Sounds like XGS-PON which is limited to around 8Gbit/s and those are shared with up to 64 other customers. If you constantly use it at prime time they could get angry way sooner when the other customers on your PON tree start complaining.
Where do you get those 2 million IPs? The plaintext url list [0] only contains 90k entries and after filtering it to ips only and de duplication it's just 39k.
I've just added it to my firewall that does around 160Mbit/s right now using an ipset and the only increase in CPU I can see is a small blip from the ipset restore. And that's just an APU2 with a AMD GX-412TC (1GHz Quad core from 2014) and not a beefy box.
yea, it should not have any performance implications.
be aware that blocking stuff in your infrastructure will have hard to diagnose fallout and you're generally better of if you police content on the client (ad-blocker)
They seem to be partners of spamhaus. From the recent feed [0] it looks like it's often just IP addresses so you would need to add it to your firewall.
Maybe I don't get it but if I search for my relays I only get the output of metrics.tpo and not the map. I hoped the filtered relays would be shown on the map.
The search is applied on all relays that are currently visible on the map with your current settings. Search results can be selected to view the details of relays.
Currently we do not have an option to display solely relays that you searched for back on to the map. But we could add something like this in the future :)
Yeah it's more than absurd. I have a rented server that does 230TB egress a month. That's 4710$ in AWS egress fees (0.02$ per GB). I pay 40 Euros or about 0.0002 per GB and that includes an AMD Ryzen 5 3600 with 64GB RAM.
That's https://mevspace.com/ but hetzner, scaleway, ovh, psychz.net, reliablesite.net etc. have similar pricing. If you increase your budget to 100 there are many, many more in Europe and the US.
There are no incentives. I'm pretty sure the vast majority does it for altruistic reasons. At least all those I've met. Many run relays with spare resources they pay for anyway. Others rent a cheap VPS to run a relay. $10 gives you a surprisingly large amount of bandwidth if you avoid the cloud like the plague.
Governments have other possibilities. Why should they run a relay if they can force the ISP to mirror the traffic of all relays to them?
Can you expand on that last bit? I don’t understand how this compromises the entire network or any individual user. The ISPs only have layer 3 data in plaintext. We can perform timing/throughput analysis attacks against individuals, but not the entire network. These operations are VERY expensive/difficult.
Not an expert at all but from my understanding a traffic correlation attack doesn't require someone to run the relay he just needs to see what traffic enters and leaves it. So the German BND for example can just go to Hetzner (15% Tor traffic) and ask them to mirror the traffic of all relays to them. They don't have to run any relays themselves.
Alt227 has a point but the Tor network is centered around a handful countries where traffic is cheap and there aren't that many huge IXs and Tier 1 ISPs where much of the traffic flows through.
I'm not saying that this is done but it's IMHO more likely than state actors running thousands of relays.
I think we have the same understanding. I read this as
“a state actor has the physical capabilities/resources to perform an attack that determines Alice was speaking to Bob.”
I totally agree. Im just pointing out that we still have layer 5 encryption to protect the contents of our messages. Also at that point, if you’re so important they would just grab a warrant and raid your home.
Governments dont have authority outside of their borders. They cannot force foreign ISP to give over the same information. Therefore they could only mirror nodes on IP addresses issued to companies in their country.
reply