Advice on setting up a TOR public relay
January 30, 2011 9:19 AM Subscribe
I've recently set up a TOR node as a public relay and have a few questions.
Is it a bad idea to use any personally identifying information in my relay name? It's not necessary for me to do this, but I'm curious whether it matters or not.
Do I need to worry about my computer's IP being publicly known through the TOR list? It states the IP address and the operating system. It's a desktop in a US university too, so I'm not sure whether universities frown on using a computer on their network in this way.
I mainly curious about this - I read the TOR documentation pretty carefully and realize I'm not facilitating anything obviously illegal (such as file sharing), but wondering if there is anything I should look out for.
Is it a bad idea to use any personally identifying information in my relay name? It's not necessary for me to do this, but I'm curious whether it matters or not.
Do I need to worry about my computer's IP being publicly known through the TOR list? It states the IP address and the operating system. It's a desktop in a US university too, so I'm not sure whether universities frown on using a computer on their network in this way.
I mainly curious about this - I read the TOR documentation pretty carefully and realize I'm not facilitating anything obviously illegal (such as file sharing), but wondering if there is anything I should look out for.
IP being publicly known: If you are worried about it, I wouldn't do it. My understanding is it's non-trivial - and end user can't just figure it out, but.... I believe studies have shown that with enough rogue nodes set up, an attacker can compromise the anonymity of the nodes (might be wrong there)
posted by TravellingDen at 10:03 AM on January 30, 2011
posted by TravellingDen at 10:03 AM on January 30, 2011
Your IP and relay name will be recorded in publicly available "consensus" files for as long as the Tor system is up and probably longer.
Whether you are liable is a matter of legal opinion and not fact. You can guess what opinion law enforcement has.
posted by about_time at 10:04 AM on January 30, 2011
Whether you are liable is a matter of legal opinion and not fact. You can guess what opinion law enforcement has.
posted by about_time at 10:04 AM on January 30, 2011
There was (and possibly still is) a Tor node that was being run at Carnegie Mellon University, which brought the attention of a lot of the university lawyers, university staff, and local FBI (apparently the node was used for transmitting child porn).
I don't know what specific policies your university may have, and it may simply boil down to a bandwidth issue rather than a free speech and academic freedom issue, but be prepared to have a lot of talks with people.
posted by jasonhong at 10:58 AM on January 30, 2011
I don't know what specific policies your university may have, and it may simply boil down to a bandwidth issue rather than a free speech and academic freedom issue, but be prepared to have a lot of talks with people.
posted by jasonhong at 10:58 AM on January 30, 2011
Response by poster: bashos_frog: I read that article and I'm not terribly convinced by the arguments in it. Basically he seems to argue that 'someone' is tapping in to the data. I'm assuming that TOR is somewhat robust, and that most of the time it is being used, is for good. My reasons for setting up a relay are due to some friends who work in the field of human rights, and secure communication is a major challenge for them. I thought one small part of assisting with this problem, could be to offer some bandwidth.
Thanks everyone for your comments so far; I think the bandwidth use has been modest over the last 24 hours so I don't think I'm an obvious drain on my university, and it does not affect my computer use either. It's a lot less than streaming a HD movie.
The only thing we are warned about with our network use, is not to file-share; I haven't seen any specific advice about 'anonomizers' (if that is the correct classification) but I'll make some gentle enquiries.
posted by a womble is an active kind of sloth at 11:32 AM on January 30, 2011
Thanks everyone for your comments so far; I think the bandwidth use has been modest over the last 24 hours so I don't think I'm an obvious drain on my university, and it does not affect my computer use either. It's a lot less than streaming a HD movie.
The only thing we are warned about with our network use, is not to file-share; I haven't seen any specific advice about 'anonomizers' (if that is the correct classification) but I'll make some gentle enquiries.
posted by a womble is an active kind of sloth at 11:32 AM on January 30, 2011
You can limit the amount of bandwidth your node is willing to carry in the config options. I cranked mine down to the point that it won't saturate my dsl connection, and is hopefully unattractive to filesharers but still useful for anonymous communication. Even a really slow tor node is useful for people who want to send and receive email, twitter, or irc, for example.
One thing I found was that being on the list of exit nodes can get your IP address blocked at places like Wikipedia. I ended up using a separate ip address for the tor exit and for my nat.
posted by hattifattener at 12:00 PM on January 30, 2011
One thing I found was that being on the list of exit nodes can get your IP address blocked at places like Wikipedia. I ended up using a separate ip address for the tor exit and for my nat.
posted by hattifattener at 12:00 PM on January 30, 2011
It's quite likely that your university will tolerate it until the abuse/DMCA complaints start pouring in, and then insist that you stop. This probably won't take as long as you think.
posted by one more dead town's last parade at 12:29 PM on January 30, 2011
posted by one more dead town's last parade at 12:29 PM on January 30, 2011
Why haven't you asked your computer's IT department for their opinion? It sounds like you're avoiding them, and for good reason; my experience of IT departments are that they're reflexively conservative. I'm all for supporting free and unfettered access to the Internet and run a Tor relay at home but would never, even momentarily, consider doing the same on servers at work.
