Tor relays
293
Transparency Report Q2 2024
This is the first quarterly report because we changed from monthly reports to quarterly reports after March 2024.
In the second quarter (Q2) of 2024 we advanced our efforts to increase the Nothing to hide organization’s robustness and resilience. We now have our own autonomous system and IP addresses so our infrastructure is more independant. In Q3 and Q4 we plan to take the new autonomous system with dedicated networking equipment in to production. We also added servers to two new datacenters for additional DNS and Tor infrastructure.
Also the search for the bottlenecks in Tor we experience continued with the help from some wonderful people from the Tor Project. We made some progress by ruling out some possible causes for the bottlenecks and also learned that some assumptions about the Tor network aren’t true (anymore). For now we increased our bandwidth quite a bit by converting some underutilized exit relays to guard relays and we keep on experimenting and researching the performance problems we have with Tor.
Our project where we work on better DNS mitigation for correlation attacks and timeless timing attacks has had a few significant delays. We try to involve as much relevant and smart people as possible, but in turn this also slows things down. We hope to give a bigger update with more content and specifics in Q3 or Q4 at the latest.
The metrics used in this report are rounded extrapolated snapshots of the final day of the quarter, to not give away too much specific information.
1 Requests & orders
As a provider of pass-through anonimity services, Nothing to hide receives messages about network traffic originating from or destined for our networks on a daily basis. While the vast majority of these messages are general notices send by automated systems, some of them contain legitimate complaints, requests and/or (court) orders/subpoenas directed at Nothing to hide.
Below we report on the quarterly amount of these messages we get from judicial authorities (courts, judges, juries), law enforcement agencies (LEA), business entities and natural persons.
| Sender | Complaints | Requests | Orders/subpoenas |
|---|---|---|---|
| Judicial authorities | n/a | 0 | 0 |
| Law enforcement agencies | n/a | 7 | 0 |
| Business entities | 1 | 6 | 0 |
| Natural persons | 0 | 0 | 0 |
2 Service report
2.1 Tor relays
Bandwidth
41.2 Gb/s
Monthly traffic
13.400 TB
Traffic on the Tor network can fluctuate quite a bit and the below metrics are merely snapshots of a day around the end of the quarter.
| Period | # Guard | # Exit | Bandwidth | Daily traffic | Monthly traffic |
|---|---|---|---|---|---|
| November 2022 | 18 | 0 | 5.6 Gb/s | 60 TB | 1.800 TB |
| December 2022 | 34 | 18 | 12.8 Gb/s | 138 TB | 4.150 TB |
| January 2023 | 68 | 18 | 18.5 Gb/s | 200 TB | 6.000 TB |
| February 2023 | 3 | 124 | 22.5 Gb/s | 240 TB | 7.200 TB |
| March 2023 | 6 | 172 | 27.0 Gb/s | 290 TB | 8.700 TB |
| April 2023 | 6 | 172 | 26.0 Gb/s | 281 TB | 8.400 TB |
| May 2023 | 6 | 172 | 26.0 Gb/s | 281 TB | 8.400 TB |
| June 2023 | 6 | 172 | 23.5 Gb/s | 254 TB | 7.600 TB |
| July 2023 | 6 | 288 | 28.5 Gb/s | 308 TB | 9.250 TB |
| August 2023 | 6 | 288 | 32.7 Gb/s | 353 TB | 10.600 TB |
| September 2023 | 6 | 288 | 33.6 Gb/s | 362 TB | 10.850 TB |
| October 2023 | 6 | 288 | 37.7 Gb/s | 407 TB | 12.200 TB |
| November 2023 | 6 | 288 | 35.6 Gb/s | 384 TB | 11.550 TB |
| December 2023 | 6 | 288 | 35.0 Gb/s | 378 TB | 11.350 TB |
| January 2024 | 6 | 288 | 34.2 Gb/s | 369 TB | 11.100 TB |
| February 2024 | 6 | 288 | 35.1 Gb/s | 379 TB | 11.350 TB |
| March 2024 | 6 | 288 | 36.4 Gb/s | 394 TB | 11.800 TB |
| Q2 2024 | 112 | 259 | 41.2 Gb/s | 446 TB | 13.400 TB |
Note that for these statistics both incoming and outgoing traffic are combined (just like Tor network’s metrics).
