Security Experts:

Tor to Reject End-of-Life Relays by Default

Starting with its next stable release, Tor (The Onion Router) browser will reject End-Of-Life relays by default, the Tor Project has announced.

There are over 6,000 relays in the Tor network at the moment, some running software released going all the way back to the 0.2.4.x series, released on December 10, 2013. There are also 85 different Tor versions in use by relays today.

The decision to reject End-Of-Life relays was driven by the fact that they have a negative impact on the network, mainly affecting its stability and security, but also preventing the rollout of new features.

“One example is the Denial of Service defenses that we rolled out at the start of 2018 as an emergency reaction to a large scale attack on the network. Unfortunately, that defense is only available for relays running supported versions,” Tor says.

The Tor circuit padding defense, which was introduced in version 0.4.1.x to better hide client onion service requests from network observers, was also impacted, and it would only work for circuits that have a 0.4.1.x (or later) relay as their middle hop.

Moreover, a bug in the 0.3.2.x series causes some out-of-date relays to increase latency and add overall network load.

Thus, Tor has decided to remove End-Of-Life relays from the network, and has already taken steps to contact relay operators with valid ContactInfo fields to ask them to upgrade. The Tor relay community was informed on this change in early September.

At the moment, the End-Of-Life relays make up around 12% of the total bandwidth, or roughly 750 relays. Only 62 are exit relays, with only 1.68% of the total exit traffic going through them.

“We expect a minor impact on the size of the network, and a small drop in the Metrics graph,” Tor says.

Starting this week, the 9 directory authorities will begin to refuse End-Of-Life relays.

Expected sometime in November, the next stable Tor release will reject End-Of-Life relays by default, but, until then, the Tor Project plans on rejecting around 800 obsolete relays based on their fingerprints.

Obsolete bridges will only be rejected later this year, after the Tor software change is deployed.

Relay operators will be able to re-join the network upon upgrading to a version that is still supported. Those who upgrade will be able to keep their relay keys by emailing the bad relay list to ask them to stop rejecting their fingerprint.

“Support from relay operators is essential to keep the network healthy. Operators must keep their relays and machines up to date. Relays are the backbone of all software that relies on Tor, and each operator helps immensely in providing people with privacy and freedom online around the world. We cannot thank them enough,” the Tor Project notes.

Related: Tor Raises $86K to Smash Bugs

Related: Attacking Tor: What it Takes to Disrupt the Popular Onion Routing Network

view counter