Still Under DDOS, but here is a status update anyway. The Tor network is breaking.
/d/Dread icon

/d/Dread

238,199 subscribers

The official community for Dread announcements, discussion, and feedback. Come post any bugs!

Only posts relating to this site in this subdread allowed! Posts here are manually reviewed before public posting!

Still Under DDOS, but here is a status update anyway. The Tor network is breaking.

by /u/Paris A · 18 votes · 3 months ago

So there has been some big big changes in the back end of Dread's front system and deployment process. We are currently getting hit by a potent introduction cell attack which effectively makes pushing descriptors out into the network quite hard to do. We can get descriptors to people but by the time they make the connection to the introduction points, the descriptor is already spent. I won't get into the details here (you can read the spec for that).

With help with /u/n0tr1v, and his fantastic golang onionbalance rewrite, I've been hard at work developing a solution to this descriptor problem. It's the first part of a larger solution which will make these kinds of attack less damaging and actually possible to mitigate. This solution will be available to the public. The best part is there is absolutely nothing the asshole attacker can do about it. Evening the playing field a bit.

Our descriptor rotation is extreamly strong right now. Stronger than it ever has been. For the past four days the new onionbalance system has been running and being improved. It has increased our reach-ability a lot (when you get timeout just try again, within 2 or 3 times you should get a circuit built). The problem mainly comes with the Tor network. We have excessive circuit failures. Specifically in the onion service side. Congratulations to the attacker. You almost broke the record this year. Still only a max of 66.3% onion circuit failures Just a couple days ago. Still didn't beat the all time record of 93% onion failures for one performance metric server early this year.

With the improved onionbalance, we are able to load balance more effectively. This means more requests go to us for our systems to filter out as time goes on. There is a lot of failures because of this. So much so it's creeping bad into the public circuit buildings. Circuit round-trip latencies are getting just destroyed.

To be clear I don't think all of this is just because of attacks on Dread. There is a lot of attacks on other sites and the Tor network at large. But needless to say it does harm our ability to get consistent uptime. The Tor network is on the breaking point and soon enough it will die. Very soon unless something changes quickly.

For those using I2P, the site has been fast and accessible. I highly recommend you use i2p at this time to visit Dread. You can get and verify dread's I2P URL in my canary. When I get a moment I will be adding in that URL rewrite and the bug fix to prevent the endgame associated messages from showing.

This problem will be fixed in due time. Just look at all the issues relays operators are reporting. They are the life blood of this network. Iptable rules can only go so far.

Comments (45)
/u/darkvendor98 · 3 votes · 3 months ago · Link

I2p is working perfectly fine. Thanks team for that. hope all goes well..!! :)

/u/OGUSA · 3 votes · 3 months ago · Link

You really know i2p is the answer first time you go to a site that had a captcha and with i2p it doesn't need one.

/u/Bestgirl39 · 1 votes · 2 months ago · Link

[removed]

/u/GOUPIL · 2 votes · 3 months ago · Link

Wait, wait Tor can"t die so easily... right??!

/u/Xansexual_Maniac · 1 votes · 3 months ago · Link

Shit is fully ran by volunteers lol

/u/GOUPIL · 1 votes · 3 months ago · Link

Not only there are some company which invested on! like Firefox, Duckduckgo, US govt, and many more. But maybe it's not enough... or it's correlated to the fact that every year US government (the biggest donator) decreased the amount of money invested in.

/u/Preview-Of-Freedom · 1 votes · 3 months ago · Link

[removed]

/u/ObviThroAcc · 1 votes · 3 months ago · Link

"The Tor network is on the breaking point and soon enough it will die."

Do you think it really will die? With all the funding and support they have?

"Very soon unless something changes quickly. "

As you said in your last sentences, the issues have already been reported internally. How long do you think we will suffer before we have a fix?

"For those using I2P, the site has been fast and accessible. I highly recommend you use i2p at this time to visit Dread."

Currently on I2P, it is fast and accesible. But many people are still not familiar with I2P.

There is also the burden of safely setting up I2P, it's not really plug-and-play unlike Tor.

Do you think I2P is ready?

/u/RafCamora1989 · 1 votes · 3 months ago · Link

Sometimes I wonder what exactly is it they are doing with the money flowing in through their wallets. Lotta development of course, it's much appreciate. But sometimes I wonder whether it wouldn't be better to donate to relay operators directly.

