Why are we encouraged to use the Amazon Cloud VPS's for bridges only? Why not set up some as relays? ~~Rhon
-- Rhona Mahony [email protected] **Try https://duckduckgo.com, a search engine that keeps no record of your searches. Tips at: http://donttrack.us/** ----- Original Message ----- From: [email protected] To: [email protected] Sent: Tue, 15 Nov 2011 11:16:17 -0800 (PST) Subject: tor-talk Digest, Vol 10, Issue 34 Send tor-talk mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of tor-talk digest..." Today's Topics: 1. Re: Run Tor as a bridge in the Amazon Cloud (Jan Weiher) 2. Re: Run Tor as a bridge in the Amazon Cloud (Runa A. Sandvik) 3. Re: Run Tor as a bridge in the Amazon Cloud (Roger Dingledine) 4. Re: Run Tor as a bridge in the Amazon Cloud (Jan Weiher) 5. Re: Run Tor as a bridge in the Amazon Cloud (Runa A. Sandvik) 6. tor net questions (audd) 7. Re: tor net questions (Roger Dingledine) 8. Re: tor net questions (audd) ---------------------------------------------------------------------- Message: 1 Date: Tue, 15 Nov 2011 17:40:31 +0100 From: Jan Weiher <[email protected]> To: [email protected] Subject: Re: [tor-talk] Run Tor as a bridge in the Amazon Cloud Message-ID: <[email protected]> Content-Type: text/plain; charset=windows-1252 Am 15.11.2011 07:52, schrieb Runa A. Sandvik: > On Tue, Nov 15, 2011 at 1:28 AM, Mike Damm <[email protected]> wrote: >> On Monday, November 14, 2011 9:30 PM, "Runa A. Sandvik" >> <[email protected]> wrote: >>> Hi everyone, >>> >>> The Tor Cloud project gives you a user-friendly way of deploying bridges >>> to help users access an uncensored Internet. By setting up a bridge, you >>> donate bandwidth to the Tor network and help improve the safety and >>> speed at which users can access the Internet. >>> >>> Setting up a Tor bridge on Amazon EC2 is simple and will only take you a >>> couple of minutes. The images have been configured with automatic >>> package updates and port forwarding, so you do not have to worry about >>> Tor not working or the server not getting security updates. >> >> https://www.torproject.org/docs/faq#MultipleRelays says: >> "Great. If you want to run several relays to donate more to the network, >> we're happy with that. But please don't run more than a few dozen on the >> same network, since part of the goal of the Tor network is dispersal and >> diversity." >> >> I'm curious to know if 'MyFamily' is properly set on these instances, or >> if Tor plans to bucket all instances within EC2 as part of the same >> family? >> >> Assuming this is a non-issue... looks very awesome! > > A bridge should not specify the ?MyFamily? option. You won't run a > middle relay or an exit relay in the cloud, so this shouldn't be an > issue. > As far as I understand, this is correct if you only run bridges (because a circuit never uses two bridges), but what if someone (like me) runs a bridge and a normal relay as well? IMHO you don't want to use a relay which is operated by the same operator as your bridge? Please correct me, if I'm wrong. Jan ------------------------------ Message: 2 Date: Tue, 15 Nov 2011 17:29:12 +0000 From: "Runa A. Sandvik" <[email protected]> To: [email protected] Subject: Re: [tor-talk] Run Tor as a bridge in the Amazon Cloud Message-ID: <camtfruhvkzp5vkmkrtfatdv-b_9gg+uz1it9qjexdkc-rsc...@mail.gmail.com> Content-Type: text/plain; charset=windows-1252 On Tue, Nov 15, 2011 at 4:40 PM, Jan Weiher <[email protected]> wrote: > Am 15.11.2011 07:52, schrieb Runa A. Sandvik: >> On Tue, Nov 15, 2011 at 1:28 AM, Mike Damm <[email protected]> wrote: >>> On Monday, November 14, 2011 9:30 PM, "Runa A. Sandvik" >>> <[email protected]> wrote: >>>> Hi everyone, >>>> >>>> The Tor Cloud project gives you a user-friendly way of deploying bridges >>>> to help users access an uncensored Internet. By setting up a bridge, you >>>> donate bandwidth to the Tor network and help improve the safety and >>>> speed at which users can access the Internet. >>>> >>>> Setting up a Tor bridge on Amazon EC2 is simple and will only take you a >>>> couple of minutes. The images have been configured with automatic >>>> package updates