I'm working on research for monetizing Tor relays, providing an incentive to relay operators. It's called TorCoin. We introduce an alternative cryptocurrency, like Bitcoin, to reward relay operators for transferring bandwidth. Rather than being CPU intensive, it's bandwidth intensive -- so one TorCoin represents a certain amount of bandwidth transferred.
We will be presenting our research at the HotPETS privacy workshop in Amsterdam in July [1]. Here's a link to the paper if you're interested (I'm Miles). [2] Keep in mind it's an early draft.
Quite interesting but I immediately wondered about something. I intend to fully read it later today but so far I have only skimmed over paper so I apologize if my question is answered there. I imagine others here will wonder the same thing, though.
With Bitcoin and others, we've seen malware created that turns compromised PCs and devices (routers, DVRs, etc.) into "zombie miners". If this becomes popular, I can certainly envision malware that instead turns these compromised devices into "zombie relays" in an attempt to benefit $hacker. Have you considered this (I'm sure you probably thought about it at some point) and/or do you have any ideas of ways to discourage (or punish) that behavior?
I am all about having more Tor relays out there but, well, legitimate ones.
Vulnerable computer that can be turned in cash is always going to get broken into. Once broken into, the device becomes a zombie miner, zombie spammer, zombie advertiser, zombie scammer, zombie overseer, or some unique form of zombieism.
How important is it to discourage a specific kind of zombie, rather than the infection itself?
This will be a challenge: the number of people willing and able to run TOR relays is quite small, and the subcategory of those interested in a (new) cryptocurrency is even smaller.
Reaching critical mass for the currency to be interesting is going to be hard.
I think you are underestimating the size of the market. Seems like there's demand for every flavor of alt-coin: gimmickyCoin, mediocreCoin, memeCoin, yetAnotherCoin, every single one gets 15 minutes or more.
Try looking at it from the miners' perspective. The pitch isn't "buy our coin, and use this guide to help yourself install the dependencies needed to run our beta software." Instead, its "get paid coins, all you have to do is leave the relayCoin bandwidth-miner running while you sleep."
In the future, proof-of-bandwidth / proof-of-relay "coin" incentives on next-gen layer 3 protocols will bootstrap the transition to a global, p2p wireless mesh network (wireless at the edges and sparse areas, the big pipes and backhauls will still be fiber). It will look something like "leave this wifiMeshCoin nodeBox attached to your cable modem. It will open an unlocked wifi hotspot for anyone nearby. some people will get free access through a metered guest connection, and you might earn a little coin. But if you get lucky and your nodeBox can form a bridge connection to somebody else's nodeBox at a different ISP, that bridge relay will earn a lot of coin. Another option is to invest $2k to get a 4G/5G cellular micro-tower from NextGen Labs, one of those could earn you $500/mo in relayPower if there are enough unlocked CDMA phones in your area. You can resell the unlocked phones as well."
Interesting idea, but wasn't able to find much literature on this on the internet. Are all the proper nouns used in your post hypothetical? Apologize if I missed a clear hypothetical...
So more of these coins can't be minted? Who controls/creates the initial money supply? What happens when bandwidth exceeds what the money supply can usefully measure?
Tor really needs some more relays. With this it could be more interesting to companies as a business model.
One thing I could be worried about is abuse - could a scriptkiddie deploy a botnet and earn TorCoins with this, like it's done with bitcoin miners (although not that effective any more).
Agreed. To many people, a chance at a substantial prize is worth more than a T-shirt. Those who run exit nodes take tangible risk and provide real value; compensating them is a good thing!
Agreed. I already have a Tor t-shirt and I'd certainly love a Tor sticker (even more so than a laptop or whatever) to put on my already "heavily stickered" work laptop but a bigger incentive might certainly convince some others to fire up a relay.
The FSF is also a "supporter" of this project so the Gluglug X60 would be very fitting as a "grand prize". I first joined both the FSF and the EFF about a decade ago and I would be quite happy to have my membership dollars going towards something like that. Hell, if EFF/FSF/Tor did a fundraiser just for something like this, I would throw in some money specifically earmarked for the purchase of these prizes.