I really like i2p, been using it back and for the past few days, I believe everyone becomes a relay and contributes to it. It's very fascinating software, but it has issue on it's own. It takes time to understand it. And also java.. is this good or bad?

/u/ObviThroAcc · 1 votes · 3 months ago · Link

I really like I2P as well, there is just alot i have to do in order to make it feel like my home base. It definitely isn't as easy and straightforward but i'll get the hang of it, I'm just a afraid that the rest won't.

We will lose a significant portion of our userbase may tor break, if I2P will be the only way to connect to the deep web.

For now i hope they will fix this issue, so that we have more time to prepare our I2P home bases.

/u/Espionage5926 · 1 votes · 3 months ago · Link

You can use i2pd, it's written in C++ instead of Java, if that is any better

/u/cannedgoods · 1 votes · 3 months ago · Link

We need more money and funding for TOR! More nodes please! hehehe.

In all seriousness they should be getting million dollar donations from the top tier TOR users, anonymous advocates, etc.

/u/HugBunter A · 1 votes · 2 months ago · Link

Baring in mind the current wave of DoS attacks originated in 2019, we did everything in our power to bring it to the attention of Tor devs and we rallied a LOT of funding from markets donated to them specifically to solve this. The devs assigned to hidden service work were keen to get to the bottom of the bottlenecks associated with the attacks and have made many improvements, but we were told that the funding could not specifically be directed to hidden service development. It seems that those in power to assign funding and actually get things moving with the fixes we need, didn't see how much of a problem this actually was and we've always had to fight everything ourselves. Luckily PoW is finally in the pipeline and I'm in hope of that seeing a release in the next 3-4 months. In the mean time, I'm working on something to solve this for all of us, enough so that it will buy time until PoW arrives.

/u/jpelletierx · 1 votes · 3 months ago · Link

I've been switching between tor and i2p for a good while but because of this I've switch solely to i2p. This ongoing attack is insane but will most likely just push more people towards using i2p.

/u/RafCamora1989 · 1 votes · 3 months ago · Link

The Tor Network is absolutely shattered. I can notice it myself. Fuck the attacker. What does he get from this???

I wish I could help it, more than just running a 'worthless' relay.

Good luck paris, fascinating stuff. I hope it passes soon. It's massacre. I don't think it ever was this bad for so long. I think you are helping the Tor team lots too. this is just crazy! Just remember to stay safe. Dread forever!!

/u/footsteps · 1 votes · 3 months ago · Link

Very Darwinian. What doesn't break you makes you stranger.

/u/Dop3yB3tch · 1 votes · 3 months ago · Link

goddamnit.is this it? im glad i jumped on the i2p bandwagon a couple months ago

/u/newbieforever2018 ☆Cares About Noobs☆ · 1 votes · 3 months ago · Link

Thanks for the update /u/Paris.

I can't speak to the safety of i2p however my experience using it has been smooth and very reliable. I strongly suggest that everyone spread the word about i2p to keep Dread alive. My access has been like Dread pre-Dos days.

It may be harder for some to setup compared to others depending upon OS and threat model however the effort is well worth the effort. It is sad to see Dread participation wither when if everyone was on the i2p train we could resume member growth.

/u/Hungry_Eyes · 1 votes · 3 months ago · Link

Thank you for the update. Feeling sad and angry about this mess. Tor devs knew about the threat of these types of DDoS attacks years ago and failed to follow through with methods to manage, mitigate, and eventually stop them from occurring. PoW has been under investigation for all that time, with only the near-collapse of the Tor network making it a sudden priority. I hope the Torproject team can come up with a solution to these attacks quickly now the focus is made.

/u/taigahunter · 1 votes · 3 months ago · Link

I salute you, mein fuhrer!

/u/iPush · 1 votes · 3 months ago · Link

i2p is seeming like the better option for sure right now. ive been using it for a while now and am pretty comfortable with setting it up and troubleshooting on a few different OS, so if anyone needs any help or what not with i2p and setting it up you can shoot me a msg n ill be more than happy to explain what i can and help get it setup.

---iPush

/u/foobazzly · 1 votes · 3 months ago · Link

Been using i2p starting this week -- so far fast and reliable. Does anyone know of a wiki / dark.fail type site the lists popular i2p sites?

/u/mesophoyx · 2 votes · 3 months ago · Link

you can add a public addressbook to your router. or just go to notbob . i2p

/u/kindakool · 1 votes · 3 months ago · Link

i got here using tor.taxi it has a fair few links but seems like most sites just don't have i2p links available.

