-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Thanks for the eloquent response. Many good points made and apologies if my comments came across as being critical of the Tor development community. I have no plans to take down the relays I'm running any time soon -- bwauth hiccups or not. Regardless of the current issues, I have to say the network at large feels significantly faster and more functional than it did a few years ago. - --- Julian Plamann julian (at) amity.be GPG: 0x96881D83 On 2015-05-23 10:56 am, s7r wrote: - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello Julian Thanks for your contribution to Tor! Please keep them running, as much as you can. We already struggle to (at least partially) solve the issue for the short term, by launching more bandwidth authorities. On the long term, some research groups are working on a better bandwidth measurement system. We are all anxiously waiting for it, but unfortunately there is no ETA for it at this moment. To answer your question, it's not exactly true that _current system is clearly broken_, or totally broken. It works, but does not work 100% (e.g. we are missing some bandwidth). It's better than going back to self advertising bandwidth. By default (if not explicitly set a MaxAdvertisedBandwidth in torrc), Tor will self advertise the port speed which it sees on the server where running, which is very very often (I could say almost) of a higher value than that server can really handle. For example, take a VPS which has a network port of 1 gbps seen by the operating system, but it's running on a cluster with 100 another virtual machines and each is individually capped at hypervisor lever to 10mbit. Going back to self advertised bandwidth would assign unfair weights to some relays and cause Tor clients to choose paths in a buggy way, we could overload the less capable relays and cause circuit failure for clients, decreasing the Tor performance / user experience overall. The bandwidth authorities are not so sensitive as directory authorities, but a bandwidth authority is useless unless it talks to a directory authority which is allowed to vote in the consensus. That is why bandwidth authorities are run by the same trusted people who also run directory authorities. The analogy you are describing does not reflect the reality in this situation. For the issue we are facing, no directory authority operator has a solution, nor anyone. It's not like someone can do something about it, but does not do it. Still, everyone is making efforts to fix it, in the measure in which it is technically possible. The system where we have a known number of directory authorities, hardcoded and run by trusted people is very well researched and studied, and it eliminates a lot of real and practicable attacks. I am all for decentralized and distributed systems, but at this moment I really think we are doing the best we can. Everyone would prefer Tor to be decentralized and trustless, but this is not that simple and cannot be done immediately. A lot of research is needed. P.S. having the semi-centralized system we currently use (with few Directory authorities run by trusted people) does not mean you are 100% depending on the directory authorities or that they can compromise your anonymity. You are trusting them for consensus data (info about all the relays in the Tor network) which your client uses to build circuits. If something happens to the majority (50% + 1) of the directory authorities, this would prevent the Tor network to function at all, for anyone, but the previous activity within the Tor network of an user won't be compromised. This is a fair trust limit I could say, when you take in consideration the fact that total decentralization will open the door to many other attacks, far worse than this. (fortunately) there is no way to 'force' a bandwidth authority or directory authority to do anything. Please bare little more and keep the relays running if you can. After all, we are a community comprised in volunteers involved in research and experiments, sometimes things like this happen. Just keep calm, run relays and use Tor. It'll be fixed. On 5/23/2015 8:58 AM, Julian Plamann wrote: I have a non-exit relay that has been up and running with 100% uptime on a 15mbps circuit for going on 20 days that is still unmeasured. I also have an exit node on a 100mbps un-metered link that I brought online 7 days ago and purchased specifically to donate to Tor that is still unmeasured by the bwauths. Perhaps it's time to go back to self-advertised bandwidth since this system is clearly broken? Furthermore, I understand the necessity of having the bwauths run by trusted/known members of the development community, but what is the criteria for this trust? Does running a broken directory server for going on three weeks without taking the steps to fix it still fall within this "trust" definition? - --- Julian Plamann julian (at) amity.be GPG: 0x96881D83 On 2015-05-22 10:32 am, Marcus wrote: Hey, I still have the problem, that my relay (non-exit) is "not measured". I tried to set up a new ID but this doesn't work. The relay ist still not measured since one week. (12FD624EE73CEF37137C90D38B2406A66F68FAA2) I don't know much about the DA, but I checked that only two of nine have measured my relay. Only gabelmoo and moria1 did measure the relay. An other smaller relay I own (FFB78E1F3E29091212C23A24A9779072800E1D96) is listed as „measured" in the consensus with only three DA which measured the bandwidth. (gabelmoo, moria1 and long claw) Based on this information I have some questions: 1) Is three DA which measured the bandwidth the „necessary" number to be not „unmeasured"? 2) Is it only by chance that the DA are almost the same, which measured my both relays?! 3) Is there any idea, how I can maybe force a DA to measure the relay?! I am a bit frustrated that I rented a Server to support TOR and now the relay is useless... :( Thanks and Best regards, Marcus Am 22.05.2015 um 01:24 schrieb Network Operations Center