Side note: anyone know where I can get one of those Tor stickers? :-)
I would like to run a Tor exit-relay, but I am too afraid to do this, as I live in a what used to be liberal western country called "the Netherlands". Where the police sometimes raid Tor exit-relays on purpose, to discourage people from helping Tor [1].
Dutch person here. I operate two 10MB exit relays from my home, where I live with my family. Have been doing this for a year now, never had any real problems. My ISP is SurfNet. Also xs4all said today that they would permit exit relays: https://twitter.com/xs4all/statuses/474514247222067200
Also, Dutch police has never actually raided a private domicile where there was an exit relay.
One advantage to running an exit relay from your home is that there is a lot of garbage traffic coming from your address, which I really like because it hides me a little bit more.
One of the speakers at Ruxcon last year worked for an enterprise, and mentioned that for fun, he'd spin up a Tor node, then time how long it took for the 'cease and desist' email (not enforceable) to come through. I think he said his best time was 10 minutes.
EDIT: To sum up, the activist advises that activism is not something to be taken lightly, and there is a real cost to being targeted by law enforcement. I know relays are different to exits, but it's not encouraging when you want to assist!
"Exit-relay" ? You must mean either "exit node" or "relay node". AFAIK the risk of raids only exists for exit nodes, so you can still run a relay node.
Ok, here's the deal. I have a VPS where I don't pay for IPv6 traffic. If there was a way to run a tor (non-exit) node that only relays IPv6 traffic, I'd do it immediately.
Last time I looked at the tor documentation (maybe half a year ago?) there seemed to be no way to run an IPv6-only tor node.
Has that changed? Is IPv6 support being worked on?
I've run a non-exit node on my linode for a long time, it's easy and a good way to use the massive amount of leftover bandwidth I have. Everyone with a personal vps should do it.
RelayBandWidthRate and Burst control how much bandwidth the tor daemon is allowed to use (average and burst obviously), AccountingMax is how much bandwidth the daemon is allowed to use over a given period, and AccountingStart definite that period (in my config a period is a month, and it start at midnight of the first day).
Also, once you start it, give it an hour or so to appear in the tor swarm. As long as you have "Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishing server descriptor." in your logs, you should be fine and only have to wait.
First, as a latin american activist, thank you for supporting Tor!!
Please consider the following... It's better for the Tor network to don't have a limit on the bandwidth and let the relay just hibernate when it reachs the 500 GB. If you are able to do this, please give it a try.
I think many more people would run these if they didn't think their nodes would be used for child pornography and potentially get them into legal trouble as a result.
I hope they do a hidden services challenge after this. It would decrease pressure on exit nodes and increase security for Tor uses, as watching exit node traffic is one of the primary Tor attack vectors.
I don't think it's quite well understood how important this is. In many places, especially where they are most important, those relays and exit points are not controlled by whom one would expect, let alone a diverse interest group. When you control a certain number of nodes and exits, Tor becomes a pretty open book.
I'm reluctant to jump on this bandwagon as I don't feel that Tor is as secure as they say. There have already been demonstrated attacks against node anonymity and until Tor gets a public audit I'm not sure it's wise to encourage people to use Tor.
As they say, flawed crypto is worse than no crypto at all.
You're right that there have been demonstrated attacks as well as many "theoretical" ones. Interestingly, many of the theoretical attacks become even less theoretical when the number of exit nodes (and, in some cases, even middle relays) goes up. An increased number of end users using the Tor network also decreases the chances of many of them being successful.
Perhaps someone should start a fundraiser for an audit of Tor. I would certainly toss a few dollars into the jar for that myself and I suspect sufficient funds could be raised pretty easily.
Relays are already registered in the public Tor relay directory. There are two sites to search the directory, Atlas [0] and GLOBE [1]. This is how people know how to connect with them. Tor has unlisted relays, known as bridges, primarily to make it harder to block entry into the Tor network.
The point is not that Tor relays are anonymous, but the traffic going through the Tor network is anonymized by bouncing between relays.