and port forwarding, so you do not have to worry about >>>> Tor not working or the server not getting security updates. >>> >>> https://www.torproject.org/docs/faq#MultipleRelays says: >>> "Great. If you want to run several relays to donate more to the network, >>> we're happy with that. But please don't run more than a few dozen on the >>> same network, since part of the goal of the Tor network is dispersal and >>> diversity." >>> >>> I'm curious to know if 'MyFamily' is properly set on these instances, or >>> if Tor plans to bucket all instances within EC2 as part of the same >>> family? >>> >>> Assuming this is a non-issue... looks very awesome! >> >> A bridge should not specify the ?MyFamily? option. You won't run a >> middle relay or an exit relay in the cloud, so this shouldn't be an >> issue. >> > > As far as I understand, this is correct if you only run bridges (because > a circuit never uses two bridges), but what if someone (like me) runs a > bridge and a normal relay as well? IMHO you don't want to use a relay > which is operated by the same operator as your bridge? Please correct > me, if I'm wrong. Yes, you should set the MyFamily option in the Tor configuration file if you run both a bridge and a relay. -- Runa A. Sandvik ------------------------------ Message: 3 Date: Tue, 15 Nov 2011 12:33:36 -0500 From: Roger Dingledine <[email protected]> To: [email protected] Subject: Re: [tor-talk] Run Tor as a bridge in the Amazon Cloud Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii On Tue, Nov 15, 2011 at 05:29:12PM +0000, Runa A. Sandvik wrote: > >> A bridge should not specify the ?MyFamily? option. You won't run a > >> middle relay or an exit relay in the cloud, so this shouldn't be an > >> issue. > > > > As far as I understand, this is correct if you only run bridges (because > > a circuit never uses two bridges), but what if someone (like me) runs a > > bridge and a normal relay as well? IMHO you don't want to use a relay > > which is operated by the same operator as your bridge? Please correct > > me, if I'm wrong. > > Yes, you should set the MyFamily option in the Tor configuration file > if you run both a bridge and a relay. No, this is dangerous: if you list your bridge as part of your family in the relay descriptor, then everybody can learn your bridge fingerprint, and they can look up your bridge's descriptor (and thus location) at the bridge directory authority. We currently don't have a good answer for putting bridges and relays in the same family. Suggestions welcome. (Note that if the bridge and the relay are in the same /16 network, Tor clients will automatically know they're in the same family. So the unsolved case is where they're in different networks but operated by the same human. My inclination is to not worry about it that much.) --Roger ------------------------------ Message: 4 Date: Tue, 15 Nov 2011 18:48:57 +0100 From: Jan Weiher <[email protected]> To: [email protected] Subject: Re: [tor-talk] Run Tor as a bridge in the Amazon Cloud Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1 Am 15.11.2011 18:33, schrieb Roger Dingledine: > On Tue, Nov 15, 2011 at 05:29:12PM +0000, Runa A. Sandvik wrote: >>>> A bridge should not specify the ?MyFamily? option. You won't run a >>>> middle relay or an exit relay in the cloud, so this shouldn't be an >>>> issue. >>> >>> As far as I understand, this is correct if you only run bridges (because >>> a circuit never uses two bridges), but what if someone (like me) runs a >>> bridge and a normal relay as well? IMHO you don't want to use a relay >>> which is operated by the same operator as your bridge? Please correct >>> me, if I'm wrong. >> >> Yes, you should set the MyFamily option in the Tor configuration file >> if you run both a bridge and a relay. > > No, this is dangerous: if you list your bridge as part of your family in > the relay descriptor, then everybody can learn your bridge fingerprint, > and they can look up your bridge's descriptor (and thus location) at > the bridge directory authority. Okay, I already changed my torrc. Maybe this should be pointed out in the manpage / tor faq? regards, Jan ------------------------------ Message: 5 Date: Tue, 15 Nov 2011 18:01:57 +0000 From: "Runa A. Sandvik" <[email protected]> To: [email protected] Subject: Re: [tor-talk] Run Tor as a bridge in the Amazon Cloud Message-ID: <CAMtFrUHvn7rSSHVt+TD8Mo_qy1XqKgE+sf0LvnMDy2=+36n...