Delivery-Date: Wed, 30 Jul 2014 15:55:32 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 917051E0B30;
	Wed, 30 Jul 2014 15:55:30 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0549E3082C;
	Wed, 30 Jul 2014 19:54:59 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 2E8D13075E;
 Wed, 30 Jul 2014 19:54:52 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id kcmyMiTurSLq; Wed, 30 Jul 2014 19:54:52 +0000 (UTC)
Received: from mail-oa0-x22a.google.com (mail-oa0-x22a.google.com
 [IPv6:2607:f8b0:4003:c02::22a])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 0ED3E2D931;
 Wed, 30 Jul 2014 19:54:52 +0000 (UTC)
Received: by mail-oa0-f42.google.com with SMTP id n16so1320508oag.29
 for <multiple recipients>; Wed, 30 Jul 2014 12:54:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:sender:in-reply-to:references:date:message-id:subject
 :from:to:cc:content-type;
 bh=fiztuI4WWdJ/8k3HOnewrTmK+gZyt0nhXup5xlitKsU=;
 b=QUyYq6ALEmkZni58ESHcFJ5kmwVl+8BMeSL3TtnCXROPkWlgbeLOkUZxo6YSr7wdzM
 nCEpnUdOxg8ktLJGpdD3eczsvBdVwaqbNnIjbSyBdoHSAqcnp8iV3xWBGXCbkk191+Fq
 fdY6y/yaP32HQFBMr8eC82VOxDjItCzay5cW4DfRLcqX1vHwZFRgSpkk7yXlVlDCqiLV
 XwSu3uUN04t6Yl//FRNC5LYcKhXkUrGO2Fh/86FCracKuCqxGTMV/hKtHAw+WGcV/6VY
 hhxhxek4XREKSN7kNURWXGbu8ayBZ+ddOV+ZOKmhBMhQbtshfPUpUcUX0xyv4ZzmrQDp
 FAGw==
MIME-Version: 1.0
X-Received: by 10.182.224.163 with SMTP id rd3mr9249273obc.41.1406750089239;
 Wed, 30 Jul 2014 12:54:49 -0700 (PDT)
Received: by 10.202.224.84 with HTTP; Wed, 30 Jul 2014 12:54:49 -0700 (PDT)
In-Reply-To: <CAD2Ti2_1Ur5necgFTsnjdmBAdvg4Csv3Q3CqKDb-mN5A=fPACA@mail.gmail.com>
References: <CAD2Ti2_1Ur5necgFTsnjdmBAdvg4Csv3Q3CqKDb-mN5A=fPACA@mail.gmail.com>
Date: Wed, 30 Jul 2014 12:54:49 -0700
X-Google-Sender-Auth: c0UheyfJp_oqXuMHxDXhs9kWPfU
Message-ID: <CAJdkzEPhK63-adnbds1woWw4xKDeXR2C3z2=6GV=mgrEz3h_EQ@mail.gmail.com>
From: Damian Johnson <atagar@torproject.org>
To: Tor Mailing List <tor-talk@lists.torproject.org>
Cc: tor-relays@lists.torproject.org
Subject: Re: [tor-talk] Finding relay Sybils / Groups [re:
	relay_early/blackhat]
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi grarpamp. Actually we do have a rudimentary Sybil checker and it
*did* pick up on those relays back in January...

https://lists.torproject.org/pipermail/tor-consensus-health/2014-January/003954.html

We had some internal discussions about them but the thread lost
momentum before they were flagged. This is a large part of the
motivation for why Philipp and I are taking over responsibility for
this...

https://blog.torproject.org/blog/how-report-bad-relays
https://trac.torproject.org/projects/tor/wiki/doc/ReportingBadRelays

Previously it wasn't truly maintained by anyone so bad relay reports
got dropped on the floor.

Cheers! -Damian


On Wed, Jul 30, 2014 at 11:10 AM, grarpamp <grarpamp@gmail.com> wrote:
> As a project then to production development, someone should go back
> through the entire history of descriptors and look for groups coming online...
> dates, IP's, contacts, tor/OS versions, nicknames, ISP's, geoip, numbers
> coming online over sliding timeframes, correlation to 'news events', etc.
> There may be more questionable relays to be found.
> We were talking about such influxes around july 4 09, ironically, or not.
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

