On Thu, Nov 11, 2021 at 03:35:26PM +0000, Gary C. New via tor-relays wrote: > Gus, > I have to agree with z-relay on these points. > I won't even provide an obfuscated contact email in my torrc to avoid spam. I > could setup a dedicated email for Tor operation, but I'd likely find my > relays down prior to checking it. > Case in point... When registering a domain name, I've gotten to the point > where I use a disposable phone number and email address, due to the amount of > spam generated from such a transaction. > Presently, I like how Tor notifies me of any issues with my configuration in > the torlog and provides recommendations on how to remedy them. > I believe you will find that asking for operators to provide contact address > information for an anonymizing service will always be a struggle–it's the > nature of the service and those that subscribe to it. > BTW... My ISP does have my contact/billing information, but doesn't require > it be publish publicly. > Respectfully, >
What exactly is stopping you to use this email address as your relay contact_info? This is a *public* mailing list. cheers, Gus > Gary— > This Message Originated by the Sun. > iBigBlue 63W Solar Array (~12 Hour Charge) > + 2 x Charmast 26800mAh Power Banks > = iPhone XS Max 512GB (~2 Weeks Charged) > > On Thursday, November 11, 2021, 5:59:45 AM PST, gus <g...@torproject.org> > wrote: > > Hi, > > On Wed, Nov 10, 2021 at 09:14:58PM +0000, z-relay--- via tor-relays wrote: > > I'll throw in my 2 cents. > > > > Limitations with current approach: > > > > 1. Asking all relay operators to list their email addresses in the public > > relay list is largely equivalent to asking them to invite tens of thousands > > of spam emails into their inboxes and having to either ignore most of them > > or set up aggressive filtering rules which can easily bounce legitimate > > messages. > > > I'm running relays and spam is not an issue. It's a pain if you're > running exit nodes, then you will get abuse notifications from your ISP. > > And if spam is an issue for you, you could manage that using GitLab > Service Desk feature, for example: > https://docs.gitlab.com/ee/user/project/service_desk.html > > >This also opens up a convenient channel for "adversaries" to harass or even > >coerce the relay operators. > > Actually, that would be quite stupid from their part to do that... by > email. Anyway, if that happens, contact us. > > Anyway, my question is: > > Why your ISP can contact you, but the Tor Community can't have > an easy way to reach out to an operator? > > > 2. Middle relays can be used for attacking and the only defense being "list > > your email addresses or else we'll kick you out" throws a sizable wretch > > into the credibility and technical soundness of the whole project. If the > > "adversaries" are capable of de-anonymize tor users by simply running a > > middle relay that by design knows neither the real sources nor the real > > destinations of the traffic through it, I wonder how hard would it be for > > them to set up an email address? > > > > Some suggestions to consider: > > > > 1. Since the DAs and the relays already know each others' IP addresses and > > public ID keys. Perhaps tor can add a feature where the DAs can send > > authenticated and encrypted short messages to the relays, which can then > > verify the messages and log them in syslog or log files as configured in > > torrc. > > > > The messages can be something along the lines of "Your relay is > > misconfigured in ABC ways, please do XYZ to fix it. Contact our help desk > > at ***@torproject.org if you have questions or need further assistance.". > > > > 2. As a stop term solution before this feature can be implemented would be > > listing all the misconfigured relays on a page hosted by torproject.org, > > and make the page easy to discover by linking to it on relay help pages. > > Same idea here, I'm sure many are happy to reach out for instructions to > > correct any misconfigurations, but that does not mean all of us are excited > > about publishing an email address in a public list, nor it is technically > > necessary. > > > > Thanks for your suggestion. But, in my experience, unrecommended relays > are already listed on Metrics page and operators didn't act/notice until > we got in touch and asked them to upgrade. > > Gus > > > > ________________________________ > > From: Georg Koppen 'gk at torproject.org' > > <z-relay+tor-relays=lists.torproject....@zestypucker.anonaddy.me> > > Sent: Wednesday, November 10, 2021 6:40 PM > > To: z-re...@zestypucker.anonaddy.me <z-re...@zestypucker.anonaddy.me> > > Subject: Re: [tor-relays] Recent rejection of relays > > > > > > Jonas via tor-relays: > > > Where is this criteria documented? > > > > I am not sure what criteria you mean but we have our bad-relay > > criteria[1] documented at our wiki and keep fingerprints we reject due > > to attacks we noticed there as well[2]. > > > > > It seems the tor project, or its designated volunteers, are increasing > > > controlling and managing the network. In the Swiss Federation and EU this > > > turns the tor project into an "online service provider" or "online > > > platform" and subjects one to all sorts of regulations and compliance > > > regimes. > > > > > > We already get enough requests from the police regarding relays hosted in > > > our datacenters. Shall we point them at tor as the network operator? > > > > The Tor Project is not running the network. It's comprised of relays run > > mostly by volunteers. I am actually not really sure either what you are > > proposing to be honest. Shall we just keep the relays attacking our > > users in the network instead? > > > > Georg > > > > [snip] > > > > [1] > > https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Criteria-for-rejecting-bad-relays > > [2] > > https://gitlab.torproject.org/tpo/network-health/team/-/wikis/Rejected-fingerprints-found-in-attacks > > > > > > > > ---------- Original Message ---------- > > > On Wed, November 10, 2021 at 8:59 AM, Georg Koppen<g...@torproject.org> > > > wrote: > > > Hello everyone! > > > > > > Some of you might have noticed that there is a visible drop of relays on > > > our consensus-health website.[1] The reason for that is that we kicked > > > roughly 600 non-exit relays out of the network yesterday. In fact, only > > > a small fraction of them had the guard flag, so the vast majority were > > > middle-only relays. We don't have any evidence that these relays were > > > doing any attack, but there are attacks possible which relays could > > > perform from the middle position. Therefore, we decided we'd remove > > > those relays for our users' safety sake. > > > _______________________________________________ > > > tor-relays mailing list > > > tor-relays@lists.torproject.org > > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > > > > > > > > > > > _______________________________________________ > > tor-relays mailing list > > tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > -- > The Tor Project > Community Team Lead > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- The Tor Project Community Team Lead
signature.asc
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
