Hello.
Tor at 1AEO wrote:
These emails suggest Hetzner monitors flow-level data (e.g., NetFlow),
which raises concerns about potential exposure of Tor traffic
characteristics.
Every major service provider will do that. I would be surprised if there
exists any AS in the world that Tor traffic goes through that does not.
What matters is whether or not this traffic flow data is insecurely
transmitted over the network or sold, and whether it is triggered on an
event (such as an abnormal pps/bps ratio) or if it is unconditionally
enabled for all flows (which would be highly problematic for privacy).
While I definitely worry that such flow records are being sold/exported
to the likes of Team Cymru and other "threat analysis" services, the
mere fact that Hetzner has insight into their traffic using flow-level
monitoring is not something that concerns me in the slightest.
Regards,
forest
ยทยทยท
_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org