Paris, one of the administrators of Dread, posted an update on Dread about the ongoing issues involving Dread and the Tor network as a whole. The update is available in the /d/dread subdread (Tor) as well as below:
We are back. It’s been a stressful few days for me and hug. Rolling out new fronts and testing new designs trying to compensate for the weaknesses in the Tor network.
Let’s put it out there. If Dread is down for a lengthened period of time it’s probably because the Tor network itself is going down. Introduction cell attacks are a very nasty protocol based attack which fundamentally breaks the circuit creation process. Effectively maxing out the entire Tor process on the front by creating hundreds of thousands of trash circuits on the Tor network. It uses the same process that regular users use. A full rewrite of this circuit creation process to add in POW is needed to effectively remove this protocol exploit. Until that rewrite happens this can be exploited to the fullest extent.
The only solution an onion service has to keep uptime is to scale out. Which we have done. It’s a literal money pit right now. Conspiracy theory time, these attacks are done by hosting companies to make us buy up their whole server stock. Costly is one word for all of this. The monetary cost is one thing, which we can burden with enough support, however it’s another cost when we scale out. Tor network is starting to break.
MILLIONS of circuits. It wouldn’t be an understatement to say Dread’s front cluster formation is doing a significant amount of the total circuit count on the Tor network. So much so that guard nodes are dying in numbers which are not negligible. This hurts both other onion services, tor users, data throughput, and of course network health.
We will keep scaling out. Until the Tor network crashes. Burning things like the money in the money pit.
One day before Paris’ post on the forum, HugBunter, the creator of Dread, posted an update regarding the current status of the forum and a plan for future stability. As of this post, Dread is online and useable.
The text of the update, posted on Reddit, is below:
We’ve been extremely intermittent the past 24 hours, down more than up. In that time we’ve been non-stop working on configuring new servers to spread out the load, but faced some issues. Once we deploy this next server farm we should gain some good up time. However, once the attack scales there is a very high chance it will crash the whole network, to the point no one can connect to Tor. We’ve already saw instances of affecting other hidden services due to the mass scaling knocking out their guard nodes.
This may seem like an extremely bad outcome, but we can’t just sit back and watch. We’ve been the most resilient service by far over the past 2 years throughout the attacks and faced the worst of it due to this, it has become a challenge for many to take Dread down. This is an incredible fiat and Paris deserves some serious thanks for his contributions, couldn’t have done it without him. I’d also like to thank every market and user that has donated to bank roll server purchases during these attacks, notably White House Market.
So today, this is it. We’re going to rest for some hours now before we burn out and then scale up beyond belief.
The outcomes I see from this are:
Attacker backs off and does not continue to scale the attack with us, Dread uptime returns to normal.
Attacker scales with us and the entire Tor network crashes, undesirable but may have a positive outcome:
Once the network recovers, the attack will have to stop because as soon as Dread is attacked it will reoccur so no one will benefit. This may also speed up the timeline significantly for a fix from Tor Project.
It is unlikely, but could happen.
The negative potential would be either our service’s descriptors are blocked in some way to protect the network meaning the attack won’t harm the network, but Dread will remain offline (We can overcome that by switching to a new v3 address) or all hidden services are disabled until a fix is provided and we’d need to all move to i2p for the time being.
Last time we came this close to crashing the network, we came to a truce with the attacker, this time around the attacker is unknown and they may not be quite aware of what lies ahead. The affects of it can already be felt, Tor is feeling unstable for general use and the Tor metrics graphs are looking very grim.
Either way this will be a rollercoaster and I invite you all on the ride, it’s one for the history books.
Signed Message
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
We've been extremely intermittent the past 24 hours, down
more than up. In that time we've been non-stop working on
configuring new servers to spread out the load, but faced
some issues. Once we deploy this next server farm we should
gain some good up time. However, once the attack scales
there is a very high chance it will crash the whole network,
to the point no one can connect to Tor. We've already saw
instances of affecting other hidden services due to the mass
scaling knocking out their guard nodes.
This may seem like an extremely bad outcome, but we can't
just sit back and watch. We've been the most resilient
service by far over the past 2 years throughout the attacks
and faced the worst of it due to this, it has become a
challenge for many to take Dread down. This is an incredible
fiat and Paris deserves some serious thanks for his
contributions, couldn't have done it without him. I'd also
like to thank every market and user that has donated to bank roll
server purchases during these attacks, notably White House Market.
So today, this is it. We're going to rest for some hours
now before we burn out and then scale up beyond belief.
The outcomes I see from this are:
Attacker backs off and does not continue to scale the attack
with us, Dread uptime returns to normal.
Attacker scales with us and the entire Tor network crashes,
undesirable but may have a positive outcome:
Once the network recovers, the attack will have to stop
because as soon as Dread is attacked it will reoccur so no
one will benefit. This may also speed up the timeline
significantly for a fix from Tor Project.
It is unlikely, but could happen.
The negative potential would be either our service's
descriptors are blocked in some way to protect the
network meaning the attack won't harm the network,
but Dread will remain offline (We can overcome
that by switching to a new v3 address) or all hidden
services are disabled until a fix is provided and we'd
need to all move to i2p for the time being.
Last time we came this close to crashing the network, we came
to a truce with the attacker, this time around the attacker is
unknown and they may not be quite aware of what lies ahead.
The affects of it can already be felt, Tor is feeling unstable
for general use and the Tor metrics graphs are looking very grim.
Either way this will be a rollercoaster and I invite you all on
the ride, it's one for the history books.
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEYTOs4fS4fFHb8/6l6GEFEPmm6SIFAmAim4QACgkQ6GEFEPmm
6SKclg//QGTFaNdrJ+oTLZEmaRmuMYOg3ZfAgX7idQ9o35KEGX/dTs/O74OerkYV
GvGXU/dfo8Ly5efoR41TOBYmNil1v8N7xdCxiCNzTWMqg4/j6iv64R7Q6VdPF5X/
xT4LsoncF2gXGlJgI/V7Tu9vwDGeaPnTBda+qyAtJ1P1onDK91DrldRM9DDh1VRz
QSTRl4PZKJ2PKlwcbCtxrP73Wrd/rblZvQgO2MKwArcb2liG2tzb9DE2e8P3wCyZ
nP0RsglWTM6ueOSyhv9XCWHE4C4xiZkgYXv4NCypgm22YxZtpPe3mav6K60orVbJ
dBWqV/01aP5dwjy2/vT0cH8tY26Np8sXNld9VFOdK/r+F6AXq4QdX8oe5z2ve8sq
7D4asAx8d0/tuq6/yASr7QIlZUBfBfMQqRJCfsMQOow+AkV/OXenqUMmA+CSlNF+
szawWoKks31PFUVHMvJSMrnQpWE33MWJKYTE/wYRVe1oJyJOlnvegMlrieGJWN+R
bPJHk7gkFWCLe0fr/35Fik50e+9C+efa+usZqlCCWzWGaeO0vluM9YlQRy1PaIfY
pVak35PkPYvJUbSVH4pon6I2EXomtHmibUkIfZkbf+Dc0U1wY6EYOz0fR+PPLiao
BwZv03ZdmHWvBHhcavlkBEVdOJNmwRae1hrejPKB8Evp3DQ2a6s=
=6bO1
-----END PGP SIGNATURE-----
