If you have a VPS spare bandwidth, I encourage you to set up a relay, too. It is very easy to do and a great way to contribute to the Tor project.
Is Mozilla planning to set up a hidden service for mozilla.org? I didn't see anything mentioned. The more sites that support hidden services, the less need for exit nodes (which are arguably one of the least secure parts of Tor.)
> If you have a VPS spare bandwidth, I encourage you to set up a relay, too. It is very easy to do and a great way to contribute to the Tor project.
I run three relays right now. I agree that it's pretty easy to setup, especially on Ubuntu, but the documentation could really use improvement. It makes it sound much harder to setup than it actually is.
To anyone who is thinking of running a relay, here are the basic steps:
1. Add the Tor repo to your package manager [1]
2. Install Tor
3. Edit the config file to set a name, your contact info, bandwidth limit, and exit policy. This is all pretty well documented in the config file.
4. Start Tor (eg `sudo service tor start`)
If you want to run an exit node you should read the Tor docs about the topic and decide which ports to open.[2][3]
It's good practice to discuss plans with your hosting provider, so that you and they both know what to expect. Stealth doesn't cut it, especially if there's real money at risk.
Also, keep in mind that relay IPs, and perhaps even subnets, may show up on various blacklists. Other services (perhaps those of other hosting customers) may be affected.
I recall seeing this on tor-talk or tor-relays within the past year or so. Someone started running an exit, and their hosting provider nuked their account, claiming that other customers were being affected by bans. I'll see if I can find it.
Edit: Here's one example, posted by Zack Weinberg on the tor-relays list.[0]
CMU network operations has decided to move the Tor exit node that my
group operates (tor-exit.cylab.cmu.edu) to an isolated subnet in order
to minimize consequences for the rest of the campus network. For
instance, apparently there have been several cases where third parties
blacklisted the entire CMU IP space in response to malicious traffic
from the exit node. This is currently scheduled to happen Tuesday (Nov.
4). The new IP address will be 204.194.29.4.
It is quite expected if you run an exit node. However this was in regard to a relay node, which is something else entirely.
I've seen a few references to these supposed problems with running a relay nodes lately, but the poster never replies with any information where this have actually happened. This behaviour is new. It wouldn't surprise me if it's coordinated, considering what else we've seen lately.
It happened to me when I ran a tor relay (not an exit) on the same ip as a mailserver. There is one rbl that automatically adds you if you do this. Mind you, I've never found a mailprovider using this list (can't remember the name).
We haven't made a decision on either running a hidden service or exits. We do plan to come back and do the analysis and legal review, however we don't have a timeline for this yet. Right now, we're just wading in and will see what we learn.
If you have a VPS spare bandwidth, I encourage you to set up a relay, too. It is very easy to do and a great way to contribute to the Tor project.
Is Mozilla planning to set up a hidden service for mozilla.org? I didn't see anything mentioned. The more sites that support hidden services, the less need for exit nodes (which are arguably one of the least secure parts of Tor.)