If it wasn't, would posting the ip address of a client connecting to a bridge in here compromise her anonymity and/or allow one to firewall/blacklist her traffic? Im assuming one could guess the ip address of the running bridge based on the poster email address.
On Tue, Dec 4, 2018 at 2:57 PM tschador@posteo.de wrote:
On 2018-12-04 13:15, George wrote:
tschador@posteo.de:
I wonder who is permanently connecting/checking(?) my Tor bridge relay.
That's the bridge directory authority.
Ok, thank you. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Charly Ghislain:
If it wasn't, would posting the ip address of a client connecting to a bridge in here compromise her anonymity and/or allow one to firewall/blacklist her traffic?
Valid point Charly. IP addresses from bridges shouldn't be posted here.
I was stunned that someone actually noticed that in their logs in the first place. It's nice to see someone at least browsing their logs :)
Im assuming one could guess the ip address of the running bridge based on the poster email address.
Few people use their Tor nodes as mail servers, and regardless, it's a bad idea to run any other services on the same IP/hardware as a Tor node.
The OP was using @posteo.de which is a common email provider, regardless.
g
Few people use their Tor nodes as mail servers, and regardless, it's a bad idea to run any other services on the same IP/hardware as a Tor node.
The OP was using @posteo.de which is a common email provider, regardless.
True, but the link <poster email> -> <poster identity> -> <poster owned machines ips> may be easier for someone with relevant data/power
For adversaries such as an authoritarian government. They have the capability to port scan every host on the internet and then try to connect with Tor Protocol to every port and then block suspected bridges automatically. The Chinese government could easily tell China Unicom to let us send traffic across all of your IP Ranges at random and they would have to comply. If this is your threat model a Private OBFS4Proxy Bridge (not published in BridgeDB and blocking the ORPort (only allow the OBFS4 Port) might be a better solution for you :)
Cordially, Nathaniel Suchy
Dec 4, 2018, 8:43 AM by charlyghislain@gmail.com:
If it wasn't, would posting the ip address of a client connecting to a bridge in here compromise her anonymity and/or allow one to firewall/blacklist her traffic? Im assuming one could guess the ip address of the running bridge based on the poster email address.
On Tue, Dec 4, 2018 at 2:57 PM <> tschador@posteo.de mailto:tschador@posteo.de> > wrote:
On 2018-12-04 13:15, George wrote:
tschador@posteo.de mailto:tschador@posteo.de>> :
I wonder who is permanently connecting/checking(?) my Tor bridge relay.
That's the bridge directory authority.
Ok, thank you. _______________________________________________ tor-relays mailing list
tor-relays@lists.torproject.org mailto:tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 12/04/2018 06:43 AM, Charly Ghislain wrote:
If it wasn't, would posting the ip address of a client connecting to a bridge in here compromise her anonymity and/or allow one to firewall/blacklist her traffic? Im assuming one could guess the ip address of the running bridge based on the poster email address.
You'd think that someone running a bridge would know not to post connecting IPs on a public mail list.
On Tue, Dec 4, 2018 at 2:57 PM tschador@posteo.de wrote:
On 2018-12-04 13:15, George wrote:
tschador@posteo.de:
I wonder who is permanently connecting/checking(?) my Tor bridge relay.
That's the bridge directory authority.
Ok, thank you. _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Mirimir:
On 12/04/2018 06:43 AM, Charly Ghislain wrote:
If it wasn't, would posting the ip address of a client connecting to a bridge in here compromise her anonymity and/or allow one to firewall/blacklist her traffic? Im assuming one could guess the ip address of the running bridge based on the poster email address.
You'd think that someone running a bridge would know not to post connecting IPs on a public mail list.
I don't think we should be making assumptions like that. Running a Tor relay/bridge also might be the first public internet service an op is running. And a bridge operator might not be aware of that.
On that note, I put in a ticket a while back for "best practices" aimed at the TPO infrastructure (eg, directory authorities), which should be shaped for bridge and relay operators at some point.
https://trac.torproject.org/projects/tor/ticket/28084
It's not a completed document, and needs some attention, but it should provide some clues for node operators.
g
tor-relays@lists.torproject.org
-
Charly Ghislain -
George -
Mirimir -
Nathaniel Suchy