Hi there!

A new Tor Tech Report is available [0]:

"Privacy analysis of Tor's in-memory statistics."

Abstract: "This report analyzes which possibly sensitive, potentially personally identifying data is stored in memory of Tor relays and bridges or reported to the directory authorities and makes suggestions to reduce the collection and temporary storage of such data."

The report addresses concerns regarding metrics collection about the Tor network that were often raised and discussed in the community. Many topics can only be briefly touched in the scope of such a report. Thus, there is quite some work in thinking, writing, and coding open to be done.

Based on the report's suggestions the Metrics Team plans the following steps (mainly in May and June 2017): * Distill a change proposal for Tor server changes that address the most pressing of the identified issues. * Code the Tor server patches according to the proposal. * And, provide necessary patches for Tor Metrics products concerned by the changes for Tor servers.

Future plans for the months after that are to assess privacy questions as raised in this report more in-depth and describe statistical accuracy throughout the data-verse of Tor Metrics.

Many thanks to Aaron Johnson, Paul Syverson, Rob Jansen, and Tim Wilson-Brown, who gave very valuable feedback to ideas and questions we asked during the Amsterdam meeting! Also many thanks to Karsten Loesing, who collected the feedback in Amsterdam, patiently answered all questions about the details of Tor and Tor Metrics, and reviewed the report!

Cheers! iwakeh

[0] https://research.torproject.org/techreports/privacy-in-memory-2017-04-28.pdf