On Sat, Aug 8, 2015 at 2:03 AM, nusenu nusenu@openmailbox.org wrote:
that implies that USU exit relays store significant amount of logs
node. I said that we had extracted and filtered the requested data, it was 90 4 gig files (for a total of 360 gigs of log files) or about 3.2 billion log entries.
If you can confirm that the comment is authentic I'd be interested what kind of tor related data you are logging at your exit relays and why.
It's most likely netflow logs. Quite popular in Uni / regional ISP environments. People collect them for network stats, and to track down "security incidents". (Such logs by their very existance, and in absence of very strong policy, also generally attract dogooder suckup to whoever comes calling for them, be it their own internal network / security / employment / political queries, or from external parties). The USA has no EU style logging requirements, nor really laws beyond the mashup of wiretap / FERPA / PCI type stuff and internal "policy". Some might not keep anything, some 1wk / 1mo / 90d / 6mo / 1y or more, or whatever the disks can hold. Netstats can be aggregated down, but the other raw uses typically retain under "well, better keep them just in case". Once you start it's really hard to stop. Some places do in fact have really good policies, either from the start, or after years of debate.