[tor-talk] V3 censorship ?

Mon Apr 16 13:51:28 UTC 2018

On 16 Apr (14:37:00), George Kadianakis wrote:
> hikki at Safe-mail.net writes:
> 
> > I run both a V2 and V3 service on my Linux server. I'm using the same Tor
> > process with both. The torrc file is fairly standard, except I'm forcing 
> > some custom entry nodes, and I compile Tor from source on Debian Stretch.
> >
> > The V2 service has worked flawlessly, more or less, for the last 5 years or 
> > so. It has about 98% uptime 365 days a year, according to my server stats. 
> > The server and Internet connection has always been fast and reliable.
> >
> > When I add a V3 address to my server, it works pretty much flawlessly as 
> > well, but *only* until I make the address public. Non-public V3 addresses 
> > have about 98-99% uptime per week/month. But after the address has been 
> > made public, and people have learned about it, its uptime is suddenly 
> > reduced to about 60%. It will be completely inaccessible for hours at a 
> > time. *While* on the same Tor process, the V2 address works without issues.
> >
> > By inaccessible I mean the same as having turned the service off.
> >
> > Later I create a new V3 address, which is non-public. Only I know about it. 
> > It has about 98% uptime and works fine. I leave it there for a while, and 
> > it still works fine. I then make it public on my website, and the next day 
> > it is inaccessible when trying it. Uptime drops from 98% to 60-70%, and 
> > from there on it becomes randomly inaccessible, 4-8 hours at a time.
> >
> > I tried for a third time, then fourth, and finally a fifth time, and the 
> > same pattern repeat itself, even with different and random timings.
> > On the forth attempt I released the V3 address in public at the same moment 
> > it was created, and it never achieved anything above 60% uptime per week 
> > from the very beginning.
> >
> > I know the V3 system is new, and could have some undiscovered bugs, but my 
> > gut feeling tells me that someone, or something, is capable of censoring 
> > all my V3 addresses, while the old V2's are completely unaffected.
> >
> 
> Thanks for the report, Hikki! It's really valuable for us to receive
> such reports from HSv3 operators given that the system is so new and
> there are undiscovered bugs we should fix.
> 
> Personally, I doubt this is a censorship attack by an adversary since
> it's even harder to censor v3 onions than v2 onions. Of course, we can
> never be sure.
> 
> If I were to bet, I would bet that it's some sort of bug on the v3
> codebase, that perhaps could be triggering when it's getting used by
> many people (hence why it appears when you make it
> public). Unfortunately, there is no way to really know what's going on
> except if we see some tor logs.

And I would also be very interested in learning if your tor process was under
a lot of load once your v3 got public?

Do you usually have a lot of users going to these v3 once public? That is, are
you expecting many users or it is mostly for yourself? We could have a
reachability bug for a v3 under load like George pointed out.

Logs would be great for us to learn more :).

Thanks!
David

-- 
6Tp7jGn7WrqP/fuiFYGnQDMFQrXAAl6FFg0lH5ttu1M=
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20180416/d26331ce/attachment.sig>