2.2 Tor DNS requests
Query response
3.300 per second
Daily queries
285 million
Monthly queries
8.5 billion
DNS requests on the Tor network are resolved by the Tor exit relays. This means that high capacity Tor exit relays can generate a lot of DNS queries. These queries are being resolved by multiple high capacity DNS recursors.
| Period | Query rate | Daily queries | Monthly queries |
|---|---|---|---|
| November 2022 | 0 | 0 | 0 |
| December 2022 | 870 | 75.000.000 | 2.300.000.000 |
| January 2023 | 2.100 | 181.000.000 | 5.400.000.000 |
| February 2023 | 3.150 | 272.000.000 | 8.200.000.000 |
| March 2023 | 2.900 | 251.000.000 | 7.500.000.000 |
| April 2023 | 2.300 | 199.000.000 | 6.000.000.000 |
| May 2023 | 2.500 | 216.000.000 | 6.500.000.000 |
| June 2023 | 2.250 | 194.000.000 | 5.800.000.000 |
| July 2023 | 2.650 | 229.000.000 | 6.900.000.000 |
| August 2023 | 2.900 | 250.000.000 | 7.500.000.000 |
| September 2023 | 3.000 | 259.000.000 | 7.800.000.000 |
| October 2023 | 3.400 | 294.000.000 | 8.800.000.000 |
| November 2023 | 3.300 | 285.000.000 | 8.500.000.000 |
| December 2023 | 3.200 | 276.000.000 | 8.300.000.000 |
| January 2024 | 3.100 | 267.000.000 | 8.000.000.000 |
| February 2024 | 3.300 | 285.000.000 | 8.500.000.000 |
| March 2024 | 3.500 | 302.000.000 | 9.000.000.000 |
| Q2 2024 | 3.300 | 285.000.000 | 8.500.000.000 |
Do note that we don’t log the contents of DNS queries.
2.3 Tor diversity
One of our major goals is to break the GNU/Linux monoculture currently present on the Tor network. Monocultures in nature are dangerous, as vulnerabilities are held in common across a broad spectrum. In a globally used anonymity network, monocultures can be disastrous.
We make the Tor network stronger and more resilient by running all our relays on FreeBSD. Here we report on our ongoing effort to increase operating system diversity on the Tor network. If any Tor operator reading this is interested in running Tor relays on BSD, please contact us and we will gladly help out.
| Period | NTH Guard | BSD Guard | GNU Guard | NTH Exit | BSD Exit | GNU Exit |
|---|---|---|---|---|---|---|
| November 2022 | 0.11% | 6.1% | 93.9% | 0.0% | 0.9% | 99.1% |
| December 2022 | 0.12% | 6.2% | 93.8% | 4.46% | 6.0% | 94.0% |
| January 2023 | 1.54% | 7.5% | 92.5% | 11.4% | 16.0% | 84.0% |
| February 2023 | 0.13% | 6.0% | 94.0% | 15.0% | 19.0% | 81.0% |
| March 2023 | 0.14% | 4.9% | 94.7% | 15.5% | 16.0% | 84.0% |
| April 2023 | 0.12% | 4.4% | 95.6% | 12.0% | 13.0% | 87.0% |
| May 2023 | 0.06% | 4.1% | 95.5% | 11.69% | 12.4% | 87.5% |
| June 2023 | 0.08% | 4.2% | 95.4% | 11.62% | 13.2% | 86.7% |
| July 2023 | 0.08% | 4.1% | 95.5% | 18.07 | 19.7% | 80.2% |
| August 2023 | 0.1% | 4% | 95.7% | 16.5 | 17.0% | 82.9% |
| September 2023 | 0.08% | 3.1% | 96.7% | 16.44% | 16.8% | 83.1% |
| October 2023 | 0.18% | 2.9% | 96.7% | 18.02% | 18.2% | 81.5% |
| November 2023 | 0.12% | 2.9% | 96.7% | 17.65% | 18.8% | 80.9% |
| December 2023 | 0.12% | 2.8% | 97.0% | 16.41% | 16.8% | 83.0% |
| January 2024 | 0.21% | 3.3% | 96.3% | 16.24% | 16.7% | 83.3% |
| February 2024 | 0.25% | 3.4% | 96.3% | 16.58% | 16.9% | 83.1% |
| March 2024 | 0.44% | 3.5% | 96.2% | 17.07% | 17.6% | 83.3% |
| Q2 2024 | 1.54% | 3.9% | 95.9% | 12.66 % | 13.00% | 86.9% |
We converted some exit relays to be guard relays and while this increased our overall bandwidth and more than tripled the guard relay share of non-GNU/Linux operating systems, the exit relay share decreased considerably as a result.
2.4 DDoS attacks
Aside from the occasional (big) DDoS attack, it’s relatively quiet in terms of DDoS attacks. The Russian government must be busy with something else.