Hi!
Thanks everyone who joined the relay operator meetup last saturday! We
had ~32 contributors discussing a lot of topics.
Next online meetup: April 13th, 1900 UTC.
Thanks!,
Gus
Notes - Tor Relay Operator Meetup March 2024
1. Announcements:
- 0.4.7.X EOL relays removal: email was sent to operators last week. Please upgrade your relay to 0.4.8.X ASAP!
- Tor Metrics issues (wrong first seen date) should be resolved by now as good as possible (see: Many older relays seem suddenly less than 2 weeks old... (#40024) 路 Issues 路 The Tor Project / Network Health / Metrics / Relay Search 路 GitLab for details)
Idea: Can we add a note on relay-search webpage to show that it's a known bug? [Sign in 路 GitLab]
To be clear, there is no impact on relay selection or flag selection, it's just an annoying surprise on the relay-search website.
- Lox bridges
- Call for bridges for Lox was a sucess: [tor-relays] bridges for Lox
- Paper: Lox: Protecting the Social Graph in Bridge Distribution
- Read more about this project: Git repository: The Tor Project / Anti-censorship / lox 路 GitLab
- Status of Arti relays
We're currently wrapping up the grant to get Arti working as a client, including an onion service client. In 2024 we hope to begin adopting Arti into Tor Browser. The relay topic will come after that.
- Announcement by Leibi: Zwiebelfreunde e.V.'s IPv4 /22 has been transferred to 'Renewable Freedom Foundation' because of future changes regarding Zwiebelfreunde. There will be a separate announcement asap. The transfer does not have any consequences, just wanted to inform you in case someone wonders / worries about it. That's it.
- EFF Tor University Challenge (https://toruniversity.eff.org/) update
Since the last update from EFF in December, we added some new institutions! University of Chicago (US), NYU (US), Radboud University (NL), Aarlborg University (DK), Brandenburg University of Technology (DE). Please consider joining the momentum!
Also, Roger has a "Lessons learned running Tor exit relays at an NREN" presentation in France in June at TNC, which is the annual conference where the European National Research and Education Networks (NRENs) get together, and the presentation is joint with an engineer from Switch, the Swiss NREN (!)
SESSIONS - TNC24
2. DDoS attacks update
- Incident in February: it's still under investigation; however, some relay operators have reported the same IP range, Linode as the source of this attack, among other things. It's worth being cautious when defining the motivations and goals of the attacker(s), whether they were Tor clients trying to do something non-malicious but ended up harming the network.
- trinity and Roger were discussing dir-written and dir-read in extrainfo descriptors, and whether the DDoS bandwidth spikes are from onion service descriptors or not. The discussion led to wondering if, for a relay that isn't a guard, most of its written dir info will be onion service descriptors, and if this is true, whether this is a privacy issue that should be investigated.
Ticket: consider not counting hs directory bw as directory bytes written (#40919) 路 Issues 路 The Tor Project / Core / Tor 路 GitLab
3. [Elections 2024]
- Elections in February and Censorship: censorship in Pakistan, internet outages in Senegal, and more!
- What's coming up this month: Elections in Russia (March 14 - 17th).
Read the presentation:
https://gitlab.torproject.org/tpo/community/relays/uploads/13dab2970e1f73e03db54002e47e2dd0/Relay_Operator_Meetup__2024-03-02_.pdf
4. Tor Q&A (add your questions below)
Q: What is preventing the adoption of TorKameleon?
路路路
A: Hm! Has it been published yet? I found a paper on arxiv. I don't know that the network team or the anti-censorship team knows about it yet. It looks like one of the coauthors is in Lisbon though, and Tor has a meeting in Lisbon in May. Maybe we can get them to come talk to us then.
Q: "Efficient enumeration of URLs of active hidden servers over anonymous channel (TOR)": A problem statement of National level hackathon organized by Goverment of India [search S.No. 165: https://www.sih.gov.in/sih2023PS\]
A: "Teams are supposed to examine the cryptographic security controls and survey existing vulnerabilities in underlying security architecture of TOR network to develop PoC for efficient enumeration of URLs of active hidden services hosted over TOR." Sounds awesome! I hope they find issues, publish them, and we can fix them. My guess is that they won't find issues. I (Roger) spent a while trying to think through how to do a Defcon contest to discover v3 onion addresses too, but a proper contest has goals with a variety of difficulty levels, and I didn't figure out how to make it something other than 'trivial' or 'thought to be impossible'.
Q: is the availabilitY of high precision time-stampingNICs a problem?
A: Maybe? Tell us more -- what are they, how are they being used? We Tor have thought a lot about netflows, which are more session-based and less packet-based. Having more precision about each packet could help correlation attacks, but the question isn't so much whether the hardware has the capability, it is whether people share or publish these data sets. There's also an argument that millisecond-level precision is already scary for correlation, and that nanosecond-level precision doesn't really add anything.
Q: What is the story with Tor debs in nightly? The gitlab CI is broken so they aren't being built, and this has been true since late 2023? Is there a ticket yet / does the network team know?