On the other hand, if you stepped up to the plate and boldly made a petition to your university to make a stand on the side of freedom and publicly endorse Tor relays to be run on university computers, that would be a statement.
posted by asymptotic at 12:42 PM on January 30, 2011
On the other hand, if you stepped up to the plate and boldly made a petition to your university to make a stand on the side of freedom and publicly endorse Tor relays to be run on university computers, that would be a statement.
I mainly curious about this - I read the TOR documentation pretty carefully and realize I'm not facilitating anything obviously illegal (such as file sharing), but wondering if there is anything I should look out for.Read more closely. Indeed, Tor helpfully provide a massive list of template answers to common complaints about attacks conducted via Tor exit nodes. However, if you live in the US, despite the lack of case history, know that the EFF has your back.
posted by asymptotic at 12:42 PM on January 30, 2011
crap english. "computer's IT department" = "university's IT department".
posted by asymptotic at 12:43 PM on January 30, 2011
posted by asymptotic at 12:43 PM on January 30, 2011
@bashos_frog: The link on Why I Don't Use Tor is thoroughly unconvincing. The author made no reference to the technical details of the Tor Project, nor pointed out the startlingly obvious truth that it's all open source. Yes, I agree, open source doesn't deliver security by fiat, but if the author was so convinced about backdoors being installed in Tor then surely they could use their clear technical prowness to point said backdoors out.
The author's basic argument is: "we cannot afford to ignore ad hominem attacks, because there may be substance to these accusations". This argument is seductive at first, but then I remember Bertrand Russell's teapot, and I realise the author made the mistake of making outlandish accusations and demanding that the burden of proof be on everyone else except themselves.
(By the way, yes running Tor exit nodes that deliberately snoop traffic is a remarkably effective and proven manner in which to gather confidential data. But even the developers of Tor urge people to use SSL and related protocols over Tor. If you don't secure your Internet traffic whilst using Tor, you are a fool).
posted by asymptotic at 1:03 PM on January 30, 2011
The author's basic argument is: "we cannot afford to ignore ad hominem attacks, because there may be substance to these accusations". This argument is seductive at first, but then I remember Bertrand Russell's teapot, and I realise the author made the mistake of making outlandish accusations and demanding that the burden of proof be on everyone else except themselves.
(By the way, yes running Tor exit nodes that deliberately snoop traffic is a remarkably effective and proven manner in which to gather confidential data. But even the developers of Tor urge people to use SSL and related protocols over Tor. If you don't secure your Internet traffic whilst using Tor, you are a fool).
posted by asymptotic at 1:03 PM on January 30, 2011
Response by poster: Why haven't you asked your computer's IT department for their opinion? It sounds like you're avoiding them, and for good reason; my experience of IT departments are that they're reflexively conservative.
No real reason; I just set it up this weekend and plan on informally asking the IT folks I know well what they think of it. They're very relaxed about what people do on their own computers (at least they have been with me). But they are not in charge of the university wide formal policy. Your encouragement to ask the university formally what their policy would be is interesting. I will think about it a little more but I like the idea.
posted by a womble is an active kind of sloth at 1:18 PM on January 30, 2011
No real reason; I just set it up this weekend and plan on informally asking the IT folks I know well what they think of it. They're very relaxed about what people do on their own computers (at least they have been with me). But they are not in charge of the university wide formal policy. Your encouragement to ask the university formally what their policy would be is interesting. I will think about it a little more but I like the idea.
posted by a womble is an active kind of sloth at 1:18 PM on January 30, 2011
You might find these articles helpful:
Tips for running an exit node with minimal harassment.
Tor exits in .edu space .
(Second article references the first).
Otherwise if your IT bods say that running an exit node might be problematic you could consider running an internal or bridge relay.
posted by SyntacticSugar at 3:45 AM on January 31, 2011 [1 favorite]
Tips for running an exit node with minimal harassment.
Tor exits in .edu space .
(Second article references the first).
Otherwise if your IT bods say that running an exit node might be problematic you could consider running an internal or bridge relay.
posted by SyntacticSugar at 3:45 AM on January 31, 2011 [1 favorite]
This thread is closed to new comments.
2) Your acceptable use policy with the university probably spells out whether this is ok or a no no. It's probably a no no.
3) Running an exit node, at least in the states can expose you to legal liability, so make sure you understand the implications of what you are doing. The risk is small but it's still there. People use TOR for a wide array of reasons, often they are ...really really bad things.
posted by iamabot at 9:37 AM on January 30, 2011