Delivery-Date: Sun, 09 Nov 2014 14:50:47 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 4EFBF1E009B;
	Sun,  9 Nov 2014 14:50:45 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 3C3B731644;
	Sun,  9 Nov 2014 19:50:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 2F8B331026
 for <tor-talk@lists.torproject.org>; Sun,  9 Nov 2014 19:50:35 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id HKxSwqPY0dKV for <tor-talk@lists.torproject.org>;
 Sun,  9 Nov 2014 19:50:35 +0000 (UTC)
Received: from mail-la0-x234.google.com (mail-la0-x234.google.com
 [IPv6:2a00:1450:4010:c03::234])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id C1B8E30F9A
 for <tor-talk@lists.torproject.org>; Sun,  9 Nov 2014 19:50:34 +0000 (UTC)
Received: by mail-la0-f52.google.com with SMTP id pv20so6750939lab.11
 for <tor-talk@lists.torproject.org>; Sun, 09 Nov 2014 11:50:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=from:date:to:subject:message-id:references:mime-version
 :content-type:content-disposition:in-reply-to:user-agent;
 bh=EIaa1mUYy5Uock+E94IgAh7wyJYMgBPegdpzpetQpMg=;
 b=mBGT3rPls7d0VoI0rouEapJjYWprG5Ocd1OVTQgFlMlFYt3bnbS+nKzh+G7zPkWAQW
 yXWyVQqmqqG4AFVSRom5tHXu8dJZ5XWDvkPwBIedrk/Aa/9nW78SnVYQivCBTzxxPM3X
 Aa6TLO52ihFGmfEw+PdkF/VW+y7NWtgwA/bigtUKgGB49//yP1TTe6zie/K3cacgqj3T
 TZUZ4W8q1OoD3NouXJeT8DqRFiJEmWxMNn+060u6sqBV08l5jXmStppEfY94T5jn/WCB
 QVwtLfoqW7NOAWh7rvbBnsb1ljhUkpoKzXhYB18zgge8ODFUgLETBWE+S04++ItFJ8Nh
 QEIA==
X-Received: by 10.112.136.164 with SMTP id qb4mr25401685lbb.62.1415562631652; 
 Sun, 09 Nov 2014 11:50:31 -0800 (PST)
Received: from localhost (tor-exit3-readme.dfri.se. [171.25.193.235])
 by mx.google.com with ESMTPSA id kg9sm4775851lbc.45.2014.11.09.11.50.29
 for <tor-talk@lists.torproject.org>
 (version=TLSv1.2 cipher=RC4-SHA bits=128/128);
 Sun, 09 Nov 2014 11:50:31 -0800 (PST)
From: Matthew Finkel <matthew.finkel@gmail.com>
X-Google-Original-From: Matthew Finkel <Matthew.Finkel@gmail.com>
Date: Sun, 9 Nov 2014 19:50:21 +0000
To: tor-talk@lists.torproject.org
Message-ID: <20141109195018.GJ17004@localhost>
References: <CAJVRA1SiV81+=X6U21merRjxE58L4SxR-LOb=xjY-G0EFN5U2w@mail.gmail.com>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <CAJVRA1SiV81+=X6U21merRjxE58L4SxR-LOb=xjY-G0EFN5U2w@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
Subject: Re: [tor-talk] Tor Blog: "Thoughts and Concerns about Operation
 Onymous"
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On Sun, Nov 09, 2014 at 08:48:35AM -0800, coderman wrote:
> Griffin, Matt, Adam, Roger, David, George, Karen, and Jake worked on a
> wonderful write up of all the questions and concerns regarding this
> Op:
> 
> https://blog.torproject.org/blog/thoughts-and-concerns-about-operation-onymous
> 

Thanks for sending this!


For those who read this earlier, two new paragraphs were added:

Under "Attacks on the Tor network":

*Similarly, there exists the attack where the hidden service selects
the attacker's relay as its guard node. This may happen randomly or
this could occur if the hidden service selects another relay as its
guard and the attacker renders that node unusable, by a denial of
service attack[0] or similar. The hidden service will then be forced to
select a new guard. Eventually, the hidden service will select the
attacker.


And under "Advice to concerned hidden service operators"

*Another possible suggestion we can provide is manually selecting the
guard node of a hidden service. By configuring the EntryNodes option
in Tor's configuration file you can select a relay in the Tor network
you trust. Keep in mind, however, that a determined attacker will
still be able to determine this relay is your guard and all other
attacks still apply.


* Added information about guard node DoS and EntryNodes option - 2014/11/09 18:16 UTC

> 
> 
> also,
> the performance link to doc/TUNING shows it could use much help.
> currently this is minimal, focused on file descriptor limits. more
> tuning guidance is needed!

Yes please!

> 
> there is a good thread a few years past on tor-relays,
> https://lists.torproject.org/pipermail/tor-relays/2010-August/000164.html
> , which could provide instruction for additional knobs to turn for a
> solid relay or client under load.
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

