Hi again,,

> A valid point, thanks for linking the paper. I have the utmost belief 
your intentions are good, but the concentration of exits under a 
non-advertised central control warrants conversation, at least.

I discussing the best way to handle this is important. However I think it's unfair to expect one small provider to go through the hassle of correlating MyFamily across customers, while big providers like Digitalocean are fine.

If you grow beyond a /24, it's worth knowing that Tor's current path
selection avoids the same /16 for IPv4, and will soon avoid the same
/32 for IPv6:
https://trac.torproject.org/projects/tor/ticket/24393

The avoiding /32 will be very positive as IPv6 relays become more wipe spread.

If the end goal is turning $ into relays, not all paths are paved with 
equal mind to security and it might be worth considering donation-backed 
alternatives.

Two things here:

1) We are hosting more than just Tor relays. While Tor relay operators are a target demographic, over time we expect to be a free speech friendly hosting provider, and also already offer remote desktops and a vpn service. In the future it's quite possible that we may have a donation option for managed Tor exits. There are a lot of options we could take.
2) While we can technically access a customer's data if we're motivated enough - we believe splitting control across different operators is important.

One might worry more what Mega and Gigacorps are doing,
secret partner friendly endeavours with Govts against you,
than what some tiny ISP or whoever is doing with a few boxes.

It's quite true hosting providers might collude with law enforcement. Tor isn't designed to fight against a global passive adversary, there isn't enough research on protecting against a such a powerful adversary.

And was posted here many times about creating additional trust
models and layers for relays, audits metrics and choices for users
beyond the CIDR/nn and Family game that might go towards
satisfying some reasonable concerns in that space... but crickets.
>
> And when you can't trust your CPUs, ISPs, operators, Govts, or
even your own anonymous overlay networks strength against them...
it's probably time for strategic rethink.

When it gets to the point you are worried all computers have a hardware backdoor, maybe computers and the internet are too dangerous for your thread model and you should consider alternate ways of communication not involving technology.

Teor: I read your email regarding off-topic emails and I agree. I'm going to create a new thread regarding path selection and relays at the same hosting provider. I don't want to continue a thread regarding Conrad and I's services as that's been discussed enough. Let's discuss path selection among the same hosting provider in general.

On Mon, Aug 27, 2018 at 10:09 PM teor <teor@riseup.net> wrote:
> On 28 Aug 2018, at 10:47, Nathaniel Suchy <me@lunorian.is> wrote:
>
> Tor will already avoid making circuits where two IP Addresses in the same /24 are involved.

If you grow beyond a /24, it's worth knowing that Tor's current path
selection avoids the same /16 for IPv4, and will soon avoid the same
/32 for IPv6:
https://trac.torproject.org/projects/tor/ticket/24393

T
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays