Roger Dingledine:
Hi relay operators!
Isn't that more relevant to HS operators than relay operators?
I want to let you know about two upcoming research projects by academic research groups. The tl;dr is that they're running relays to do certain measurements, and so far as we can tell the proposed methodology is safe enough and worthwhile enough, but we invite you (and everybody) to evaluate it too.
Do you review the design and implementation or design only?
In particular, check out cases 2017-02 and 2017-03. They have each put up a web page explaining their research project and why it's safe, and listing which relays are associated with the research. http://tor.ccs.neu.edu/
Trying to access this page via https times out. https would be appreciated.
http://tor.ccs.neu.edu/safety-board.pdf wrote:
An adversary compromising $n-1$ HSDir servers cannot infer anything about counters or onion addresses.
If you design a system with these properties shouldn't the ISP also be part of your threat model? (especially with what we observed lately in FR)
[...]
Again, we run relays controlled by three different entities over two continents with different jurisdictions, so avoid coerced disclosure of data.
Does the stated geo-diversity relate to the entities operating the measurement nodes or the location of the measurement nodes themselves? (I guess it is the former)
If the list of fingerprints at http://tor.ccs.neu.edu/ is in fact complete and Maxmind has proper IP-to-AS data for these IPs than _all_ participating measurement servers are hosted using a _single_ hoster.
http://tor.ccs.neu.edu/ wrote:
Experiment Status: OFF We are not running our relays and experiments now.
At least the relays seem to be running.
Please publish the timeframe during which you will measure (like https://onionpop.github.io/ does) so HS operators who want to opt-out can shutdown their onions during that time if they wish to do so.