
Tor in the Amazon cloud - there
https://cloud.torproject.org/
======
dfc
If anyone is wondering about the risk related to running one of these tor
cloud instances. The bridges are configured to only accept and relay traffic
to and from other tor nodes. The exit policy is reject everything. These
instances will never be the last hop of a tor circuit...

~~~
lallysingh
So, we'll have plenty of relays, all fundamentally under Amazon's control.

But exit nodes are a problem; how can we get people to run those?

~~~
dfc
Do you run an exit node? If not why?

~~~
adrianN
I would, but here in Germany I can be held responsible for any illegal acts
that are commited through my connection ("Mitstörerhaftung"). I don't want to
lose all my computers and face an expensive legal battle because someone
posted some child porn through my node.

------
bryogenic
I wrote a tutorial back in June on how to setup an ec2 exit-node for the Tor
Challenge (<https://www.eff.org/torchallenge>). It also includes an automatic
shutoff when you've reached the data limit of the free usage tier. I've only
received one DMCA in the past 6 months I've had it running.

[http://bryogenic.com/eff-tor-challenge-amazon-ec2-free-
usage...](http://bryogenic.com/eff-tor-challenge-amazon-ec2-free-usage-tier/)

Edit: After reading through the site it looks like they basically did the same
thing I did but created an AMI that you can just 'clone'. Either way, good for
the Tor community.

------
tedivm
If a large enough group of tor servers resides on Amazon's network what is
going to keep Amazon (or the government) from being able to reverse the
anonymization? Isn't this exactly why Tor asks people hosting multiple
machines to label them as in the same "family" to prevent them from directly
communicating?

~~~
fl3tch
1\. The US government can discover the user, but won't know what the user is
doing, unless the user('s client) also chooses US exit nodes reliably /
recurrently enough that a successful timing attack or somesuch can be mounted.

2\. Presumably, the people who need bridges the most are in countries where
Tor relays are censored (China, Iran, the Seychelles?, Cameroon?), and Amazon
isn't in those jurisdictions, nor would the US government want to deanonymize
them.

But yeah, if you're in the United States and have something to hide from your
government, don't use Amazon Tor bridges.

~~~
dfc
The Seychelles? I did not realize there is a big human rights problem in the
seychelles. A quick scan of the wikipedia page seems to indicate that the
seychelles government ranked second for human rights in african countries.

What's going on in the seychelles?

~~~
wyck
[http://www.seychellesweekly.com/May%209,%202011/top31_seyche...](http://www.seychellesweekly.com/May%209,%202011/top31_seychelles_democracy.html)
More island politics then human rights, not to belittle the issues.

------
MarkSweep
That's a clever use of the free tier of EC2. I wonder how long it will be
before someone on 4chan makes a DDOS AMI.

~~~
dfc
A cloud DDOS would not scale that well. Even if amazon did not shut down
instances because of ToS violations how many free accounts do you think could
be created? Compare that with the ease of renting botnets...

------
feralchimp
Awesome idea.

I spent 5 hours at a Tor hackfest once, and was extremely impressed by both
the pragmatism and creativity of those folks.

This is just one more elegant dent in the right direction. Their "Tor Browser"
project is another nice one.

------
wyck
Amazon cloud is not the only cloud service out there, I think spreading the
bridges over multiple company's/countries that have similar products would
make it more sustainable.

------
joejohnson
This is truly amazing.

------
inconditus
With Amazon kicking out Wikileaks out of EC2, how are they going to like Tor?

~~~
dfc
Why is amazon going to care about computers relaying traffic back and forth?
As I already posted the nodes are configured as relay nodes only no exit
traffic.

But more importantly why do you assume that amazon will think tor is bad
and/or why do you assume tor is bad?