@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 On Tue, Nov 15, 2011 at 5:33 PM, Roger Dingledine <[email protected]> wrote: > On Tue, Nov 15, 2011 at 05:29:12PM +0000, Runa A. Sandvik wrote: >> >> A bridge should not specify the ?MyFamily? option. You won't run a >> >> middle relay or an exit relay in the cloud, so this shouldn't be an >> >> issue. >> > >> > As far as I understand, this is correct if you only run bridges (because >> > a circuit never uses two bridges), but what if someone (like me) runs a >> > bridge and a normal relay as well? IMHO you don't want to use a relay >> > which is operated by the same operator as your bridge? Please correct >> > me, if I'm wrong. >> >> Yes, you should set the MyFamily option in the Tor configuration file >> if you run both a bridge and a relay. > > No, this is dangerous: if you list your bridge as part of your family in > the relay descriptor, then everybody can learn your bridge fingerprint, > and they can look up your bridge's descriptor (and thus location) at > the bridge directory authority. Ah, thanks for correcting me. Maybe we should update the Tor manual to point out that this option is for relays only, and not bridges? -- Runa A. Sandvik ------------------------------ Message: 6 Date: Tue, 15 Nov 2011 19:16:19 +0100 From: audd <[email protected]> To: [email protected] Subject: [tor-talk] tor net questions Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1 if TOr is p2p network, why all connection I see on the network-map comes from in the middle of U.s.A? the nodes I see are really geolocalised in that areas? ------------------------------ Message: 7 Date: Tue, 15 Nov 2011 13:22:00 -0500 From: Roger Dingledine <[email protected]> To: [email protected] Subject: Re: [tor-talk] tor net questions Message-ID: <[email protected]> Content-Type: text/plain; charset=us-ascii On Tue, Nov 15, 2011 at 07:16:19PM +0100, audd wrote: > if TOr is p2p network, why all connection I see on the network-map comes > from in the middle of U.s.A? > the nodes I see are really geolocalised in that areas? Vidalia has one location for each country. So that's one dot for every relay in the US. (Vidalia used to do geolocation at the city level rather than the country level, but we got rid of the feature because it was too much overhead.) And lastly, the phrase "p2p network" means so many things these days that at this point it means nothing at all. --Roger ------------------------------ Message: 8 Date: Tue, 15 Nov 2011 20:15:25 +0100 From: audd <[email protected]> To: [email protected] Subject: Re: [tor-talk] tor net questions Message-ID: <[email protected]> Content-Type: text/plain; charset=ISO-8859-1 On 15/11/2011 19:22, Roger Dingledine wrote: > On Tue, Nov 15, 2011 at 07:16:19PM +0100, audd wrote: >> if TOr is p2p network, why all connection I see on the network-map comes >> from in the middle of U.s.A? >> the nodes I see are really geolocalised in that areas? > Vidalia has one location for each country. So that's one dot for every > relay in the US. > > (Vidalia used to do geolocation at the city level rather than the country > level, but we got rid of the feature because it was too much overhead.) > > And lastly, the phrase "p2p network" means so many things these days > that at this point it means nothing at all. > > --Roger > > _______________________________________________ > tor-talk mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk but if it's so why GFW chinese censorship can track and deny access to tor bridge? "p2p network means so many things..." where I can find something to study about it? yes... I'm a newbie... ------------------------------ _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk End of tor-talk Digest, Vol 10, Issue 34 **************************************** _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
