[tor-relays] OS diversity of tor relays (was Re: Relay uptime versus outdated Tor version)
Duncan
dguthrie at posteo.net
Sat Aug 19 08:56:31 UTC 2017
Firstly, a note of caution: I am not affiliated with the Tor project.
Scott Bennett:
> Duncan <dguthrie at posteo.net> wrote:
>
>> In theory hot-patching kernels is a great idea.
>>
>> However, they're technically not loading a new kernel. Something like
>> kexec in theory lets one load a new kernel.
>>
>> Furthermore, these hot-patching programs usually only support Linux.
>> If
>> we want to increase the diversity of the Tor network, as we most
>> certainly should, then we need more BSD relays, so these hot-patching
>> programs don't cut it.
>>
> The tor project has made the point that OS diversity is important,
> but it has failed to show the courage of its conviction. It commits
> great
> effort to maintain a "safe" tor browser for the OS for which tor relays
> currently abound, yet still offers no version of that browser to entice
> *BSD, Solaris, MINIX, or other OS users to run tor relays. Instead,
> such
> users are apparently expected either to use clearly unsafe browsers or
> to
> run VMs of other than their native OS to run a safe browser. The tor
> community is thus very lucky for what diversity of relay OS currently
> exists.
If I may, the point of diversifying the network is *not* to "entice"
BSD/Solaris/MINIX users, the number of which, even compared to Linux,
which is quite low, is astonishingly small. I'd argue more effort should
actually be put into hardening Tor Browser for Windows, as it is on
Linux that much of the hardening efforts are currently being focused,
unfortunately.
The point is that as it stands, serious bugs that affect Linux currently
affect the entirety of the Tor network. As a mono-culture, this could
cause problems in the future, especially as the network expands. This is
an issue for client users too, certainly. However, it is not clear that
there would be a benefit to providing builds to operating systems with a
very low number of users. I'm sure there are people using BeOS or Plan 9
which want to use Tor Browser, after all. They can always compile it
from source if they wish (whether it would run is another matter, but
that is work that would take away from helping a greater number of
users).
That being said, there is in fact the very good TorBSD project which
provides Tor Browser builds for OpenBSD. I do not know what the
situation with FreeBSD is, but that provides a Linux compatibility
layer, which I've heard Tor Browser works with. Here it is:
http://torbsd.github.io/
> I've pointed this problem out several times, but to the best of my
> memory, none of the tor developers has ever responded on this issue.
>
>
> Scott Bennett, Comm. ASMELG, CFIAG
> **********************************************************************
> * Internet: bennett at sdf.org *xor* bennett at freeshell.org *
> *--------------------------------------------------------------------*
> * "A well regulated and disciplined militia, is at all times a good *
> * objection to the introduction of that bane of all free governments *
> * -- a standing army." *
> * -- Gov. John Hancock, New York Journal, 28 January 1790 *
> **********************************************************************
Best,
Duncan
More information about the tor-relays
mailing list