[Tor-BSD] .br Relays

George Rosamond george at ceetonetechnology.com
Mon Oct 19 16:51:48 EDT 2015

Michael McConville:
> George Rosamond wrote:
>> It might make sense *not* to just spawn relays on VMs but rather to
>> stick to a single relay providing more bandwidth. Diversity isn't
>> about one admin running more boxes, but about more admins each running
>> a relay. And a relay with higher bandwidth allowed with better uptime
>> will be more useful to the Tor network.
> Strongly agree. There are also often performance and security problems
> with VMs in these use cases.

Yes, and I think the list of reasons not to use VMs is long.

In the 'libtech' or 'internet freedom' scene, I  have noticed there's a
certain fixation on virtualization to solve security problems when in
actuality security issues are accelerated for a variety of reasons.
Anything that undercuts simplicity opens the door to a bigger footprint
and more 'known unknown' problems.

You can go from the fact that you're building another layer of
complexity in abstracting the OS and applications from the hardware, to
more technical issues such as commonalities in entropy source to clock
skew, which can be correlated between vm instances.

Of course the notion of 'sandboxing' in a generic way is attractive, but
there's a fundamental difference between restricting a daemon with a
chroot, and building a layer of additional complexity with
virtualization software.

And really, I remain convinced that the explosion in virtualization
solution so many years ago has more to do with certain hardware vendors
looking for a way to justify bloated hardware platforms. Sure there's
cases in which virtualization is very useful, for dev purposes, scaling
infrastructures up and down quickly, etc, but it's become a drug pushed
by overexcited marketeers and not some elevation in security.


More information about the Tor-BSD mailing list