A: ahf: we know. there is a general discussion on deb.torproject.org handling, but i do not know what the current status of it is, unfortunately
Created Nightly Debian Tor packages on deb.torproject.org is broken since late 2023 (#40918) 路 Issues 路 The Tor Project / Core / Tor 路 GitLab
Q: How do I know if I qualify for a tshirt with my relay? How do I learn what my relay's average bandwidth is?
A: One option is to load your relay's page on the relay-search site, scroll to the bottom, see what your bandwidth graph looks like. When you think you qualify, contact tshirt@torproject.org.
Q: Setup is: Windows (8! old!). Location: Russia. I'm a long time user and relay owner (middle node, not an exit one), very amateur. Now being heavily censored, I use bridges (get them via Telegram bot). Question is: can I both use bridges and be a relay? No success yet.
A: No, if you are a Tor client that needs bridges to reach the Tor network, you cannot also be a Tor relay. That's because all of the relays need to be able to reach all of the other relays.
Q: Is Snowflake browser proxy an option?
A: You can run a Snowflake, either in browser or as a headless go snowflake proxy, *if* your computer can reach the main Snowflake bridges. We should discuss in the call how to test this / what their IP addresses are.
Q: Any helpful documentation on how to start with Snowflake? I would prefer headless setup.
A: Start from https://snowflake.torproject.org/, end up on Tor Project | Standalone Snowflake proxy
Oh but all of these instructions are based on other OSes than Windows. On Windows, your best option is to use a browser extension, or to become a developer and make build instructions for Windows.
So, Docker is best for headless, and browser addon for those who cannot build/install anything on their machines.
Q: I'm facing a bit of beaurocracy-caused resistance when trying to get my uni to run a relay. I think Roger said he can provide support; how do I reach ya?
A: tor-edu@eff.org is a small closed list that goes to a few EFF people and a few Tor people. It's a great choice. You can find it listed in a huge box on https://toruniversity.eff.org/. Also take a look at the arguments on Tor University Challenge
Q: Is "meek" coded in C? I'm wondering if it would run under a hardened Gentoo Linux?
A: i think go, The Tor Project / Anti-censorship / Pluggable Transports / meek 路 GitLab
Q: Tpo Metrics label saying a bridge blocked in ru is not accurate
A: right, 'blocked in russia' is simply a boolean, "was this bridge running on a certain date a few years ago". i wonder if we should take that off of relay-search until somebody properly connects it to a bridgestrap tester in russia. [Fine with me, worth a ticket at least --GeKo]
Q: Anybody tried run a relay on Oracle cloud? I am worry, if they ban my account...
A: On relay-search, you'll find some relays on Oracle cloud. There is a free tier that is something like 10 terabytes per month, a bunch of relays are doing it. Also you can run bridges or Snowflakes there. Exits might be more of a problem.
Next meetup: April 13th, 1900 UTC!
On Sat, Mar 02, 2024 at 02:04:21PM -0300, gus wrote:
Hi,
Just a friendly reminder that the Tor Relay Operator online meetup is
happening today (March 2nd) at 19 UTC (~2 hours from now).Room link: Tor Relay Operator Meetup
Agenda: Riseup PadSee you soon!
GusOn Tue, Feb 27, 2024 at 07:14:36PM -0300, gus wrote:
> Hello,
>
> The Tor Relay Operator will happen this Saturday, March 2nd at 19UTC!
>
> Please feel free to add other topics here:
> Riseup Pad
>
> ## Agenda
>
> 1. Announcements:
> - EOL relays removal
> - Tor Metrics issues (wrong first seen date) should be resolved by
> now as good as possible (see: Many older relays seem suddenly less than 2 weeks old... (#40024) 路 Issues 路 The Tor Project / Network Health / Metrics / Relay Search 路 GitLab for details)
> - Lox bridges
>
> 2. DDoS attacks update
>
> 3. [Elections 2024]
> - Elections in February and censorship
> - What's coming up this month:
> - Elections in Russia and Iran
>
> cheers,
> Gus
>
> On Thu, Feb 15, 2024 at 11:37:38AM -0300, gus wrote:
> > Hello Tor Relay operators,
> >
> > Please save the date! The next Tor Relay Operator Meetup will happen on
> > Saturday, March 2nd at 2024 at 19.00 UTC.
> >
> > We're still working on the agenda for this meetup, however feel free to
> > add your topics directly to the ticket or just reply to the mailing list:
> > Tor relay operator meetup (March 2nd 2024 @ 1900 UTC) (#86) 路 Issues 路 The Tor Project / Community / Relays 路 GitLab
> >
> > Meetup details
> >
> > - Room link: Tor Relay Operator Meetup
> > - When: March 2nd, 19.00 UTC
> > - Duration: 60 to 90 minutes
> > - Tor Code of Conduct:
> > Code of Conduct - The Tor Project - Policies
> > - Registration: No need for a registration or anything else, just use the
> > room-linkabove. We will open the room 10 minutes before.
> >
> > best,
> > Gus
> > --
> > The Tor Project
> > Community Team Lead
>
>
>
> --
> The Tor Project
> Community Team Lead--
The Tor Project
Community Team Lead
--
The Tor Project
Community Team Lead