alpha release to try it out, you might be able to use provided nightly builds if you use a debian-based OS.
This is a quick reminder that in one week , #Tor 0.3.0.x will reach its end of life date (2018-02-01).
>300 relays are still running that major version.
Consider enabling auto-updates to keep your relays safe
Dear #Tor relay operators, please ensure you set a proper MyFamily and ContactInfo when running multiple relays. It is required now. Thanks for running relays!
The #Tor relay documentation has shown its age, some of us have been working on writing something new. Currently it lives on trac but will move eventually.
The Tor Relay Guide
Lots of new #Tor releases fixing 5 #vulnerabilities: -Replay-cache ineffective for v2 onion services -Remote DoS attack against directory authorities -An attacker can make Tor ask for a password -Relays can pick themselves in a circuit path -Use-after-free in onion service v2
#OrNetRadar has a new check that detects #Tor exit relays that route their traffic back into the #tornetwork (so they can perform man in the middle attacks without exiting any traffic) first detected #badexits
Since #tor 0.3.2.1-alpha you can display the expiry date of your online signing keys (I overlooked that)
If you need a reason why you should use a @whonix like setup to prevent your real IP from leaking in case of #tor browser bugs and exploits:
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!