-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi,
(if you are on CC you might want to jump to the URL and have a look at your relays' MyFamily config) as a tor client one probably doesn't wish to use relays from one entity only when creating circuits. So it might make sense to find undeclared families. This first very simple approach uses contactInfo data to detect myfamily misconfiguration - so it detects potential families that are not "hiding" on purpose. https://raw.githubusercontent.com/nusenu/misc-files/master/potential_badfamilies_detectionByContact_sorted_by_relay_count.txt The last column shows the number of relays which have the given contact string and the 3th column shows the number of family members this relay has (in a perfect setup these numbers match). This is obviously a non-perfect approach and might contain false positives since everyone can set a contactInfo string on his relay as he wishes. Should this list worry you? The two biggest undeclared families (by relay count) - perfect-privacy & torpids run relays in over 30 distinct /16 netblocks but they don't seem to run any exits which makes it currently impossible to create exiting circuits through them exclusively. torservers.net on the other hand seems to have a current guard probability of 0% according to compass, but as one can see in the atlas graphs that is not always the case. Additionally torservers runs only in 8 distinct /16 netblocks. I guess the odds are low for one to create a circuit through torservers only - depending on your currently selected guard node. In contrast here the hitlist (by relay count) of *perfectly* declared families: relaycount contact ============================== 27 juha.nurmi(att)tut.fi 20 AccessNow 17 tor0102.10.swsnyder 12 Mozilla 11 TvdW 10 Felix <zwiebel ta quantentunnel tod de> 8 Frenn vun der Enn 8 tor-re...@guy.net.au 8 GTor 7 rdump@OFTC 7 TEN <abuse-team _at_ tor-exit-node _dot_ org> 6 ccc.de I heard about a few of them an know that some are using central management tools to keep MyFamily in sync: ansible or puppet. That is probably the reason why they are in good shape. The good news is that at least one of the big operators not having perfect MyFamily setup yet might start using a central management as well. Looking forward to find actually hiding families aka (slow) sibyl attacks ;) -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJVFsVOAAoJEFv7XvVCELh0qJgP/1dM7pklvJ3LJFxMUFeYFAXh jSUZ/OH44BD+kS3gR38wYGUYTWHNa+GZ9qfWiLy8MLmZHo5I1j22xPqE5XwPZ9hQ mNZAEp52RvUHkWp8tfBFu5W97sHioa8H9Kc0RimJ6QIvmdmu5WxJagF5WOJNegBF TTcKzAX7eJwrBpFWDAu3C/um5g8TtkP98ppCSxEPoFvNLSeGGYL+y2PrBvBNMDx9 ZiGRUcvzPiUf4IlcP6rouemgj+a1cb36M5AgNiBBPFQwdfIbhqtRIjh1LUxHZHgq CoeNOItAeMkQEMrj54z2tYlEAEf+yGSDPJGrYY/HbAiEZrXddoSMod/1/TnunX0i 8kMXxXuHYj9fKp9FpUCuY9yPS0KOLV5NaEPLhs2oq71ivaNeWtWNvOTrtgcfRnZR LTSUwx+AUSyaXDvsZ7lcgw/InHcd07Qy91vtQA8ROk1Mc23yOe/ALm5mbEtRS28L ha7Y4kKRjy3jn3sdahjP/jb9BnTRvQ+KeRMIG2nuqZ6mFAtCZGU3yAAZnG2R8PiB LOFleeZquTjQjjnptQTzLHp/qHB+i0mNxGvVaoKUjR4a745CNWKxYeZa5dLK7Qoe GFSqXhxPJ69qjrjM1Viw6Po2C/HN5GgqhQM2GCj+s6/magBvl0u61BFWskFhmwOp yPKslAOZMtdGwqBgD9yc =Hdj4 -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
