-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Moin,
Our relay is online as of Jan 23 and recently I've been thinking about pivoting it into a bridge instead. The relay lives in Cambodia and may naturally be a bit off from the rest of the network (latency).
Consensus weight is steadily increasing despite various initial downtime incidents, which you can see in Atlas graphs. (We've had some network upgrades and during a separate event even had a monkey yanking the eth from the nic.)
Currently we advertise 435.66 KB/s and with our current ~9d 10h uptime we have downloaded 3.6 GB resp uploaded 3.7 GB. Theoretically our tubes fit 10 Mbps download and 30 Mbps upload.
The question is whether the relay is worth keeping with its current setup or if we can contribute more by re-configuring into a bridge. Unfortunately it is very risky for us to allow exit traffic, but we <3 any cipher packet.
Please advice! https://atlas.torproject.org/#details/94F806110B23E727AE8BAD74DD95B0EE0B7A8E...
Regards,
King Kong
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Any server from "new" countries are good. If you are relay in this time, that is good as well. Doing what you are doing now with your relay is more then you think. If people from your country see that somebody start to do what you do, more will come and join the network.
Keep server rolling.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi Niklas,
Way cool!
There is no golden rule on when to turn a relay into a bridge or vice versa. Does the relay have a dynamic IP? Do you lose connectivity regularly, for longer periods? From the graph it looks like a nice, stable relay that has just not been up long enough to attract enough usage, and the only thing it needs at the moment is patience. It can take a relay a couple of weeks to reach its full potential. You might like the "lifecycle of a Tor relay" blog post for some explanations [1].
If I were you, I would just wait a while longer. We cannot know for sure because there has been too little investigation into how exactly geographical diversity influences diversity. We do know that diversity is good for the anonymity properties of Tor, and that geographical location plays quite a role, both legally and technically. For more information, you might want to start with the excellent "Users get routed" paper. [2] It would make me very happy to see this relay around for longer, and not have it "disappear to become a random bridge" just yet.
Should you ever run into legal trouble in Cambodia because of this (I have no feeling how they feel about anonymity, now or in the years to come), remember that you can contact us for help. We can try to arrange lawyers, pay bribes, etc, whatever helps. ;-)
Once you max out your connection, please let me know also. We can then see whether it makes sense for us to pay for additional capacity.
If you think it is theoretically possible to run exits there, and you can find an ISP that is willing to do it, but don't want to take the risks, we can also discuss if it would be possible for Torservers.net to legally run it instead of you.
Thanks!
Moritz
[1] https://blog.torproject.org/blog/lifecycle-of-a-new-relay [2] http://freehaven.net/anonbib/#ccs2013-usersrouted
On 02/10/2015 02:03 PM, Niklas Femerstrand wrote:
Moin,
Our relay is online as of Jan 23 and recently I've been thinking about pivoting it into a bridge instead. The relay lives in Cambodia and may naturally be a bit off from the rest of the network (latency).
Consensus weight is steadily increasing despite various initial downtime incidents, which you can see in Atlas graphs. (We've had some network upgrades and during a separate event even had a monkey yanking the eth from the nic.)
Currently we advertise 435.66 KB/s and with our current ~9d 10h uptime we have downloaded 3.6 GB resp uploaded 3.7 GB. Theoretically our tubes fit 10 Mbps download and 30 Mbps upload.
The question is whether the relay is worth keeping with its current setup or if we can contribute more by re-configuring into a bridge. Unfortunately it is very risky for us to allow exit traffic, but we <3 any cipher packet.
Please advice! https://atlas.torproject.org/#details/94F806110B23E727AE8BAD74DD95B0EE0B7A8E...
Regards,
King Kong
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
There is no golden rule on when to turn a relay into a bridge or vice versa. Does the relay have a dynamic IP? Do you lose connectivity regularly, for longer periods? From the graph it looks like a nice, stable relay that has just not been up long enough to attract enough usage, and the only thing it needs at the moment is patience. It can take a relay a couple of weeks to reach its full potential. You might like the "lifecycle of a Tor relay" blog post for some explanations [1].
Static IP is in place.
We do get periodic electricity outages, but the UPS I just installed today will hopefully cover that efficiently. For now it is only powering the server, so outages will still affect networking equipment.
I did see the lifecycle blog post, thank you. I have been trying to sync maintenance tasks accordingly. Our setup is a little bit ghetto, as you can see it is still far from a HA cluster ;-) https://i.imgur.com/OdIWCp0.jpg
If I were you, I would just wait a while longer. We cannot know for sure because there has been too little investigation into how exactly geographical diversity influences diversity. We do know that diversity is good for the anonymity properties of Tor, and that geographical location plays quite a role, both legally and technically. For more information, you might want to start with the excellent "Users get routed" paper. [2] It would make me very happy to see this relay around for longer, and not have it "disappear to become a random bridge" just yet.
ACK. It sure sounds like operating the machine as a relay is the preferred option so we'll be keeping it that way. I'm happy to contribute to the geo diversity experiment. I will read the paper, thank you.
Should you ever run into legal trouble in Cambodia because of this (I have no feeling how they feel about anonymity, now or in the years to come), remember that you can contact us for help. We can try to arrange lawyers, pay bribes, etc, whatever helps. ;-)
Many of the problems here are not necessarily related to what laws say or don't say but rather how they are selectively enforced. The men in blue won't hesitate to play dirty if something bothers the right (wrong) people. Freedom House recently rated it as one of the most repressive countries in the world: http://www.phnompenhpost.com/national/cambodia-not-free-report
We have already consulted local cybercrime advisors. Not only because of our Tor network connectivity, but because the relay plays a part in a bigger project. We also host a Jabber server (with an OTR requirement) and have a HTTP proxy and Mumble still in configuration stages to enable local users to bypass local censorship and surveillance. Yes, we have Tor as well, but the more the merrier :-)
The idea is to get some proper infrastructure up and running as a proof of concept and later mirror that for local media outlets and NGOs in the true Kopimi spirit on which we build. With that said, the ambition is that any local org which chooses to replicate our system will also be running Tor relays - then hopefully that can give us a nice little boost.
I apologize if this sounds like advertisement. I needed to portray the full image to make the point that it is not only the Tor relay which may end up gaining the "wrong" people's interest. To make it more obvious that this is not self advertising I will not write the URL to the project that I described above, just in case.
As for what the local regim-- government is interested in doing, please see the following links:
https://www.cambodiadaily.com/news/police-inspected-telecom-firms-routers-re... https://www.cambodiadaily.com/news/govt-plans-to-install-surveillance-equipm... https://www.cambodiadaily.com/news/china-gives-3m-for-phnom-penh-surveillanc...
And, of course, the usual suspects:
http://www.phnompenhpost.com/columns/big-brother-watching-closely
If you think it is theoretically possible to run exits there, and you can find an ISP that is willing to do it, but don't want to take the risks, we can also discuss if it would be possible for Torservers.net to legally run it instead of you.
This is a very intriguing idea and I am very flattered that it would even be a theoretical possibility. I definitely have a network of contacts available for directing these sorts of questions to, but as IANAL I would have to consult with our friends in the legal team.
Thank you for addressing the relay vs. bridge topic and clearing those things out.
qnrq
tor-relays@lists.torproject.org
-
Moritz Bartl -
Niklas Femerstrand -
ZEROF