relayor - the ansible role for Tor relay operators - v21.0.0 is released.
This release solves the expired debian GPG key.
There are already over 20 Tor relay operators (>200 relays, > 10% exit capacity) that make use of the
tor ContactInfo information sharing specification (CIISS) to get some group wide graphs generated for their relays:
Bellow is shown a sample graph by one of them:
I'm happy to announce version 2 of the Tor ContactInfo Information Sharing Specification.
It comes with an easy to use ContactInfo generator, which is maintained by Eran Sandler:
@SwindlerOfInsanity I'm not entirely sure about your design but I don't think it is a solution to this problem.
relayor v20.1.0 is released.
It contains a bugfix, for corner cases where the new tor configuration would not be used.
relayor users are encouraged to update to this release.
* bugfix: restart tor instead of reloading it when configuration changed (reloading is not supported by tor in all cases)
* make tor_ContactInfo variable mandatory
* update tor alpha version: 0.4.3 -> 0.4.4
* add support for FreeBSD 11.4
* increase min. ansible version to 2.9.12
Since the Tor directory authorities are no longer removing such relay groups and I feel bad about sitting on this list without doing anything with it I'm posting it here for your information.
This is a set of over 600 Tor relays that got added since 2020-01-29 on a limited set of hosters (primarily at Microsoft).
They have some similarities in their sign-up pattern and properties.
total guard probability: 3.6%
total middle probability: 10.1%
(no exit relays)
This time the malicious Tor relays (same entity) got caught intercepting traffic to changenow.io
In my recent blog post I mentioned that the Tor network attacker likely still runs >10% of the networks exit capacity.
Some of of them got confirmed yesterday and their actual fraction was likely even bigger than ">10%" at the time.
since there is no other obvious linkability I'd argue for:
"require a verified physical address for large operators (>=0.5% exit or guard probability)"
as written in:
Two weeks ago they didn't exist, today they are by far the biggest guard relay operator on the Tor network.
Yet another OVH-based no-name relay group:
The Tor network is changing these days, changing fast.
a story about a huge malicious tor exit operation:
Blog: "How Malicious Tor Relays are Exploiting Users in 2020 (Part I)
>23% of the Tor network’s exit capacity has been attacking Tor users"
I'm aiming to generate some Tor network graphs that show attributable network fraction over time.
Would you like to contribute your tor relay capacity to these graphs?
Help me attributing your relays by using ContactInfo/operatorurl and verifyurl fields:
I'm happy to announce version 1 of the Tor ContactInfo Information Sharing Specification
ContactInfo generator website:
https://torcontactinfogenerator.netlify.app (thanks to Eran)
relayor v20.0.2 got released
added support for OpenBSD 6.7 and Ubuntu 20.04
The Tor Project will release updated versions of tor to fix multiple denial-of-service vulnerabilities affecting relays and clients.