Anyone know if tails devs will include i2p and a reasonable default configuration for it? I mean it's not super hard setting up a barebones arch liveusb with i2p and stuff but the community needs something that's more well known and easy to access to thrive.

/u/sheerenergy · 1 votes · 3 months ago · Link

I recommend PurpleI2P (I2P bundled without Firefox). Was super easy to set up on Linux. I2P is not usable without a bundled browser, so this did it for me. Put the whole thing in a VeraCrypt drive - voilá.

/u/Chrysalis99 · 1 votes · 3 months ago · Link

What is a VeraCrypt drive?

/u/sheerenergy · 1 votes · 3 months ago · Link

Just search for it... an open source encryption tool. The best out there really

/u/donttalk · 1 votes · 3 months ago · Link

Is i2p able to be run on tails OS? I'm seeing some say not so much and some say you can, I just want to do what ever is safest. I feel very vulnerable using i2p on windows.

/u/Asteria · 1 votes · 3 months ago · Link

Running it on Qubes-Whonix might be an option for you.

/u/AdrenalineRush · 1 votes · 2 months ago · Link

[removed]

/u/cannedgoods · 1 votes · 3 months ago · Link

Awesome news brothers! Really excited for the end all solution new fix!

Actually IMHO I2P is easy... its just that people are too lazy to learn it because downloading TOR browser and going on TOR is easier and has been the accepted method for 10+ years. That has got to change guys we just need to be open to new opportunities in this ever changing world. I am not saying TOR will die out... I am saying just be open.

/u/CaliforniaGrower · 1 votes · 3 months ago · Link

I think the issue is that nobody is running Tor Relays anymore.

There's just no money to be made by hosting Relays.

If there was just a way to incentivize people to host or invest in Tor Relays.

I can Imagine 1 relay costs $20/Month in electricity.

/u/DarkOrbit · 1 votes · 3 months ago · Link

Simple fix of exit node being attacked... Hundreds of thousands donated to the TOR Project and we sit here having to migrate to i2p. Which isn't a bad thing. Much faster and never down.

/u/ShulginIsMyGod · 1 votes · 3 months ago · Link

This fucking sucks. Hope you guys find a way to overcome these bastards.

This said, I2P works like a charm and I'm pretty happy to have found it. I mean, NO FUCKING CAPTCHA! weeeeee

/u/vipers55 P · 1 votes · 3 months ago · Link

Is there a private link for recon?

/u/newbieforever2018 ☆Cares About Noobs☆ · 1 votes · 3 months ago · Link

"The safest version of I2Pd is the portable browser version. 1) It doesn't need HIGH RISK Oracle's Java. 2) It doesn't install on your system. 3) It doesn't change your system settings. You can have it up and running in minutes. You don't install it or uninstall it."

Thank you anonymous source for this.

/u/akkarin · 1 votes · 3 months ago · Link

are the various ISPs alert to people using services to run relays and canning the service.?

/u/amaturetester · 1 votes · 3 months ago · Link

Is Dread dying a slow and painful death as an onion site? Or will we be lucky eough to experience the once so many active disussions on the Tor network ever again? My respects and Thanks to all working behind the scenes trying to get things up and running once more.

/u/Paris A OP · 1 votes · 3 months ago · Link

Tor will be fixed sooner or later. Don't count us out on the onion front. We have quite a few things lined up to make it harder to take us down. But ultimately the true solution is POW. Once that's online it will be impossible to take these sites down.

/u/Funshine · 1 votes · 2 months ago · Link

I wish you the best of luck. Your work is much appreciated for the community.

/u/Bestgirl39 · 1 votes · 2 months ago · Link

[removed]

/u/BigDaddy2K · 0 votes · 3 months ago · Link

the attacker is very persistent only if we could know the right motivation behind their act

/u/DarkOrbit · 2 votes · 3 months ago · Link

I would assume countries where censorship is huge like North Korea, Iran, etc.

The US government themselves can be behind these attacks. TOR poses a thread in their eyes to "national safety" when in reality, it's an index of what they don't want us to see or to be able to find sources to things you could never fathom finding on the clearnet.

/u/akkarin · 1 votes · 3 months ago · Link

my money on iran. massive issues and a general election either just held or due in days.

/u/amaturetester · 1 votes · 3 months ago · Link

guess we have to stay patient until after the mid-terms lol