MediaCrush runs a relay (72302D1D0BB2C2667DC7DC5E4DA138B547D5C115) as of today, and has run a hidden service for a long time: http://mediacrs5ujufxog.onion/
Most people don't know the difference. I ran a relay from my home for a while until I started getting blocked from video streaming sites and the websites of things like the Olympics.
The Tor Project has a dedicated page for setting up relays on EC2 instances:
>The Tor Cloud images have been configured to use no more than 40 GB of bandwidth out per month. We have estimated that customers who do not qualify for the free usage tier will pay up to $20 a month for an instance located in us-east-1 (Virginia).
>Customers who qualify for the free usage tier, but who run bridges that use more than 15 GB of bandwidth out per month, will pay up to $3 per month for an instance located in us-east-1 (Virginia).
You don't have legal issues for running relays. Traffic is encrypted so can't be analyzed and since you're not an exit node there's no risk of performing illegal actions with your IP address.
Yeah, there are plenty of places cheaper than AWS. From looking into it previously (and following the tor-relays list), it seems that many providers are okay with customers running middle relays (as those don't generate abuse complaints) but frown upon exit nodes (primarily due to the extra workload, AFAICT).
Graphic designer here. I used to run SETI@Home and I would love to contribute by running a Tor relay from my laptop but I have no idea how. The setup process is all but "easy", the project documentation website lists at least 4 download options and if I get it right there is no GUI for OSx. I have downloaded and installed the Browser Bundle but I have no idea where to go from here. If you want more laypersons like me support this good cause you need to make it easier.
That includes vidalia, which is a configuration utility that lets you run a relay. It supports UPnP, so you can avoid even needing to port forward with a supported router.
I saw someone talking about this today in tor-dev. It seems that since laptops/smartphones are not normally helpful as a Tor relay, they've made the instructions difficult on purpose. The consensus seems to be that they only want people with enough knowledge to be able to follow instructions at [0] to host relays.
I don't understand—why would you want to be secretive about running a relay? Especially if you're running an exit relay, I'd expect that you'd be best off doing it in the open so that others can correctly interpret the bizarre traffic they might see.
The challenge FAQ [1] even has two points addressing this:
> Is it a good idea to let others know that I'm running an exit relay? Yes. Be as transparent as possible about the fact that you're running an exit relay...
> Should I tell my ISP that I'm running an exit relay? Yes. Make sure you have a Tor-friendly ISP that knows you're running an exit relay...
why would you want to be secretive about running a relay?
You're varying the "if you've got nothing to hide" argument. You would want to be secretive because spy agencies quite definitely ARE interested in who's running nodes, as if they know who runs the nodes, and where they are, shutting the thing down becomes possible.
This is how they think. Strategic opportunity. Not what they can do with the data today, but what they could use it for tomorrow. What opportunities they might lose if they didn't have it.
This is therefore how you need to think too, and why I think that volunteering this information is a bad idea.
He’s not just varying “if you’ve got nothing to hide”. He’s giving an active reason for sharing that you’re an exit relay, not just saying that you have no reason not to share, so you might as well.
The reason for publicizing that you’re running a relay is that it reduces the probability of being falsely accused of doing illegal things that someone else was using your exit relay for, and it makes it easier for you to recover any confiscated computers. If you publicize your running of a relay in advance, then the prosecutor might see that fact and not bother prosecuting you, knowing that you were not the origin of the illegal traffic.
Running a relay doesn't mean anything. You're just an extra-node to improve route-mixing and ultimately anonymity. Makes it harder and more expensive for third parties to track back connections.
There's no problem, really. The points you mention arise when you run an 'exit node'.
We will be presenting our research at the HotPETS privacy workshop in Amsterdam in July [1]. Here's a link to the paper if you're interested (I'm Miles). [2] Keep in mind it's an early draft.
[1] http://petsymposium.org/2014/hotpets.php
[2] https://docs.google.com/file/d/0B7r4osQgWVqKTHdxTlowUVpsVmJR...
My email is in the paper, but it's miles.richardson@yale.edu