Delivery-Date: Fri, 26 Jun 2015 05:58:02 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 1C1DB1E06F1;
	Fri, 26 Jun 2015 05:58:00 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 26E9036D45;
	Fri, 26 Jun 2015 09:57:55 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id ACF4B36D43
 for <tor-talk@lists.torproject.org>; Fri, 26 Jun 2015 09:57:51 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id u-vNqdLbh7Hw for <tor-talk@lists.torproject.org>;
 Fri, 26 Jun 2015 09:57:51 +0000 (UTC)
Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com
 [IPv6:2a00:1450:400c:c05::22c])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 6AB3B36D42
 for <tor-talk@lists.torproject.org>; Fri, 26 Jun 2015 09:57:48 +0000 (UTC)
Received: by wibdq8 with SMTP id dq8so12961961wib.1
 for <tor-talk@lists.torproject.org>; Fri, 26 Jun 2015 02:57:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=naa25NFs8W87jKgG6XUS1OLyZok4qIX+BV/T0LGIUys=;
 b=QH9oWHC9LkS+GKny8A+PQiFHmn2XDAwSjHtELOgbSt9VvPWjWwk51/7kIlcA2Du/Dz
 8Q+rHe1aaUSV6rTEEDJRW+muwhyiC7hqjgm1NtTMEmgN2XTEZwZBE7IATMpc/z0m1u2/
 484XNQJI9VopDJkEu41CtcjDRF++CAeXgr0v/IK7tC0EoWpWsfAOn7CiXYIHs8eUOJfM
 p0PZCEKbPEUm5pzUWJgSmfHNQtETKzS1iI0fM++yvSCymOKYOq4skRhIuyIBs2T03cvA
 1Pe0KteE49sDGEWIXSKYj4latsC9ct1dvm8piVdIDpzQaMCUAFHUESgNKtyDp6Evf3L3
 w1aA==
MIME-Version: 1.0
X-Received: by 10.194.109.97 with SMTP id hr1mr1471264wjb.95.1435312665553;
 Fri, 26 Jun 2015 02:57:45 -0700 (PDT)
Received: by 10.194.188.50 with HTTP; Fri, 26 Jun 2015 02:57:45 -0700 (PDT)
Date: Fri, 26 Jun 2015 11:57:45 +0200
Message-ID: <CAPkfgVYZRxja1b8DWe7jRfahjZV9F627U__Biw60oA3oh_6tjg@mail.gmail.com>
From: Jon Tullett <jon.tullett@gmail.com>
To: tor-talk@lists.torproject.org
Subject: [tor-talk] A month with BADONIONS
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi all

This was interesting - not sure if I've missed discussion of it here,
but I didn't find anything with a quick search.

https://chloe.re/2015/06/20/a-month-with-badonions/

Tl:dr; the author set up a very basic honeypot to detect potentially
abusive guard and exit nodes, and found some. (Quelle surprise!)

The claim that they reported the naughty guard nodes to Tor but have
not seen any remediation is something which might merit a response, if
nothing else.

-J
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

